diff --git a/src/codemodder/result.py b/src/codemodder/result.py
index c221fa84..665803ec 100644
--- a/src/codemodder/result.py
+++ b/src/codemodder/result.py
@@ -126,7 +126,9 @@ def from_sarif(
         cls, sarif_result: ResultModel, sarif_run: Run, truncate_rule_id: bool = False
     ) -> Self:
         rule_id = cls.extract_rule_id(sarif_result, sarif_run, truncate_rule_id)
-        finding_id = cls.extract_finding_id(sarif_result) or rule_id
+        finding_id = cls.extract_finding_id(sarif_result)
+        if not finding_id:
+            raise ValueError("Result does not have a finding_id.")
         return cls(
             rule_id=rule_id,
             locations=cls.extract_locations(sarif_result, sarif_run),
diff --git a/src/codemodder/semgrep.py b/src/codemodder/semgrep.py
index fa2792fb..6940ece4 100644
--- a/src/codemodder/semgrep.py
+++ b/src/codemodder/semgrep.py
@@ -1,5 +1,7 @@
 import itertools
+import json
 import subprocess
+import uuid
 from pathlib import Path
 from tempfile import NamedTemporaryFile
 from typing import Iterable, Optional
@@ -90,7 +92,9 @@ def run(
     if not yaml_files:
         raise ValueError("No Semgrep rules were provided")
 
-    with NamedTemporaryFile(prefix="semgrep", suffix=".sarif") as temp_sarif_file:
+    with NamedTemporaryFile(
+        prefix="semgrep", suffix=".sarif", mode="w+"
+    ) as temp_sarif_file:
         command = [
             "semgrep",
             "scan",
@@ -114,6 +118,17 @@ def run(
             stdout=None if execution_context.verbose else subprocess.PIPE,
             stderr=None if execution_context.verbose else subprocess.PIPE,
         )
+        # Insert guid in results
+        temp_sarif_file.seek(0)
+        sarif = Sarif.model_validate(json.load(temp_sarif_file))
+        for run in sarif.runs:
+            for result in run.results or []:
+                if not result.guid:
+                    result.guid = uuid.uuid4()
+        temp_sarif_file.seek(0)
+        temp_sarif_file.write(sarif.model_dump_json(exclude_none=True, by_alias=True))
+        temp_sarif_file.seek(0)
+
         if call.returncode != 0:
             if not execution_context.verbose:
                 logger.error("captured semgrep stderr: %s", call.stderr)
diff --git a/tests/codemods/semgrep/test_semgrep_django_secure_set_cookie.py b/tests/codemods/semgrep/test_semgrep_django_secure_set_cookie.py
index 7b8fe16a..5896729a 100644
--- a/tests/codemods/semgrep/test_semgrep_django_secure_set_cookie.py
+++ b/tests/codemods/semgrep/test_semgrep_django_secure_set_cookie.py
@@ -41,6 +41,7 @@ def index(request, template):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "ecf8007d-0eac-4151-92c7-c5dc8290f28e",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
diff --git a/tests/codemods/semgrep/test_semgrep_enable_jinja2_autoescape.py b/tests/codemods/semgrep/test_semgrep_enable_jinja2_autoescape.py
index 79b95164..d52bcb1e 100644
--- a/tests/codemods/semgrep/test_semgrep_enable_jinja2_autoescape.py
+++ b/tests/codemods/semgrep/test_semgrep_enable_jinja2_autoescape.py
@@ -30,6 +30,7 @@ def test_import(self, tmpdir):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "282ad4eb-3b68-4ee4-b8ff-f779ea14b589",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
diff --git a/tests/codemods/semgrep/test_semgrep_harden_pyyaml.py b/tests/codemods/semgrep/test_semgrep_harden_pyyaml.py
index e0d6fae2..162943c9 100644
--- a/tests/codemods/semgrep/test_semgrep_harden_pyyaml.py
+++ b/tests/codemods/semgrep/test_semgrep_harden_pyyaml.py
@@ -29,6 +29,7 @@ def test_pyyaml(self, tmpdir):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "df15a793-eea0-4fee-a65d-8923ca058265",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
@@ -88,6 +89,7 @@ def index(request):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "2291849a-3e04-4969-94b8-87a21e818889",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
diff --git a/tests/codemods/semgrep/test_semgrep_jwt_decode_verify.py b/tests/codemods/semgrep/test_semgrep_jwt_decode_verify.py
index 8a560ed6..97c1b8c0 100644
--- a/tests/codemods/semgrep/test_semgrep_jwt_decode_verify.py
+++ b/tests/codemods/semgrep/test_semgrep_jwt_decode_verify.py
@@ -28,6 +28,7 @@ def test_import(self, tmpdir):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "3efd541b-4c31-4e7e-89f2-7fe0d7ebd468",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
diff --git a/tests/codemods/semgrep/test_semgrep_nan_injection.py b/tests/codemods/semgrep/test_semgrep_nan_injection.py
index 1ab02f28..24225fa9 100644
--- a/tests/codemods/semgrep/test_semgrep_nan_injection.py
+++ b/tests/codemods/semgrep/test_semgrep_nan_injection.py
@@ -41,6 +41,7 @@ def home(request):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "b796b74b-275c-4785-b341-76170b43f6d4",
                             "fingerprints": {"matchBasedId/v1": "1932"},
                             "locations": [
                                 {
@@ -178,6 +179,7 @@ def view(request):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "6470e0a8-2eeb-4268-8677-f96161207b40",
                             "fingerprints": {"matchBasedId/v1": "1fdbd5a"},
                             "locations": [
                                 {
@@ -204,6 +206,7 @@ def view(request):
                             "ruleId": "python.django.security.nan-injection.nan-injection",
                         },
                         {
+                            "guid": "b3056d9a-1618-40be-bf5e-989278305cf0",
                             "fingerprints": {"matchBasedId/v1": "1fdbd5a"},
                             "locations": [
                                 {
@@ -230,6 +233,7 @@ def view(request):
                             "ruleId": "python.django.security.nan-injection.nan-injection",
                         },
                         {
+                            "guid": "3356587c-dd3a-49e1-baee-0aafc0a91511",
                             "fingerprints": {"matchBasedId/v1": "1fdbd5a"},
                             "locations": [
                                 {
@@ -256,6 +260,7 @@ def view(request):
                             "ruleId": "python.django.security.nan-injection.nan-injection",
                         },
                         {
+                            "guid": "626d3911-ed0b-414d-a2c9-af2245b0baee",
                             "fingerprints": {"matchBasedId/v1": "1fdbd5a"},
                             "locations": [
                                 {
@@ -315,6 +320,7 @@ def view(request):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "60e089cd-472e-489e-a264-cfc6e33e651a",
                             "fingerprints": {"matchBasedId/v1": "asdfg"},
                             "locations": [
                                 {
@@ -373,6 +379,7 @@ def view(request):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "014e3945-144d-4c28-960b-4dd09f2a2b8f",
                             "fingerprints": {"matchBasedId/v1": "q324"},
                             "locations": [
                                 {
@@ -429,6 +436,7 @@ def view(request):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "d0540cd9-b999-4756-8392-ca2702e94438",
                             "fingerprints": {"matchBasedId/v1": "asdtg"},
                             "locations": [
                                 {
@@ -487,6 +495,7 @@ def view(request):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "33ffdd04-0f27-475c-8c11-2405e9b77526",
                             "fingerprints": {"matchBasedId/v1": "asd2"},
                             "locations": [
                                 {
diff --git a/tests/codemods/semgrep/test_semgrep_no_csrf_exempt.py b/tests/codemods/semgrep/test_semgrep_no_csrf_exempt.py
index 26684eac..f6dc9390 100644
--- a/tests/codemods/semgrep/test_semgrep_no_csrf_exempt.py
+++ b/tests/codemods/semgrep/test_semgrep_no_csrf_exempt.py
@@ -79,6 +79,7 @@ def foo():
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "8a8007b3-404d-4107-9e0d-4bb11536b78c",
                             "fingerprints": {"matchBasedId/v1": "a3ca2"},
                             "locations": [
                                 {
@@ -105,6 +106,7 @@ def foo():
                             "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
                         },
                         {
+                            "guid": "71260758-6dee-4c96-a4e3-22b143b2633e",
                             "fingerprints": {"matchBasedId/v1": "1cc62"},
                             "locations": [
                                 {
diff --git a/tests/codemods/semgrep/test_semgrep_rsa_key_size.py b/tests/codemods/semgrep/test_semgrep_rsa_key_size.py
index 28773fdc..8a38fd04 100644
--- a/tests/codemods/semgrep/test_semgrep_rsa_key_size.py
+++ b/tests/codemods/semgrep/test_semgrep_rsa_key_size.py
@@ -18,6 +18,7 @@ def _run_and_assert_with_results(self, tmpdir, input_code, expected_output):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "55b6e8fa-8e41-4470-b887-05c02a5e1196",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
diff --git a/tests/codemods/semgrep/test_semgrep_sql_parametrization.py b/tests/codemods/semgrep/test_semgrep_sql_parametrization.py
index d4520953..5595e45d 100644
--- a/tests/codemods/semgrep/test_semgrep_sql_parametrization.py
+++ b/tests/codemods/semgrep/test_semgrep_sql_parametrization.py
@@ -83,6 +83,7 @@ def f():
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "2273caac-50fa-409d-97e8-a39219eb9afe",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
@@ -110,6 +111,7 @@ def f():
                             "ruleId": "python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute",
                         },
                         {
+                            "guid": "8e8fed36-7e72-4b1f-ad49-2e1a50587595",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
@@ -137,6 +139,7 @@ def f():
                             "ruleId": "python.lang.security.audit.formatted-sql-query.formatted-sql-query",
                         },
                         {
+                            "guid": "300df87d-e713-4cd4-a245-d64f25be03de",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
@@ -164,6 +167,7 @@ def f():
                             "ruleId": "python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query",
                         },
                         {
+                            "guid": "24695222-6db9-4e12-8555-c5e74eb7fe0f",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
@@ -191,6 +195,7 @@ def f():
                             "ruleId": "python.django.security.injection.tainted-sql-string.tainted-sql-string",
                         },
                         {
+                            "guid": "c8355088-665d-4fe1-8790-725964ba0769",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
diff --git a/tests/codemods/semgrep/test_semgrep_subprocess_shell_false.py b/tests/codemods/semgrep/test_semgrep_subprocess_shell_false.py
index 3dff942e..ea92764d 100644
--- a/tests/codemods/semgrep/test_semgrep_subprocess_shell_false.py
+++ b/tests/codemods/semgrep/test_semgrep_subprocess_shell_false.py
@@ -29,6 +29,7 @@ def test_import(self, tmpdir):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "84d249d9-2a25-4279-a5af-2a7739a06de6",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
diff --git a/tests/codemods/semgrep/test_semgrep_url_sandbox.py b/tests/codemods/semgrep/test_semgrep_url_sandbox.py
index 31a02668..ca0748dc 100644
--- a/tests/codemods/semgrep/test_semgrep_url_sandbox.py
+++ b/tests/codemods/semgrep/test_semgrep_url_sandbox.py
@@ -44,6 +44,7 @@ def example():
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "9cbf64ee-ea3d-418f-bdf8-97ec7a2d3418",
                             "fingerprints": {"matchBasedId/v1": "370059975f"},
                             "locations": [
                                 {
@@ -71,6 +72,7 @@ def example():
                             "ruleId": "python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests",
                         },
                         {
+                            "guid": "ba4cedcd-88fd-468b-be73-7df829d11802",
                             "fingerprints": {"matchBasedId/v1": "cd899"},
                             "locations": [
                                 {
diff --git a/tests/codemods/semgrep/test_semgrep_use_defused_xml.py b/tests/codemods/semgrep/test_semgrep_use_defused_xml.py
index 49f3d2d5..e0309726 100644
--- a/tests/codemods/semgrep/test_semgrep_use_defused_xml.py
+++ b/tests/codemods/semgrep/test_semgrep_use_defused_xml.py
@@ -34,6 +34,7 @@ def test_etree_parse(self, add_dependency, tmpdir):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "e76d2149-3b55-4292-a4c6-49f67dc73f97",
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
                                 {
diff --git a/tests/samples/codeql/python/vulnerable-code-snippets.json b/tests/samples/codeql/python/vulnerable-code-snippets.json
index 8f892602..c76cd7ac 100644
--- a/tests/samples/codeql/python/vulnerable-code-snippets.json
+++ b/tests/samples/codeql/python/vulnerable-code-snippets.json
@@ -1 +1,3359 @@
-{"runs":[{"artifacts":[{"location":{"index":0,"uri":"Unsafe Deserialization/pickle2.py"}},{"location":{"index":1,"uri":"Command Injection/tainted.py"}},{"location":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"}},{"location":{"index":3,"uri":"Path Traversal/py_ctf.py"}}],"automationDetails":{"id":"/language:python/"},"conversion":{"tool":{"driver":{"name":"GitHub Code Scanning"}}},"properties":{"codeqlConfigSummary":{}},"results":[{"codeFlows":[{"threadFlows":[{"locations":[{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":0,"uri":"Unsafe Deserialization/pickle2.py"},"region":{"endColumn":44,"endLine":41,"startColumn":18,"startLine":40}}}},{"location":{"message":{"text":"ControlFlowNode for secret"},"physicalLocation":{"artifactLocation":{"index":0,"uri":"Unsafe Deserialization/pickle2.py"},"region":{"endColumn":15,"endLine":40,"startColumn":9,"startLine":40}}}},{"location":{"message":{"text":"ControlFlowNode for secret"},"physicalLocation":{"artifactLocation":{"index":0,"uri":"Unsafe Deserialization/pickle2.py"},"region":{"endColumn":23,"endLine":42,"startColumn":17,"startLine":42}}}}]}]}],"correlationGuid":"3db4f2bd-6682-4bba-a7d4-5f5d76b6e190","level":"error","locations":[{"physicalLocation":{"artifactLocation":{"index":0,"uri":"Unsafe Deserialization/pickle2.py"},"region":{"endColumn":23,"endLine":42,"startColumn":17,"startLine":42}}}],"message":{"text":"This expression stores [sensitive data (secret)](1) as clear text."},"partialFingerprints":{"primaryLocationLineHash":"7831bb4e0b589e7f:1"},"properties":{"github/alertNumber":2,"github/alertUrl":"https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/2"},"relatedLocations":[{"id":1,"message":{"text":"sensitive data (secret)"},"physicalLocation":{"artifactLocation":{"index":0,"uri":"Unsafe Deserialization/pickle2.py"},"region":{"endColumn":44,"endLine":41,"startColumn":18,"startLine":40}}}],"rule":{"id":"py/clear-text-storage-sensitive-data","toolComponent":{"index":0},"index":3},"ruleId":"py/clear-text-storage-sensitive-data"},{"correlationGuid":"119ca813-b276-44bb-809c-be478bc6c216","level":"error","locations":[{"physicalLocation":{"artifactLocation":{"index":1,"uri":"Command Injection/tainted.py"},"region":{"endColumn":21,"endLine":14,"startColumn":2,"startLine":14}}}],"message":{"text":"A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger."},"partialFingerprints":{"primaryLocationLineHash":"592eb5113a7053ce:1"},"properties":{"github/alertNumber":3,"github/alertUrl":"https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/3"},"rule":{"id":"py/flask-debug","toolComponent":{"index":0},"index":8},"ruleId":"py/flask-debug"},{"codeFlows":[{"threadFlows":[{"locations":[{"location":{"message":{"text":"ControlFlowNode for ImportMember"},"physicalLocation":{"artifactLocation":{"index":1,"uri":"Command Injection/tainted.py"},"region":{"endColumn":33,"endLine":2,"startColumn":26,"startLine":2}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":1,"uri":"Command Injection/tainted.py"},"region":{"endColumn":33,"endLine":2,"startColumn":26,"startLine":2}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":1,"uri":"Command Injection/tainted.py"},"region":{"endColumn":22,"endLine":9,"startColumn":15,"startLine":9}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute"},"physicalLocation":{"artifactLocation":{"index":1,"uri":"Command Injection/tainted.py"},"region":{"endColumn":34,"endLine":9,"startColumn":15,"startLine":9}}}}]}]}],"correlationGuid":"956d88c6-70d3-4f7f-9fd1-00ce1c6059e0","level":"error","locations":[{"physicalLocation":{"artifactLocation":{"index":1,"uri":"Command Injection/tainted.py"},"region":{"endColumn":34,"endLine":9,"startColumn":15,"startLine":9}}}],"message":{"text":"This command line depends on a [user-provided value](1)."},"partialFingerprints":{"primaryLocationLineHash":"d2d7cb64d3a56d5c:1"},"properties":{"github/alertNumber":4,"github/alertUrl":"https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/4"},"relatedLocations":[{"id":1,"message":{"text":"user-provided value"},"physicalLocation":{"artifactLocation":{"index":0,"uri":"Command Injection/tainted.py"},"region":{"endColumn":33,"endLine":2,"startColumn":26,"startLine":2}}}],"rule":{"id":"py/command-line-injection","toolComponent":{"index":0},"index":5},"ruleId":"py/command-line-injection"},{"codeFlows":[{"threadFlows":[{"locations":[{"location":{"message":{"text":"ControlFlowNode for ImportMember"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":15,"endLine":26,"startColumn":8,"startLine":26}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":25,"endLine":29,"startColumn":13,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":38,"endLine":29,"startColumn":13,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for golem"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":10,"endLine":29,"startColumn":5,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for golem"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":33,"endLine":36,"startColumn":28,"startLine":36}}}},{"location":{"message":{"text":"[post] ControlFlowNode for session [Dictionary element at key golem]"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":16,"endLine":36,"startColumn":9,"startLine":36}}}},{"location":{"message":{"text":"ControlFlowNode for session [Dictionary element at key golem]"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":16,"endLine":50,"startColumn":9,"startLine":50}}}},{"location":{"message":{"text":"ControlFlowNode for Subscript"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":25,"endLine":50,"startColumn":9,"startLine":50}}}},{"location":{"message":{"text":"ControlFlowNode for template"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":17,"endLine":41,"startColumn":9,"startLine":41}}}},{"location":{"message":{"text":"ControlFlowNode for template"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":43,"endLine":56,"startColumn":35,"startLine":56}}}},{"location":{"message":{"text":"ControlFlowNode for render_template_string()"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":44,"endLine":56,"startColumn":12,"startLine":56}}}}]}]},{"threadFlows":[{"locations":[{"location":{"message":{"text":"ControlFlowNode for ImportMember"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":20,"endLine":29,"startColumn":13,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":25,"endLine":29,"startColumn":13,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":38,"endLine":29,"startColumn":13,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for golem"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":10,"endLine":29,"startColumn":5,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for golem"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":14,"endLine":32,"startColumn":9,"startLine":32}}}},{"location":{"message":{"text":"ControlFlowNode for golem"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":33,"endLine":36,"startColumn":28,"startLine":36}}}},{"location":{"message":{"text":"[post] ControlFlowNode for session [Dictionary element at key golem]"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":16,"endLine":36,"startColumn":9,"startLine":36}}}},{"location":{"message":{"text":"ControlFlowNode for session [Dictionary element at key golem]"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":16,"endLine":50,"startColumn":9,"startLine":50}}}},{"location":{"message":{"text":"ControlFlowNode for Subscript"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":25,"endLine":50,"startColumn":9,"startLine":50}}}},{"location":{"message":{"text":"ControlFlowNode for template"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":17,"endLine":41,"startColumn":9,"startLine":41}}}},{"location":{"message":{"text":"ControlFlowNode for template"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":43,"endLine":56,"startColumn":35,"startLine":56}}}},{"location":{"message":{"text":"ControlFlowNode for render_template_string()"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":44,"endLine":56,"startColumn":12,"startLine":56}}}}]}]}],"correlationGuid":"5b4f3e50-2b30-4a70-ac57-fa37359f9443","level":"error","locations":[{"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":44,"endLine":56,"startColumn":12,"startLine":56}}}],"message":{"text":"Cross-site scripting vulnerability due to a [user-provided value](1)."},"partialFingerprints":{"primaryLocationLineHash":"f207ef544f2b3e05:1"},"properties":{"github/alertNumber":5,"github/alertUrl":"https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/5"},"relatedLocations":[{"id":1,"message":{"text":"user-provided value"},"physicalLocation":{"artifactLocation":{"index":0,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}],"rule":{"id":"py/reflective-xss","toolComponent":{"index":0},"index":25},"ruleId":"py/reflective-xss"},{"codeFlows":[{"threadFlows":[{"locations":[{"location":{"message":{"text":"ControlFlowNode for ImportMember"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":15,"endLine":26,"startColumn":8,"startLine":26}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":25,"endLine":29,"startColumn":13,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":38,"endLine":29,"startColumn":13,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for golem"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":10,"endLine":29,"startColumn":5,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for golem"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":33,"endLine":36,"startColumn":28,"startLine":36}}}},{"location":{"message":{"text":"[post] ControlFlowNode for session [Dictionary element at key golem]"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":16,"endLine":36,"startColumn":9,"startLine":36}}}},{"location":{"message":{"text":"ControlFlowNode for session [Dictionary element at key golem]"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":16,"endLine":50,"startColumn":9,"startLine":50}}}},{"location":{"message":{"text":"ControlFlowNode for Subscript"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":25,"endLine":50,"startColumn":9,"startLine":50}}}},{"location":{"message":{"text":"ControlFlowNode for template"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":17,"endLine":41,"startColumn":9,"startLine":41}}}},{"location":{"message":{"text":"ControlFlowNode for template"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":43,"endLine":56,"startColumn":35,"startLine":56}}}},{"location":{"message":{"text":"ControlFlowNode for render_template_string()"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":44,"endLine":56,"startColumn":12,"startLine":56}}}}]}]},{"threadFlows":[{"locations":[{"location":{"message":{"text":"ControlFlowNode for ImportMember"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":20,"endLine":29,"startColumn":13,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":25,"endLine":29,"startColumn":13,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":38,"endLine":29,"startColumn":13,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for golem"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":10,"endLine":29,"startColumn":5,"startLine":29}}}},{"location":{"message":{"text":"ControlFlowNode for golem"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":14,"endLine":32,"startColumn":9,"startLine":32}}}},{"location":{"message":{"text":"ControlFlowNode for golem"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":33,"endLine":36,"startColumn":28,"startLine":36}}}},{"location":{"message":{"text":"[post] ControlFlowNode for session [Dictionary element at key golem]"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":16,"endLine":36,"startColumn":9,"startLine":36}}}},{"location":{"message":{"text":"ControlFlowNode for session [Dictionary element at key golem]"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":16,"endLine":50,"startColumn":9,"startLine":50}}}},{"location":{"message":{"text":"ControlFlowNode for Subscript"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":25,"endLine":50,"startColumn":9,"startLine":50}}}},{"location":{"message":{"text":"ControlFlowNode for template"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":17,"endLine":41,"startColumn":9,"startLine":41}}}},{"location":{"message":{"text":"ControlFlowNode for template"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":43,"endLine":56,"startColumn":35,"startLine":56}}}},{"location":{"message":{"text":"ControlFlowNode for render_template_string()"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":44,"endLine":56,"startColumn":12,"startLine":56}}}}]}]}],"correlationGuid":"4368aec2-0d5c-451e-a914-42cf18ca62fd","level":"error","locations":[{"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":44,"endLine":56,"startColumn":12,"startLine":56}}}],"message":{"text":"Cross-site scripting vulnerability due to a [user-provided value](1)."},"partialFingerprints":{"primaryLocationLineHash":"f207ef544f2b3e05:1"},"properties":{"github/alertNumber":6,"github/alertUrl":"https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/6"},"relatedLocations":[{"id":1,"message":{"text":"user-provided value"},"physicalLocation":{"artifactLocation":{"index":0,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}],"rule":{"id":"py/reflective-xss","toolComponent":{"index":0},"index":25},"ruleId":"py/reflective-xss"},{"codeFlows":[{"threadFlows":[{"locations":[{"location":{"message":{"text":"ControlFlowNode for ImportMember"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":25,"endLine":69,"startColumn":18,"startLine":69}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":28,"endLine":70,"startColumn":16,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":40,"endLine":70,"startColumn":16,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for page"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":13,"endLine":70,"startColumn":9,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":63,"endLine":78,"startColumn":25,"startLine":78}}}}]}]},{"threadFlows":[{"locations":[{"location":{"message":{"text":"ControlFlowNode for ImportMember"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":23,"endLine":70,"startColumn":16,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":28,"endLine":70,"startColumn":16,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":40,"endLine":70,"startColumn":16,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for page"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":13,"endLine":70,"startColumn":9,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":63,"endLine":78,"startColumn":25,"startLine":78}}}}]}]}],"correlationGuid":"4586f203-2a1f-4567-b472-cf139c3171f7","level":"error","locations":[{"physicalLocation":{"artifactLocation":{"index":2,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":63,"endLine":78,"startColumn":25,"startLine":78}}}],"message":{"text":"This path depends on a [user-provided value](1)."},"partialFingerprints":{"primaryLocationLineHash":"49ce9f5ebea5b775:1"},"properties":{"github/alertNumber":7,"github/alertUrl":"https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/7"},"relatedLocations":[{"id":1,"message":{"text":"user-provided value"},"physicalLocation":{"artifactLocation":{"index":0,"uri":"Server Side Template Injection/asis_ssti_pt.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}],"rule":{"id":"py/path-injection","toolComponent":{"index":0},"index":22},"ruleId":"py/path-injection"},{"codeFlows":[{"threadFlows":[{"locations":[{"location":{"message":{"text":"ControlFlowNode for ImportMember"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":25,"endLine":69,"startColumn":18,"startLine":69}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":28,"endLine":70,"startColumn":16,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":40,"endLine":70,"startColumn":16,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for page"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":13,"endLine":70,"startColumn":9,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":63,"endLine":78,"startColumn":25,"startLine":78}}}}]}]},{"threadFlows":[{"locations":[{"location":{"message":{"text":"ControlFlowNode for ImportMember"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}},{"location":{"message":{"text":"ControlFlowNode for request"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":23,"endLine":70,"startColumn":16,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":28,"endLine":70,"startColumn":16,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":40,"endLine":70,"startColumn":16,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for page"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":13,"endLine":70,"startColumn":9,"startLine":70}}}},{"location":{"message":{"text":"ControlFlowNode for Attribute()"},"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":63,"endLine":78,"startColumn":25,"startLine":78}}}}]}]}],"correlationGuid":"13ee947d-8cdc-465b-8edc-b62046310cdd","level":"error","locations":[{"physicalLocation":{"artifactLocation":{"index":3,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":63,"endLine":78,"startColumn":25,"startLine":78}}}],"message":{"text":"This path depends on a [user-provided value](1)."},"partialFingerprints":{"primaryLocationLineHash":"49ce9f5ebea5b775:1"},"properties":{"github/alertNumber":8,"github/alertUrl":"https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/8"},"relatedLocations":[{"id":1,"message":{"text":"user-provided value"},"physicalLocation":{"artifactLocation":{"index":0,"uri":"Path Traversal/py_ctf.py"},"region":{"endColumn":12,"endLine":6,"startColumn":5,"startLine":6}}}],"rule":{"id":"py/path-injection","toolComponent":{"index":0},"index":22},"ruleId":"py/path-injection"}],"tool":{"driver":{"name":"CodeQL","semanticVersion":"2.19.3"},"extensions":[{"name":"codeql/python-queries","rules":[{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Matching HTML tags using regular expressions is hard to do right, and can easily lead to security issues."},"help":{"markdown":"# Bad HTML filtering regexp\nIt is possible to match some single HTML tags using regular expressions (parsing general HTML using regular expressions is impossible). However, if the regular expression is not written well it might be possible to circumvent it, which can lead to cross-site scripting or other security issues.\n\nSome of these mistakes are caused by browsers having very forgiving HTML parsers, and will often render invalid HTML containing syntax errors. Regular expressions that attempt to match HTML should also recognize tags containing such syntax errors.\n\n\n## Recommendation\nUse a well-tested sanitization or parser library if at all possible. These libraries are much more likely to handle corner cases correctly than a custom implementation.\n\n\n## Example\nThe following example attempts to filters out all `\u003cscript\u003e` tags.\n\n\n```python\nimport re\n\ndef filterScriptTags(content): \n    oldContent = \"\"\n    while oldContent != content:\n        oldContent = content\n        content = re.sub(r'\u003cscript.*?\u003e.*?\u003c/script\u003e', '', content, flags= re.DOTALL | re.IGNORECASE)\n    return content\n```\nThe above sanitizer does not filter out all `\u003cscript\u003e` tags. Browsers will not only accept `\u003c/script\u003e` as script end tags, but also tags such as `\u003c/script foo=\"bar\"\u003e` even though it is a parser error. This means that an attack string such as `\u003cscript\u003ealert(1)\u003c/script foo=\"bar\"\u003e` will not be filtered by the function, and `alert(1)` will be executed by a browser if the string is rendered as HTML.\n\nOther corner cases include that HTML comments can end with `--!\u003e`, and that HTML tag names can contain upper case characters.\n\n\n## References\n* Securitum: [The Curious Case of Copy \u0026amp; Paste](https://research.securitum.com/the-curious-case-of-copy-paste/).\n* stackoverflow.com: [You can't parse \\[X\\]HTML with regex](https://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags#answer-1732454).\n* HTML Standard: [Comment end bang state](https://html.spec.whatwg.org/multipage/parsing.html#comment-end-bang-state).\n* stackoverflow.com: [Why aren't browsers strict about HTML?](https://stackoverflow.com/questions/25559999/why-arent-browsers-strict-about-html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n* Common Weakness Enumeration: [CWE-185](https://cwe.mitre.org/data/definitions/185.html).\n* Common Weakness Enumeration: [CWE-186](https://cwe.mitre.org/data/definitions/186.html).\n","text":"# Bad HTML filtering regexp\nIt is possible to match some single HTML tags using regular expressions (parsing general HTML using regular expressions is impossible). However, if the regular expression is not written well it might be possible to circumvent it, which can lead to cross-site scripting or other security issues.\n\nSome of these mistakes are caused by browsers having very forgiving HTML parsers, and will often render invalid HTML containing syntax errors. Regular expressions that attempt to match HTML should also recognize tags containing such syntax errors.\n\n\n## Recommendation\nUse a well-tested sanitization or parser library if at all possible. These libraries are much more likely to handle corner cases correctly than a custom implementation.\n\n\n## Example\nThe following example attempts to filters out all `\u003cscript\u003e` tags.\n\n\n```python\nimport re\n\ndef filterScriptTags(content): \n    oldContent = \"\"\n    while oldContent != content:\n        oldContent = content\n        content = re.sub(r'\u003cscript.*?\u003e.*?\u003c/script\u003e', '', content, flags= re.DOTALL | re.IGNORECASE)\n    return content\n```\nThe above sanitizer does not filter out all `\u003cscript\u003e` tags. Browsers will not only accept `\u003c/script\u003e` as script end tags, but also tags such as `\u003c/script foo=\"bar\"\u003e` even though it is a parser error. This means that an attack string such as `\u003cscript\u003ealert(1)\u003c/script foo=\"bar\"\u003e` will not be filtered by the function, and `alert(1)` will be executed by a browser if the string is rendered as HTML.\n\nOther corner cases include that HTML comments can end with `--!\u003e`, and that HTML tag names can contain upper case characters.\n\n\n## References\n* Securitum: [The Curious Case of Copy \u0026amp; Paste](https://research.securitum.com/the-curious-case-of-copy-paste/).\n* stackoverflow.com: [You can't parse \\[X\\]HTML with regex](https://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags#answer-1732454).\n* HTML Standard: [Comment end bang state](https://html.spec.whatwg.org/multipage/parsing.html#comment-end-bang-state).\n* stackoverflow.com: [Why aren't browsers strict about HTML?](https://stackoverflow.com/questions/25559999/why-arent-browsers-strict-about-html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n* Common Weakness Enumeration: [CWE-185](https://cwe.mitre.org/data/definitions/185.html).\n* Common Weakness Enumeration: [CWE-186](https://cwe.mitre.org/data/definitions/186.html).\n"},"id":"py/bad-tag-filter","name":"py/bad-tag-filter","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-116/BadTagFilter.ql","security-severity":"7.8","tags":["correctness","external/cwe/cwe-020","external/cwe/cwe-116","external/cwe/cwe-185","external/cwe/cwe-186","security"]},"shortDescription":{"text":"Bad HTML filtering regexp"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Binding a socket to all interfaces opens it up to traffic from any IPv4 address and is therefore associated with security risks."},"help":{"markdown":"# Binding a socket to all network interfaces\nSockets can be used to communicate with other machines on a network. You can use the (IP address, port) pair to define the access restrictions for the socket you create. When using the built-in Python `socket` module (for instance, when building a message sender service or an FTP server data transmitter), one has to bind the port to some interface. When you bind the port to all interfaces using `0.0.0.0` as the IP address, you essentially allow it to accept connections from any IPv4 address provided that it can get to the socket via routing. Binding to all interfaces is therefore associated with security risks.\n\n\n## Recommendation\nBind your service incoming traffic only to a dedicated interface. If you need to bind more than one interface using the built-in `socket` module, create multiple sockets (instead of binding to one socket to all interfaces).\n\n\n## Example\nIn this example, two sockets are insecure because they are bound to all interfaces; one through the `0.0.0.0` notation and another one through an empty string `''`.\n\n\n```python\nimport socket\n\n# binds to all interfaces, insecure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('0.0.0.0', 31137))\n\n# binds to all interfaces, insecure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('', 4040))\n\n# binds only to a dedicated interface, secure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('84.68.10.12', 8080))\n\n```\n\n## References\n* Python reference: [ Socket families](https://docs.python.org/3/library/socket.html#socket-families).\n* Python reference: [ Socket Programming HOWTO](https://docs.python.org/3.7/howto/sockets.html).\n* Common Vulnerabilities and Exposures: [ CVE-2018-1281 Detail](https://nvd.nist.gov/vuln/detail/CVE-2018-1281).\n* Common Weakness Enumeration: [CWE-200](https://cwe.mitre.org/data/definitions/200.html).\n","text":"# Binding a socket to all network interfaces\nSockets can be used to communicate with other machines on a network. You can use the (IP address, port) pair to define the access restrictions for the socket you create. When using the built-in Python `socket` module (for instance, when building a message sender service or an FTP server data transmitter), one has to bind the port to some interface. When you bind the port to all interfaces using `0.0.0.0` as the IP address, you essentially allow it to accept connections from any IPv4 address provided that it can get to the socket via routing. Binding to all interfaces is therefore associated with security risks.\n\n\n## Recommendation\nBind your service incoming traffic only to a dedicated interface. If you need to bind more than one interface using the built-in `socket` module, create multiple sockets (instead of binding to one socket to all interfaces).\n\n\n## Example\nIn this example, two sockets are insecure because they are bound to all interfaces; one through the `0.0.0.0` notation and another one through an empty string `''`.\n\n\n```python\nimport socket\n\n# binds to all interfaces, insecure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('0.0.0.0', 31137))\n\n# binds to all interfaces, insecure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('', 4040))\n\n# binds only to a dedicated interface, secure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('84.68.10.12', 8080))\n\n```\n\n## References\n* Python reference: [ Socket families](https://docs.python.org/3/library/socket.html#socket-families).\n* Python reference: [ Socket Programming HOWTO](https://docs.python.org/3.7/howto/sockets.html).\n* Common Vulnerabilities and Exposures: [ CVE-2018-1281 Detail](https://nvd.nist.gov/vuln/detail/CVE-2018-1281).\n* Common Weakness Enumeration: [CWE-200](https://cwe.mitre.org/data/definitions/200.html).\n"},"id":"py/bind-socket-all-network-interfaces","name":"py/bind-socket-all-network-interfaces","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CVE-2018-1281/BindToAllInterfaces.ql","security-severity":"6.5","tags":["external/cwe/cwe-200","security"]},"shortDescription":{"text":"Binding a socket to all network interfaces"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Logging sensitive information without encryption or hashing can expose it to an attacker."},"help":{"markdown":"# Clear-text logging of sensitive information\nIf sensitive data is written to a log entry it could be exposed to an attacker who gains access to the logs.\n\nPotential attackers can obtain sensitive user data when the log output is displayed. Additionally that data may expose system information such as full path names, system information, and sometimes usernames and passwords.\n\n\n## Recommendation\nSensitive data should not be logged.\n\n\n## Example\nIn the example the entire process environment is logged using \\`print\\`. Regular users of the production deployed application should not have access to this much information about the environment configuration.\n\n\n```python\n# BAD: Logging cleartext sensitive data\nimport os\nprint(f\"[INFO] Environment: {os.environ}\")\n```\nIn the second example the data that is logged is not sensitive.\n\n\n```python\nnot_sensitive_data = {'a': 1, 'b': 2}\n# GOOD: it is fine to log data that is not sensitive\nprint(f\"[INFO] Some object contains: {not_sensitive_data}\")\n```\n\n## References\n* OWASP: [Insertion of Sensitive Information into Log File](https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/).\n* Common Weakness Enumeration: [CWE-312](https://cwe.mitre.org/data/definitions/312.html).\n* Common Weakness Enumeration: [CWE-359](https://cwe.mitre.org/data/definitions/359.html).\n* Common Weakness Enumeration: [CWE-532](https://cwe.mitre.org/data/definitions/532.html).\n","text":"# Clear-text logging of sensitive information\nIf sensitive data is written to a log entry it could be exposed to an attacker who gains access to the logs.\n\nPotential attackers can obtain sensitive user data when the log output is displayed. Additionally that data may expose system information such as full path names, system information, and sometimes usernames and passwords.\n\n\n## Recommendation\nSensitive data should not be logged.\n\n\n## Example\nIn the example the entire process environment is logged using \\`print\\`. Regular users of the production deployed application should not have access to this much information about the environment configuration.\n\n\n```python\n# BAD: Logging cleartext sensitive data\nimport os\nprint(f\"[INFO] Environment: {os.environ}\")\n```\nIn the second example the data that is logged is not sensitive.\n\n\n```python\nnot_sensitive_data = {'a': 1, 'b': 2}\n# GOOD: it is fine to log data that is not sensitive\nprint(f\"[INFO] Some object contains: {not_sensitive_data}\")\n```\n\n## References\n* OWASP: [Insertion of Sensitive Information into Log File](https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/).\n* Common Weakness Enumeration: [CWE-312](https://cwe.mitre.org/data/definitions/312.html).\n* Common Weakness Enumeration: [CWE-359](https://cwe.mitre.org/data/definitions/359.html).\n* Common Weakness Enumeration: [CWE-532](https://cwe.mitre.org/data/definitions/532.html).\n"},"id":"py/clear-text-logging-sensitive-data","name":"py/clear-text-logging-sensitive-data","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-312/CleartextLogging.ql","security-severity":"7.5","tags":["external/cwe/cwe-312","external/cwe/cwe-359","external/cwe/cwe-532","security"]},"shortDescription":{"text":"Clear-text logging of sensitive information"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Sensitive information stored without encryption or hashing can expose it to an attacker."},"help":{"markdown":"# Clear-text storage of sensitive information\nSensitive information that is stored unencrypted is accessible to an attacker who gains access to the storage. This is particularly important for cookies, which are stored on the machine of the end-user.\n\n\n## Recommendation\nEnsure that sensitive information is always encrypted before being stored. If possible, avoid placing sensitive information in cookies altogether. Instead, prefer storing, in the cookie, a key that can be used to look up the sensitive information.\n\nIn general, decrypt sensitive information only at the point where it is necessary for it to be used in cleartext.\n\nBe aware that external processes often store the `standard out` and `standard error` streams of the application, causing logged sensitive information to be stored as well.\n\n\n## Example\nThe following example code stores user credentials (in this case, their password) in a cookie in plain text:\n\n\n```python\nfrom flask import Flask, make_response, request\n\napp = Flask(\"Leak password\")\n\n@app.route('/')\ndef index():\n    password = request.args.get(\"password\")\n    resp = make_response(render_template(...))\n    resp.set_cookie(\"password\", password)\n    return resp\n\n```\nInstead, the credentials should be encrypted, for instance by using the `cryptography` module, or not stored at all.\n\n\n## References\n* M. Dowd, J. McDonald and J. Schuhm, *The Art of Software Security Assessment*, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.\n* M. Howard and D. LeBlanc, *Writing Secure Code*, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.\n* Common Weakness Enumeration: [CWE-312](https://cwe.mitre.org/data/definitions/312.html).\n* Common Weakness Enumeration: [CWE-315](https://cwe.mitre.org/data/definitions/315.html).\n* Common Weakness Enumeration: [CWE-359](https://cwe.mitre.org/data/definitions/359.html).\n","text":"# Clear-text storage of sensitive information\nSensitive information that is stored unencrypted is accessible to an attacker who gains access to the storage. This is particularly important for cookies, which are stored on the machine of the end-user.\n\n\n## Recommendation\nEnsure that sensitive information is always encrypted before being stored. If possible, avoid placing sensitive information in cookies altogether. Instead, prefer storing, in the cookie, a key that can be used to look up the sensitive information.\n\nIn general, decrypt sensitive information only at the point where it is necessary for it to be used in cleartext.\n\nBe aware that external processes often store the `standard out` and `standard error` streams of the application, causing logged sensitive information to be stored as well.\n\n\n## Example\nThe following example code stores user credentials (in this case, their password) in a cookie in plain text:\n\n\n```python\nfrom flask import Flask, make_response, request\n\napp = Flask(\"Leak password\")\n\n@app.route('/')\ndef index():\n    password = request.args.get(\"password\")\n    resp = make_response(render_template(...))\n    resp.set_cookie(\"password\", password)\n    return resp\n\n```\nInstead, the credentials should be encrypted, for instance by using the `cryptography` module, or not stored at all.\n\n\n## References\n* M. Dowd, J. McDonald and J. Schuhm, *The Art of Software Security Assessment*, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.\n* M. Howard and D. LeBlanc, *Writing Secure Code*, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.\n* Common Weakness Enumeration: [CWE-312](https://cwe.mitre.org/data/definitions/312.html).\n* Common Weakness Enumeration: [CWE-315](https://cwe.mitre.org/data/definitions/315.html).\n* Common Weakness Enumeration: [CWE-359](https://cwe.mitre.org/data/definitions/359.html).\n"},"id":"py/clear-text-storage-sensitive-data","name":"py/clear-text-storage-sensitive-data","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-312/CleartextStorage.ql","security-severity":"7.5","tags":["external/cwe/cwe-312","external/cwe/cwe-315","external/cwe/cwe-359","security"]},"shortDescription":{"text":"Clear-text storage of sensitive information"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Interpreting unsanitized user input as code allows a malicious user to perform arbitrary code execution."},"help":{"markdown":"# Code injection\nDirectly evaluating user input (for example, an HTTP request parameter) as code without properly sanitizing the input first allows an attacker arbitrary code execution. This can occur when user input is passed to code that interprets it as an expression to be evaluated, such as `eval` or `exec`.\n\n\n## Recommendation\nAvoid including user input in any expression that may be dynamically evaluated. If user input must be included, use context-specific escaping before including it. It is important that the correct escaping is used for the type of evaluation that will occur.\n\n\n## Example\nThe following example shows two functions setting a name from a request. The first function uses `exec` to execute the `setname` function. This is dangerous as it can allow a malicious user to execute arbitrary code on the server. For example, the user could supply the value `\"' + subprocess.call('rm -rf') + '\"` to destroy the server's file system. The second function calls the `setname` function directly and is thus safe.\n\n\n```python\n\nurlpatterns = [\n    # Route to code_execution\n    url(r'^code-ex1$', code_execution_bad, name='code-execution-bad'),\n    url(r'^code-ex2$', code_execution_good, name='code-execution-good')\n]\n\ndef code_execution(request):\n    if request.method == 'POST':\n        first_name = base64.decodestring(request.POST.get('first_name', ''))\n        #BAD -- Allow user to define code to be run.\n        exec(\"setname('%s')\" % first_name)\n\ndef code_execution(request):\n    if request.method == 'POST':\n        first_name = base64.decodestring(request.POST.get('first_name', ''))\n        #GOOD --Call code directly\n        setname(first_name)\n\n```\n\n## References\n* OWASP: [Code Injection](https://www.owasp.org/index.php/Code_Injection).\n* Wikipedia: [Code Injection](https://en.wikipedia.org/wiki/Code_injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n* Common Weakness Enumeration: [CWE-95](https://cwe.mitre.org/data/definitions/95.html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n","text":"# Code injection\nDirectly evaluating user input (for example, an HTTP request parameter) as code without properly sanitizing the input first allows an attacker arbitrary code execution. This can occur when user input is passed to code that interprets it as an expression to be evaluated, such as `eval` or `exec`.\n\n\n## Recommendation\nAvoid including user input in any expression that may be dynamically evaluated. If user input must be included, use context-specific escaping before including it. It is important that the correct escaping is used for the type of evaluation that will occur.\n\n\n## Example\nThe following example shows two functions setting a name from a request. The first function uses `exec` to execute the `setname` function. This is dangerous as it can allow a malicious user to execute arbitrary code on the server. For example, the user could supply the value `\"' + subprocess.call('rm -rf') + '\"` to destroy the server's file system. The second function calls the `setname` function directly and is thus safe.\n\n\n```python\n\nurlpatterns = [\n    # Route to code_execution\n    url(r'^code-ex1$', code_execution_bad, name='code-execution-bad'),\n    url(r'^code-ex2$', code_execution_good, name='code-execution-good')\n]\n\ndef code_execution(request):\n    if request.method == 'POST':\n        first_name = base64.decodestring(request.POST.get('first_name', ''))\n        #BAD -- Allow user to define code to be run.\n        exec(\"setname('%s')\" % first_name)\n\ndef code_execution(request):\n    if request.method == 'POST':\n        first_name = base64.decodestring(request.POST.get('first_name', ''))\n        #GOOD --Call code directly\n        setname(first_name)\n\n```\n\n## References\n* OWASP: [Code Injection](https://www.owasp.org/index.php/Code_Injection).\n* Wikipedia: [Code Injection](https://en.wikipedia.org/wiki/Code_injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n* Common Weakness Enumeration: [CWE-95](https://cwe.mitre.org/data/definitions/95.html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n"},"id":"py/code-injection","name":"py/code-injection","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-094/CodeInjection.ql","security-severity":"9.3","tags":["external/cwe/cwe-094","external/cwe/cwe-095","external/cwe/cwe-116","security"]},"shortDescription":{"text":"Code injection"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Using externally controlled strings in a command line may allow a malicious user to change the meaning of the command."},"help":{"markdown":"# Uncontrolled command line\nCode that passes user input directly to `exec`, `eval`, or some other library routine that executes a command, allows the user to execute malicious code.\n\n\n## Recommendation\nIf possible, use hard-coded string literals to specify the command to run or the library to load. Instead of passing the user input directly to the process or library function, examine the user input and then choose among hard-coded string literals.\n\nIf the applicable libraries or commands cannot be determined at compile time, then add code to verify that the user input string is safe before using it.\n\n\n## Example\nThe following example shows two functions. The first is unsafe as it takes a shell script that can be changed by a user, and passes it straight to `subprocess.call()` without examining it first. The second is safe as it selects the command from a predefined allowlist.\n\n\n```python\n\nurlpatterns = [\n    # Route to command_execution\n    url(r'^command-ex1$', command_execution_unsafe, name='command-execution-unsafe'),\n    url(r'^command-ex2$', command_execution_safe, name='command-execution-safe')\n]\n\nCOMMANDS = {\n    \"list\" :\"ls\",\n    \"stat\" : \"stat\"\n}\n\ndef command_execution_unsafe(request):\n    if request.method == 'POST':\n        action = request.POST.get('action', '')\n        #BAD -- No sanitizing of input\n        subprocess.call([\"application\", action])\n\ndef command_execution_safe(request):\n    if request.method == 'POST':\n        action = request.POST.get('action', '')\n        #GOOD -- Use an allowlist\n        subprocess.call([\"application\", COMMANDS[action]])\n\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n","text":"# Uncontrolled command line\nCode that passes user input directly to `exec`, `eval`, or some other library routine that executes a command, allows the user to execute malicious code.\n\n\n## Recommendation\nIf possible, use hard-coded string literals to specify the command to run or the library to load. Instead of passing the user input directly to the process or library function, examine the user input and then choose among hard-coded string literals.\n\nIf the applicable libraries or commands cannot be determined at compile time, then add code to verify that the user input string is safe before using it.\n\n\n## Example\nThe following example shows two functions. The first is unsafe as it takes a shell script that can be changed by a user, and passes it straight to `subprocess.call()` without examining it first. The second is safe as it selects the command from a predefined allowlist.\n\n\n```python\n\nurlpatterns = [\n    # Route to command_execution\n    url(r'^command-ex1$', command_execution_unsafe, name='command-execution-unsafe'),\n    url(r'^command-ex2$', command_execution_safe, name='command-execution-safe')\n]\n\nCOMMANDS = {\n    \"list\" :\"ls\",\n    \"stat\" : \"stat\"\n}\n\ndef command_execution_unsafe(request):\n    if request.method == 'POST':\n        action = request.POST.get('action', '')\n        #BAD -- No sanitizing of input\n        subprocess.call([\"application\", action])\n\ndef command_execution_safe(request):\n    if request.method == 'POST':\n        action = request.POST.get('action', '')\n        #GOOD -- Use an allowlist\n        subprocess.call([\"application\", COMMANDS[action]])\n\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n"},"id":"py/command-line-injection","name":"py/command-line-injection","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-078/CommandInjection.ql","security-severity":"9.8","tags":["correctness","external/cwe/cwe-078","external/cwe/cwe-088","security"]},"shortDescription":{"text":"Uncontrolled command line"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Constructing cookies from user input may allow an attacker to perform a Cookie Poisoning attack."},"help":{"markdown":"# Construction of a cookie using user-supplied input\nConstructing cookies from user input can allow an attacker to control a user's cookie. This may lead to a session fixation attack. Additionally, client code may not expect a cookie to contain attacker-controlled data, and fail to sanitize it for common vulnerabilities such as Cross Site Scripting (XSS). An attacker manipulating the raw cookie header may additionally be able to set cookie attributes such as `HttpOnly` to insecure values.\n\n\n## Recommendation\nDo not use raw user input to construct cookies.\n\n\n## Example\nIn the following cases, a cookie is constructed for a Flask response using user input. The first uses `set_cookie`, and the second sets a cookie's raw value through the `set-cookie` header.\n\n\n```python\nfrom flask import request, make_response\n\n\n@app.route(\"/1\")\ndef set_cookie():\n    resp = make_response()\n    resp.set_cookie(request.args[\"name\"], # BAD: User input is used to set the cookie's name and value\n                    value=request.args[\"name\"])\n    return resp\n\n\n@app.route(\"/2\")\ndef set_cookie_header():\n    resp = make_response()\n    resp.headers['Set-Cookie'] = f\"{request.args['name']}={request.args['name']};\" # BAD: User input is used to set the raw cookie header.\n    return resp\n\n```\n\n## References\n* Wikipedia - [Session Fixation](https://en.wikipedia.org/wiki/Session_fixation).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n","text":"# Construction of a cookie using user-supplied input\nConstructing cookies from user input can allow an attacker to control a user's cookie. This may lead to a session fixation attack. Additionally, client code may not expect a cookie to contain attacker-controlled data, and fail to sanitize it for common vulnerabilities such as Cross Site Scripting (XSS). An attacker manipulating the raw cookie header may additionally be able to set cookie attributes such as `HttpOnly` to insecure values.\n\n\n## Recommendation\nDo not use raw user input to construct cookies.\n\n\n## Example\nIn the following cases, a cookie is constructed for a Flask response using user input. The first uses `set_cookie`, and the second sets a cookie's raw value through the `set-cookie` header.\n\n\n```python\nfrom flask import request, make_response\n\n\n@app.route(\"/1\")\ndef set_cookie():\n    resp = make_response()\n    resp.set_cookie(request.args[\"name\"], # BAD: User input is used to set the cookie's name and value\n                    value=request.args[\"name\"])\n    return resp\n\n\n@app.route(\"/2\")\ndef set_cookie_header():\n    resp = make_response()\n    resp.headers['Set-Cookie'] = f\"{request.args['name']}={request.args['name']};\" # BAD: User input is used to set the raw cookie header.\n    return resp\n\n```\n\n## References\n* Wikipedia - [Session Fixation](https://en.wikipedia.org/wiki/Session_fixation).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n"},"id":"py/cookie-injection","name":"py/cookie-injection","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-020/CookieInjection.ql","security-severity":"5","tags":["external/cwe/cwe-20","security"]},"shortDescription":{"text":"Construction of a cookie using user-supplied input"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Disabling or weakening CSRF protection may make the application vulnerable to a Cross-Site Request Forgery (CSRF) attack."},"help":{"markdown":"# CSRF protection weakened or disabled\nCross-site request forgery (CSRF) is a type of vulnerability in which an attacker is able to force a user to carry out an action that the user did not intend.\n\nThe attacker tricks an authenticated user into submitting a request to the web application. Typically this request will result in a state change on the server, such as changing the user's password. The request can be initiated when the user visits a site controlled by the attacker. If the web application relies only on cookies for authentication, or on other credentials that are automatically included in the request, then this request will appear as legitimate to the server.\n\nA common countermeasure for CSRF is to generate a unique token to be included in the HTML sent from the server to a user. This token can be used as a hidden field to be sent back with requests to the server, where the server can then check that the token is valid and associated with the relevant user session.\n\n\n## Recommendation\nIn many web frameworks, CSRF protection is enabled by default. In these cases, using the default configuration is sufficient to guard against most CSRF attacks.\n\n\n## Example\nThe following example shows a case where CSRF protection is disabled by overriding the default middleware stack and not including the one protecting against CSRF.\n\n\n```python\nMIDDLEWARE = [\n    'django.middleware.security.SecurityMiddleware',\n    'django.contrib.sessions.middleware.SessionMiddleware',\n    'django.middleware.common.CommonMiddleware',\n    # 'django.middleware.csrf.CsrfViewMiddleware',\n    'django.contrib.auth.middleware.AuthenticationMiddleware',\n    'django.contrib.messages.middleware.MessageMiddleware',\n    'django.middleware.clickjacking.XFrameOptionsMiddleware',\n]\n\n```\nThe protecting middleware was probably commented out during a testing phase, when server-side token generation was not set up. Simply commenting it back in will enable CSRF protection.\n\n\n## References\n* Wikipedia: [Cross-site request forgery](https://en.wikipedia.org/wiki/Cross-site_request_forgery)\n* OWASP: [Cross-site request forgery](https://owasp.org/www-community/attacks/csrf)\n* Common Weakness Enumeration: [CWE-352](https://cwe.mitre.org/data/definitions/352.html).\n","text":"# CSRF protection weakened or disabled\nCross-site request forgery (CSRF) is a type of vulnerability in which an attacker is able to force a user to carry out an action that the user did not intend.\n\nThe attacker tricks an authenticated user into submitting a request to the web application. Typically this request will result in a state change on the server, such as changing the user's password. The request can be initiated when the user visits a site controlled by the attacker. If the web application relies only on cookies for authentication, or on other credentials that are automatically included in the request, then this request will appear as legitimate to the server.\n\nA common countermeasure for CSRF is to generate a unique token to be included in the HTML sent from the server to a user. This token can be used as a hidden field to be sent back with requests to the server, where the server can then check that the token is valid and associated with the relevant user session.\n\n\n## Recommendation\nIn many web frameworks, CSRF protection is enabled by default. In these cases, using the default configuration is sufficient to guard against most CSRF attacks.\n\n\n## Example\nThe following example shows a case where CSRF protection is disabled by overriding the default middleware stack and not including the one protecting against CSRF.\n\n\n```python\nMIDDLEWARE = [\n    'django.middleware.security.SecurityMiddleware',\n    'django.contrib.sessions.middleware.SessionMiddleware',\n    'django.middleware.common.CommonMiddleware',\n    # 'django.middleware.csrf.CsrfViewMiddleware',\n    'django.contrib.auth.middleware.AuthenticationMiddleware',\n    'django.contrib.messages.middleware.MessageMiddleware',\n    'django.middleware.clickjacking.XFrameOptionsMiddleware',\n]\n\n```\nThe protecting middleware was probably commented out during a testing phase, when server-side token generation was not set up. Simply commenting it back in will enable CSRF protection.\n\n\n## References\n* Wikipedia: [Cross-site request forgery](https://en.wikipedia.org/wiki/Cross-site_request_forgery)\n* OWASP: [Cross-site request forgery](https://owasp.org/www-community/attacks/csrf)\n* Common Weakness Enumeration: [CWE-352](https://cwe.mitre.org/data/definitions/352.html).\n"},"id":"py/csrf-protection-disabled","name":"py/csrf-protection-disabled","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-352/CSRFProtectionDisabled.ql","security-severity":"8.8","tags":["external/cwe/cwe-352","security"]},"shortDescription":{"text":"CSRF protection weakened or disabled"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Running a Flask app in debug mode may allow an attacker to run arbitrary code through the Werkzeug debugger."},"help":{"markdown":"# Flask app is run in debug mode\nRunning a Flask application with debug mode enabled may allow an attacker to gain access through the Werkzeug debugger.\n\n\n## Recommendation\nEnsure that Flask applications that are run in a production environment have debugging disabled.\n\n\n## Example\nRunning the following code starts a Flask webserver that has debugging enabled. By visiting `/crash`, it is possible to gain access to the debugger, and run arbitrary code through the interactive debugger.\n\n\n```python\nfrom flask import Flask\n\napp = Flask(__name__)\n\n@app.route('/crash')\ndef main():\n    raise Exception()\n\napp.run(debug=True)\n\n```\n\n## References\n* Flask Quickstart Documentation: [Debug Mode](http://flask.pocoo.org/docs/1.0/quickstart/#debug-mode).\n* Werkzeug Documentation: [Debugging Applications](http://werkzeug.pocoo.org/docs/0.14/debug/).\n* Common Weakness Enumeration: [CWE-215](https://cwe.mitre.org/data/definitions/215.html).\n* Common Weakness Enumeration: [CWE-489](https://cwe.mitre.org/data/definitions/489.html).\n","text":"# Flask app is run in debug mode\nRunning a Flask application with debug mode enabled may allow an attacker to gain access through the Werkzeug debugger.\n\n\n## Recommendation\nEnsure that Flask applications that are run in a production environment have debugging disabled.\n\n\n## Example\nRunning the following code starts a Flask webserver that has debugging enabled. By visiting `/crash`, it is possible to gain access to the debugger, and run arbitrary code through the interactive debugger.\n\n\n```python\nfrom flask import Flask\n\napp = Flask(__name__)\n\n@app.route('/crash')\ndef main():\n    raise Exception()\n\napp.run(debug=True)\n\n```\n\n## References\n* Flask Quickstart Documentation: [Debug Mode](http://flask.pocoo.org/docs/1.0/quickstart/#debug-mode).\n* Werkzeug Documentation: [Debugging Applications](http://werkzeug.pocoo.org/docs/0.14/debug/).\n* Common Weakness Enumeration: [CWE-215](https://cwe.mitre.org/data/definitions/215.html).\n* Common Weakness Enumeration: [CWE-489](https://cwe.mitre.org/data/definitions/489.html).\n"},"id":"py/flask-debug","name":"py/flask-debug","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-215/FlaskDebug.ql","security-severity":"7.5","tags":["external/cwe/cwe-215","external/cwe/cwe-489","security"]},"shortDescription":{"text":"Flask app is run in debug mode"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Making a network request to a URL that is fully user-controlled allows for request forgery attacks."},"help":{"markdown":"# Full server-side request forgery\nDirectly incorporating user input into an HTTP request without validating the input can facilitate server-side request forgery (SSRF) attacks. In these attacks, the request may be changed, directed at a different server, or via a different protocol. This can allow the attacker to obtain sensitive information or perform actions with escalated privilege.\n\nWe make a distinctions between how much of the URL an attacker can control:\n\n* **Full SSRF**: where the full URL can be controlled.\n* **Partial SSRF**: where only part of the URL can be controlled, such as the path component of a URL to a hardcoded domain.\n\n\nPartial control of a URL is often much harder to exploit. Therefore we have created a separate query for each of these.\n\nThis query covers full SSRF, to find partial SSRF use the `py/partial-ssrf` query.\n\n\n## Recommendation\nTo guard against SSRF attacks you should avoid putting user-provided input directly into a request URL. Instead, either maintain a list of authorized URLs on the server and choose from that list based on the input provided, or perform proper validation of the input.\n\n\n## Example\nThe following example shows code vulnerable to a full SSRF attack, because it uses untrusted input (HTTP request parameter) directly to construct a URL. By using `evil.com#` as the `target` value, the requested URL will be `https://evil.com#.example.com/data/`. It also shows how to remedy the problem by using the user input select a known fixed string.\n\n\n```python\nimport requests\nfrom flask import Flask, request\n\napp = Flask(__name__)\n\n@app.route(\"/full_ssrf\")\ndef full_ssrf():\n    target = request.args[\"target\"]\n\n    # BAD: user has full control of URL\n    resp = requests.get(\"https://\" + target + \".example.com/data/\")\n\n    # GOOD: `subdomain` is controlled by the server.\n    subdomain = \"europe\" if target == \"EU\" else \"world\"\n    resp = requests.get(\"https://\" + subdomain + \".example.com/data/\")\n\n```\n\n## Example\nThe following example shows code vulnerable to a partial SSRF attack, because it uses untrusted input (HTTP request parameter) directly to construct a URL. By using `../transfer-funds-to/123?amount=456` as the `user_id` value, the requested URL will be `https://api.example.com/transfer-funds-to/123?amount=456`. It also shows how to remedy the problem by validating the input.\n\n\n```python\nimport requests\nfrom flask import Flask, request\n\napp = Flask(__name__)\n\n@app.route(\"/partial_ssrf\")\ndef partial_ssrf():\n    user_id = request.args[\"user_id\"]\n\n    # BAD: user can fully control the path component of the URL\n    resp = requests.get(\"https://api.example.com/user_info/\" + user_id)\n\n    if user_id.isalnum():\n        # GOOD: user_id is restricted to be alpha-numeric, and cannot alter path component of URL\n        resp = requests.get(\"https://api.example.com/user_info/\" + user_id)\n\n```\n\n## References\n* [OWASP SSRF article](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n* [PortSwigger SSRF article](https://portswigger.net/web-security/ssrf)\n* Common Weakness Enumeration: [CWE-918](https://cwe.mitre.org/data/definitions/918.html).\n","text":"# Full server-side request forgery\nDirectly incorporating user input into an HTTP request without validating the input can facilitate server-side request forgery (SSRF) attacks. In these attacks, the request may be changed, directed at a different server, or via a different protocol. This can allow the attacker to obtain sensitive information or perform actions with escalated privilege.\n\nWe make a distinctions between how much of the URL an attacker can control:\n\n* **Full SSRF**: where the full URL can be controlled.\n* **Partial SSRF**: where only part of the URL can be controlled, such as the path component of a URL to a hardcoded domain.\n\n\nPartial control of a URL is often much harder to exploit. Therefore we have created a separate query for each of these.\n\nThis query covers full SSRF, to find partial SSRF use the `py/partial-ssrf` query.\n\n\n## Recommendation\nTo guard against SSRF attacks you should avoid putting user-provided input directly into a request URL. Instead, either maintain a list of authorized URLs on the server and choose from that list based on the input provided, or perform proper validation of the input.\n\n\n## Example\nThe following example shows code vulnerable to a full SSRF attack, because it uses untrusted input (HTTP request parameter) directly to construct a URL. By using `evil.com#` as the `target` value, the requested URL will be `https://evil.com#.example.com/data/`. It also shows how to remedy the problem by using the user input select a known fixed string.\n\n\n```python\nimport requests\nfrom flask import Flask, request\n\napp = Flask(__name__)\n\n@app.route(\"/full_ssrf\")\ndef full_ssrf():\n    target = request.args[\"target\"]\n\n    # BAD: user has full control of URL\n    resp = requests.get(\"https://\" + target + \".example.com/data/\")\n\n    # GOOD: `subdomain` is controlled by the server.\n    subdomain = \"europe\" if target == \"EU\" else \"world\"\n    resp = requests.get(\"https://\" + subdomain + \".example.com/data/\")\n\n```\n\n## Example\nThe following example shows code vulnerable to a partial SSRF attack, because it uses untrusted input (HTTP request parameter) directly to construct a URL. By using `../transfer-funds-to/123?amount=456` as the `user_id` value, the requested URL will be `https://api.example.com/transfer-funds-to/123?amount=456`. It also shows how to remedy the problem by validating the input.\n\n\n```python\nimport requests\nfrom flask import Flask, request\n\napp = Flask(__name__)\n\n@app.route(\"/partial_ssrf\")\ndef partial_ssrf():\n    user_id = request.args[\"user_id\"]\n\n    # BAD: user can fully control the path component of the URL\n    resp = requests.get(\"https://api.example.com/user_info/\" + user_id)\n\n    if user_id.isalnum():\n        # GOOD: user_id is restricted to be alpha-numeric, and cannot alter path component of URL\n        resp = requests.get(\"https://api.example.com/user_info/\" + user_id)\n\n```\n\n## References\n* [OWASP SSRF article](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n* [PortSwigger SSRF article](https://portswigger.net/web-security/ssrf)\n* Common Weakness Enumeration: [CWE-918](https://cwe.mitre.org/data/definitions/918.html).\n"},"id":"py/full-ssrf","name":"py/full-ssrf","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-918/FullServerSideRequestForgery.ql","security-severity":"9.1","tags":["external/cwe/cwe-918","security"]},"shortDescription":{"text":"Full server-side request forgery"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Writing user input directly to an HTTP header makes code vulnerable to attack by header splitting."},"help":{"markdown":"# HTTP Response Splitting\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability.\n\nIf user-controlled input is used in an HTTP header that allows line break characters, an attacker can inject additional headers or control the response body, leading to vulnerabilities such as XSS or cache poisoning.\n\n\n## Recommendation\nEnsure that user input containing line break characters is not written to an HTTP header.\n\n\n## Example\nIn the following example, the case marked BAD writes user input to the header name. In the GOOD case, input is first escaped to not contain any line break characters.\n\n\n```python\n@app.route(\"/example_bad\")\ndef example_bad():\n    rfs_header = request.args[\"rfs_header\"]\n    response = Response()\n    custom_header = \"X-MyHeader-\" + rfs_header\n    # BAD: User input is used as part of the header name.\n    response.headers[custom_header] = \"HeaderValue\" \n    return response\n\n@app.route(\"/example_good\")\ndef example_bad():\n    rfs_header = request.args[\"rfs_header\"]\n    response = Response()\n    custom_header = \"X-MyHeader-\" + rfs_header.replace(\"\\n\", \"\").replace(\"\\r\",\"\").replace(\":\",\"\")\n    # GOOD: Line break characters are removed from the input.\n    response.headers[custom_header] = \"HeaderValue\" \n    return response\n```\n\n## References\n* SecLists.org: [HTTP response splitting](https://seclists.org/bugtraq/2005/Apr/187).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* CAPEC: [CAPEC-105: HTTP Request Splitting](https://capec.mitre.org/data/definitions/105.html)\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n","text":"# HTTP Response Splitting\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability.\n\nIf user-controlled input is used in an HTTP header that allows line break characters, an attacker can inject additional headers or control the response body, leading to vulnerabilities such as XSS or cache poisoning.\n\n\n## Recommendation\nEnsure that user input containing line break characters is not written to an HTTP header.\n\n\n## Example\nIn the following example, the case marked BAD writes user input to the header name. In the GOOD case, input is first escaped to not contain any line break characters.\n\n\n```python\n@app.route(\"/example_bad\")\ndef example_bad():\n    rfs_header = request.args[\"rfs_header\"]\n    response = Response()\n    custom_header = \"X-MyHeader-\" + rfs_header\n    # BAD: User input is used as part of the header name.\n    response.headers[custom_header] = \"HeaderValue\" \n    return response\n\n@app.route(\"/example_good\")\ndef example_bad():\n    rfs_header = request.args[\"rfs_header\"]\n    response = Response()\n    custom_header = \"X-MyHeader-\" + rfs_header.replace(\"\\n\", \"\").replace(\"\\r\",\"\").replace(\":\",\"\")\n    # GOOD: Line break characters are removed from the input.\n    response.headers[custom_header] = \"HeaderValue\" \n    return response\n```\n\n## References\n* SecLists.org: [HTTP response splitting](https://seclists.org/bugtraq/2005/Apr/187).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* CAPEC: [CAPEC-105: HTTP Request Splitting](https://capec.mitre.org/data/definitions/105.html)\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n"},"id":"py/http-response-splitting","name":"py/http-response-splitting","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-113/HeaderInjection.ql","security-severity":"6.1","tags":["external/cwe/cwe-079","external/cwe/cwe-113","security"]},"shortDescription":{"text":"HTTP Response Splitting"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Matching a URL or hostname against a regular expression that contains an unescaped dot as part of the hostname might match more hostnames than expected."},"help":{"markdown":"# Incomplete regular expression for hostnames\nSanitizing untrusted URLs is a common technique for preventing attacks such as request forgeries and malicious redirections. Often, this is done by checking that the host of a URL is in a set of allowed hosts.\n\nIf a regular expression implements such a check, it is easy to accidentally make the check too permissive by not escaping the `.` meta-characters appropriately. Even if the check is not used in a security-critical context, the incomplete check may still cause undesirable behaviors when it accidentally succeeds.\n\n\n## Recommendation\nEscape all meta-characters appropriately when constructing regular expressions for security checks, and pay special attention to the `.` meta-character.\n\n\n## Example\nThe following example code checks that a URL redirection will reach the `example.com` domain, or one of its subdomains.\n\n\n```python\nfrom flask import Flask, request, redirect\nimport re\n\napp = Flask(__name__)\n\nUNSAFE_REGEX = re.compile(\"(www|beta).example.com/\")\nSAFE_REGEX = re.compile(r\"(www|beta)\\.example\\.com/\")\n\n@app.route('/some/path/bad')\ndef unsafe(request):\n    target = request.args.get('target', '')\n    if UNSAFE_REGEX.match(target):\n        return redirect(target)\n\n@app.route('/some/path/good')\ndef safe(request):\n    target = request.args.get('target', '')\n    if SAFE_REGEX.match(target):\n        return redirect(target)\n\n```\nThe `unsafe` check is easy to bypass because the unescaped `.` allows for any character before `example.com`, effectively allowing the redirect to go to an attacker-controlled domain such as `wwwXexample.com`.\n\nThe `safe` check closes this vulnerability by escaping the `.` so that URLs of the form `wwwXexample.com` are rejected.\n\n\n## References\n* OWASP: [SSRF](https://www.owasp.org/index.php/Server_Side_Request_Forgery)\n* OWASP: [XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n","text":"# Incomplete regular expression for hostnames\nSanitizing untrusted URLs is a common technique for preventing attacks such as request forgeries and malicious redirections. Often, this is done by checking that the host of a URL is in a set of allowed hosts.\n\nIf a regular expression implements such a check, it is easy to accidentally make the check too permissive by not escaping the `.` meta-characters appropriately. Even if the check is not used in a security-critical context, the incomplete check may still cause undesirable behaviors when it accidentally succeeds.\n\n\n## Recommendation\nEscape all meta-characters appropriately when constructing regular expressions for security checks, and pay special attention to the `.` meta-character.\n\n\n## Example\nThe following example code checks that a URL redirection will reach the `example.com` domain, or one of its subdomains.\n\n\n```python\nfrom flask import Flask, request, redirect\nimport re\n\napp = Flask(__name__)\n\nUNSAFE_REGEX = re.compile(\"(www|beta).example.com/\")\nSAFE_REGEX = re.compile(r\"(www|beta)\\.example\\.com/\")\n\n@app.route('/some/path/bad')\ndef unsafe(request):\n    target = request.args.get('target', '')\n    if UNSAFE_REGEX.match(target):\n        return redirect(target)\n\n@app.route('/some/path/good')\ndef safe(request):\n    target = request.args.get('target', '')\n    if SAFE_REGEX.match(target):\n        return redirect(target)\n\n```\nThe `unsafe` check is easy to bypass because the unescaped `.` allows for any character before `example.com`, effectively allowing the redirect to go to an attacker-controlled domain such as `wwwXexample.com`.\n\nThe `safe` check closes this vulnerability by escaping the `.` so that URLs of the form `wwwXexample.com` are rejected.\n\n\n## References\n* OWASP: [SSRF](https://www.owasp.org/index.php/Server_Side_Request_Forgery)\n* OWASP: [XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n"},"id":"py/incomplete-hostname-regexp","name":"py/incomplete-hostname-regexp","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-020/IncompleteHostnameRegExp.ql","security-severity":"7.8","tags":["correctness","external/cwe/cwe-020","security"]},"shortDescription":{"text":"Incomplete regular expression for hostnames"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Security checks on the substrings of an unparsed URL are often vulnerable to bypassing."},"help":{"markdown":"# Incomplete URL substring sanitization\nSanitizing untrusted URLs is a common technique for preventing attacks such as request forgeries and malicious redirections. Usually, this is done by checking that the host of a URL is in a set of allowed hosts.\n\nHowever, treating the URL as a string and checking if one of the allowed hosts is a substring of the URL is very prone to errors. Malicious URLs can bypass such security checks by embedding one of the allowed hosts in an unexpected location.\n\nEven if the substring check is not used in a security-critical context, the incomplete check may still cause undesirable behaviors when the check succeeds accidentally.\n\n\n## Recommendation\nParse a URL before performing a check on its host value, and ensure that the check handles arbitrary subdomain sequences correctly.\n\n\n## Example\nThe following example code checks that a URL redirection will reach the `example.com` domain.\n\n\n```python\nfrom flask import Flask, request, redirect\nfrom urllib.parse import urlparse\n\napp = Flask(__name__)\n\n# Not safe, as \"evil-example.net/example.com\" would be accepted\n\n@app.route('/some/path/bad1')\ndef unsafe1(request):\n    target = request.args.get('target', '')\n    if \"example.com\" in target:\n        return redirect(target)\n\n# Not safe, as \"benign-looking-prefix-example.com\" would be accepted\n\n@app.route('/some/path/bad2')\ndef unsafe2(request):\n    target = request.args.get('target', '')\n    if target.endswith(\"example.com\"):\n        return redirect(target)\n\n\n\n#Simplest and safest approach is to use an allowlist\n\n@app.route('/some/path/good1')\ndef safe1(request):\n    allowlist = [\n        \"example.com/home\",\n        \"example.com/login\",\n    ]\n    target = request.args.get('target', '')\n    if target in allowlist:\n        return redirect(target)\n\n#More complex example allowing sub-domains.\n\n@app.route('/some/path/good2')\ndef safe2(request):\n    target = request.args.get('target', '')\n    host = urlparse(target).hostname\n    #Note the '.' preceding example.com\n    if host and host.endswith(\".example.com\"):\n        return redirect(target)\n\n\n```\nThe first two examples show unsafe checks that are easily bypassed. In `unsafe1` the attacker can simply add `example.com` anywhere in the url. For example, `http://evil-example.net/example.com`.\n\nIn `unsafe2` the attacker must use a hostname ending in `example.com`, but that is easy to do. For example, `http://benign-looking-prefix-example.com`.\n\nThe second two examples show safe checks. In `safe1`, an allowlist is used. Although fairly inflexible, this is easy to get right and is most likely to be safe.\n\nIn `safe2`, `urlparse` is used to parse the URL, then the hostname is checked to make sure it ends with `.example.com`.\n\n\n## References\n* OWASP: [SSRF](https://www.owasp.org/index.php/Server_Side_Request_Forgery)\n* OWASP: [XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n","text":"# Incomplete URL substring sanitization\nSanitizing untrusted URLs is a common technique for preventing attacks such as request forgeries and malicious redirections. Usually, this is done by checking that the host of a URL is in a set of allowed hosts.\n\nHowever, treating the URL as a string and checking if one of the allowed hosts is a substring of the URL is very prone to errors. Malicious URLs can bypass such security checks by embedding one of the allowed hosts in an unexpected location.\n\nEven if the substring check is not used in a security-critical context, the incomplete check may still cause undesirable behaviors when the check succeeds accidentally.\n\n\n## Recommendation\nParse a URL before performing a check on its host value, and ensure that the check handles arbitrary subdomain sequences correctly.\n\n\n## Example\nThe following example code checks that a URL redirection will reach the `example.com` domain.\n\n\n```python\nfrom flask import Flask, request, redirect\nfrom urllib.parse import urlparse\n\napp = Flask(__name__)\n\n# Not safe, as \"evil-example.net/example.com\" would be accepted\n\n@app.route('/some/path/bad1')\ndef unsafe1(request):\n    target = request.args.get('target', '')\n    if \"example.com\" in target:\n        return redirect(target)\n\n# Not safe, as \"benign-looking-prefix-example.com\" would be accepted\n\n@app.route('/some/path/bad2')\ndef unsafe2(request):\n    target = request.args.get('target', '')\n    if target.endswith(\"example.com\"):\n        return redirect(target)\n\n\n\n#Simplest and safest approach is to use an allowlist\n\n@app.route('/some/path/good1')\ndef safe1(request):\n    allowlist = [\n        \"example.com/home\",\n        \"example.com/login\",\n    ]\n    target = request.args.get('target', '')\n    if target in allowlist:\n        return redirect(target)\n\n#More complex example allowing sub-domains.\n\n@app.route('/some/path/good2')\ndef safe2(request):\n    target = request.args.get('target', '')\n    host = urlparse(target).hostname\n    #Note the '.' preceding example.com\n    if host and host.endswith(\".example.com\"):\n        return redirect(target)\n\n\n```\nThe first two examples show unsafe checks that are easily bypassed. In `unsafe1` the attacker can simply add `example.com` anywhere in the url. For example, `http://evil-example.net/example.com`.\n\nIn `unsafe2` the attacker must use a hostname ending in `example.com`, but that is easy to do. For example, `http://benign-looking-prefix-example.com`.\n\nThe second two examples show safe checks. In `safe1`, an allowlist is used. Although fairly inflexible, this is easy to get right and is most likely to be safe.\n\nIn `safe2`, `urlparse` is used to parse the URL, then the hostname is checked to make sure it ends with `.example.com`.\n\n\n## References\n* OWASP: [SSRF](https://www.owasp.org/index.php/Server_Side_Request_Forgery)\n* OWASP: [XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n"},"id":"py/incomplete-url-substring-sanitization","name":"py/incomplete-url-substring-sanitization","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.ql","security-severity":"7.8","tags":["correctness","external/cwe/cwe-20","security"]},"shortDescription":{"text":"Incomplete URL substring sanitization"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Insecure cookies may be sent in cleartext, which makes them vulnerable to interception."},"help":{"markdown":"# Failure to use secure cookies\nCookies without the `Secure` flag set may be transmitted using HTTP instead of HTTPS, which leaves them vulnerable to reading by a third party.\n\nCookies without the `HttpOnly` flag set are accessible to JavaScript running in the same origin. In case of a Cross-Site Scripting (XSS) vulnerability, the cookie can be stolen by a malicious script.\n\nCookies with the `SameSite` attribute set to `'None'` will be sent with cross-origin requests, which can be controlled by third-party JavaScript code and allow for Cross-Site Request Forgery (CSRF) attacks.\n\n\n## Recommendation\nAlways set `secure` to `True` or add \"; Secure;\" to the cookie's raw value.\n\nAlways set `httponly` to `True` or add \"; HttpOnly;\" to the cookie's raw value.\n\nAlways set `samesite` to `Lax` or `Strict`, or add \"; SameSite=Lax;\", or \"; Samesite=Strict;\" to the cookie's raw header value.\n\n\n## Example\nIn the following examples, the cases marked GOOD show secure cookie attributes being set; whereas in the cases marked BAD they are not set.\n\n\n```python\nfrom flask import Flask, request, make_response, Response\n\n\n@app.route(\"/good1\")\ndef good1():\n    resp = make_response()\n    resp.set_cookie(\"name\", value=\"value\", secure=True, httponly=True, samesite='Strict') # GOOD: Attributes are securely set\n    return resp\n\n\n@app.route(\"/good2\")\ndef good2():\n    resp = make_response()\n    resp.headers['Set-Cookie'] = \"name=value; Secure; HttpOnly; SameSite=Strict\" # GOOD: Attributes are securely set \n    return resp\n\n@app.route(\"/bad1\")\n    resp = make_response()\n    resp.set_cookie(\"name\", value=\"value\", samesite='None') # BAD: the SameSite attribute is set to 'None' and the 'Secure' and 'HttpOnly' attributes are set to False by default.\n    return resp\n```\n\n## References\n* Detectify: [Cookie lack Secure flag](https://support.detectify.com/support/solutions/articles/48001048982-cookie-lack-secure-flag).\n* PortSwigger: [TLS cookie without secure flag set](https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set).\n* Common Weakness Enumeration: [CWE-614](https://cwe.mitre.org/data/definitions/614.html).\n* Common Weakness Enumeration: [CWE-1004](https://cwe.mitre.org/data/definitions/1004.html).\n* Common Weakness Enumeration: [CWE-1275](https://cwe.mitre.org/data/definitions/1275.html).\n","text":"# Failure to use secure cookies\nCookies without the `Secure` flag set may be transmitted using HTTP instead of HTTPS, which leaves them vulnerable to reading by a third party.\n\nCookies without the `HttpOnly` flag set are accessible to JavaScript running in the same origin. In case of a Cross-Site Scripting (XSS) vulnerability, the cookie can be stolen by a malicious script.\n\nCookies with the `SameSite` attribute set to `'None'` will be sent with cross-origin requests, which can be controlled by third-party JavaScript code and allow for Cross-Site Request Forgery (CSRF) attacks.\n\n\n## Recommendation\nAlways set `secure` to `True` or add \"; Secure;\" to the cookie's raw value.\n\nAlways set `httponly` to `True` or add \"; HttpOnly;\" to the cookie's raw value.\n\nAlways set `samesite` to `Lax` or `Strict`, or add \"; SameSite=Lax;\", or \"; Samesite=Strict;\" to the cookie's raw header value.\n\n\n## Example\nIn the following examples, the cases marked GOOD show secure cookie attributes being set; whereas in the cases marked BAD they are not set.\n\n\n```python\nfrom flask import Flask, request, make_response, Response\n\n\n@app.route(\"/good1\")\ndef good1():\n    resp = make_response()\n    resp.set_cookie(\"name\", value=\"value\", secure=True, httponly=True, samesite='Strict') # GOOD: Attributes are securely set\n    return resp\n\n\n@app.route(\"/good2\")\ndef good2():\n    resp = make_response()\n    resp.headers['Set-Cookie'] = \"name=value; Secure; HttpOnly; SameSite=Strict\" # GOOD: Attributes are securely set \n    return resp\n\n@app.route(\"/bad1\")\n    resp = make_response()\n    resp.set_cookie(\"name\", value=\"value\", samesite='None') # BAD: the SameSite attribute is set to 'None' and the 'Secure' and 'HttpOnly' attributes are set to False by default.\n    return resp\n```\n\n## References\n* Detectify: [Cookie lack Secure flag](https://support.detectify.com/support/solutions/articles/48001048982-cookie-lack-secure-flag).\n* PortSwigger: [TLS cookie without secure flag set](https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set).\n* Common Weakness Enumeration: [CWE-614](https://cwe.mitre.org/data/definitions/614.html).\n* Common Weakness Enumeration: [CWE-1004](https://cwe.mitre.org/data/definitions/1004.html).\n* Common Weakness Enumeration: [CWE-1275](https://cwe.mitre.org/data/definitions/1275.html).\n"},"id":"py/insecure-cookie","name":"py/insecure-cookie","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-614/InsecureCookie.ql","security-severity":"5","tags":["external/cwe/cwe-1004","external/cwe/cwe-1275","external/cwe/cwe-614","security"]},"shortDescription":{"text":"Failure to use secure cookies"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Leaving the SSL/TLS version unspecified may result in an insecure default protocol being used."},"help":{"markdown":"# Default version of SSL/TLS may be insecure\nThe `ssl.wrap_socket` function defaults to an insecure version of SSL/TLS when no specific protocol version is specified. This may leave the connection vulnerable to attack.\n\n\n## Recommendation\nEnsure that a modern, strong protocol is used. All versions of SSL, and TLS 1.0 and 1.1 are known to be vulnerable to attacks. Using TLS 1.2 or above is strongly recommended. If no explicit `ssl_version` is specified, the default `PROTOCOL_TLS` is chosen. This protocol is insecure because it allows TLS 1.0 and TLS 1.1 and so should not be used.\n\n\n## Example\nThe following code shows two different ways of setting up a connection using SSL or TLS. They are both potentially insecure because the default version is used.\n\n\n```python\nimport ssl\nimport socket\n\n# Using the deprecated ssl.wrap_socket method\nssl.wrap_socket(socket.socket())\n\n# Using SSLContext\ncontext = ssl.SSLContext()\n\n```\nBoth of the cases above should be updated to use a secure protocol instead, for instance by specifying `ssl_version=PROTOCOL_TLSv1_2` as a keyword argument.\n\nThe latter example can also be made secure by modifying the created context before it is used to create a connection. Therefore it will not be flagged by this query. However, if a connection is created before the context has been secured (for example, by setting the value of `minimum_version`), then the code should be flagged by the query `py/insecure-protocol`.\n\nNote that `ssl.wrap_socket` has been deprecated in Python 3.7. The recommended alternatives are:\n\n* `ssl.SSLContext` - supported in Python 2.7.9, 3.2, and later versions\n* `ssl.create_default_context` - a convenience function, supported in Python 3.4 and later versions.\nEven when you use these alternatives, you should ensure that a safe protocol is used. The following code illustrates how to use flags (available since Python 3.2) or the \\`minimum_version\\` field (favored since Python 3.7) to restrict the protocols accepted when creating a connection.\n\n\n```python\nimport ssl\n\n# Using flags to restrict the protocol\ncontext = ssl.SSLContext()\ncontext.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1\n\n# Declaring a minimum version to restrict the protocol\ncontext = ssl.create_default_context()\ncontext.minimum_version = ssl.TLSVersion.TLSv1_2\n\n```\n\n## References\n* Wikipedia: [ Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security).\n* Python 3 documentation: [ class ssl.SSLContext](https://docs.python.org/3/library/ssl.html#ssl.SSLContext).\n* Python 3 documentation: [ ssl.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket).\n* Python 3 documentation: [ notes on context creation](https://docs.python.org/3/library/ssl.html#functions-constants-and-exceptions).\n* Python 3 documentation: [ notes on security considerations](https://docs.python.org/3/library/ssl.html#ssl-security).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n","text":"# Default version of SSL/TLS may be insecure\nThe `ssl.wrap_socket` function defaults to an insecure version of SSL/TLS when no specific protocol version is specified. This may leave the connection vulnerable to attack.\n\n\n## Recommendation\nEnsure that a modern, strong protocol is used. All versions of SSL, and TLS 1.0 and 1.1 are known to be vulnerable to attacks. Using TLS 1.2 or above is strongly recommended. If no explicit `ssl_version` is specified, the default `PROTOCOL_TLS` is chosen. This protocol is insecure because it allows TLS 1.0 and TLS 1.1 and so should not be used.\n\n\n## Example\nThe following code shows two different ways of setting up a connection using SSL or TLS. They are both potentially insecure because the default version is used.\n\n\n```python\nimport ssl\nimport socket\n\n# Using the deprecated ssl.wrap_socket method\nssl.wrap_socket(socket.socket())\n\n# Using SSLContext\ncontext = ssl.SSLContext()\n\n```\nBoth of the cases above should be updated to use a secure protocol instead, for instance by specifying `ssl_version=PROTOCOL_TLSv1_2` as a keyword argument.\n\nThe latter example can also be made secure by modifying the created context before it is used to create a connection. Therefore it will not be flagged by this query. However, if a connection is created before the context has been secured (for example, by setting the value of `minimum_version`), then the code should be flagged by the query `py/insecure-protocol`.\n\nNote that `ssl.wrap_socket` has been deprecated in Python 3.7. The recommended alternatives are:\n\n* `ssl.SSLContext` - supported in Python 2.7.9, 3.2, and later versions\n* `ssl.create_default_context` - a convenience function, supported in Python 3.4 and later versions.\nEven when you use these alternatives, you should ensure that a safe protocol is used. The following code illustrates how to use flags (available since Python 3.2) or the \\`minimum_version\\` field (favored since Python 3.7) to restrict the protocols accepted when creating a connection.\n\n\n```python\nimport ssl\n\n# Using flags to restrict the protocol\ncontext = ssl.SSLContext()\ncontext.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1\n\n# Declaring a minimum version to restrict the protocol\ncontext = ssl.create_default_context()\ncontext.minimum_version = ssl.TLSVersion.TLSv1_2\n\n```\n\n## References\n* Wikipedia: [ Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security).\n* Python 3 documentation: [ class ssl.SSLContext](https://docs.python.org/3/library/ssl.html#ssl.SSLContext).\n* Python 3 documentation: [ ssl.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket).\n* Python 3 documentation: [ notes on context creation](https://docs.python.org/3/library/ssl.html#functions-constants-and-exceptions).\n* Python 3 documentation: [ notes on security considerations](https://docs.python.org/3/library/ssl.html#ssl-security).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n"},"id":"py/insecure-default-protocol","name":"py/insecure-default-protocol","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-327/InsecureDefaultProtocol.ql","security-severity":"7.5","tags":["external/cwe/cwe-327","security"]},"shortDescription":{"text":"Default version of SSL/TLS may be insecure"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Using an insecure SSL/TLS version may leave the connection vulnerable to attacks."},"help":{"markdown":"# Use of insecure SSL/TLS version\nUsing a broken or weak cryptographic protocol may make a connection vulnerable to interference from an attacker.\n\n\n## Recommendation\nEnsure that a modern, strong protocol is used. All versions of SSL, and TLS versions 1.0 and 1.1 are known to be vulnerable to attacks. Using TLS 1.2 or above is strongly recommended.\n\n\n## Example\nThe following code shows a variety of ways of setting up a connection using SSL or TLS. They are all insecure because of the version specified.\n\n\n```python\nimport ssl\nimport socket\n\n# Using the deprecated ssl.wrap_socket method\nssl.wrap_socket(socket.socket(), ssl_version=ssl.PROTOCOL_SSLv2)\n\n# Using SSLContext\ncontext = ssl.SSLContext(ssl_version=ssl.PROTOCOL_SSLv3)\n\n# Using pyOpenSSL\n\nfrom pyOpenSSL import SSL\n\ncontext = SSL.Context(SSL.TLSv1_METHOD)\n\n\n\n```\nAll cases should be updated to use a secure protocol, such as `PROTOCOL_TLSv1_2`.\n\nNote that `ssl.wrap_socket` has been deprecated in Python 3.7. The recommended alternatives are:\n\n* `ssl.SSLContext` - supported in Python 2.7.9, 3.2, and later versions\n* `ssl.create_default_context` - a convenience function, supported in Python 3.4 and later versions.\nEven when you use these alternatives, you should ensure that a safe protocol is used. The following code illustrates how to use flags (available since Python 3.2) or the \\`minimum_version\\` field (favored since Python 3.7) to restrict the protocols accepted when creating a connection.\n\n\n```python\nimport ssl\n\n# Using flags to restrict the protocol\ncontext = ssl.SSLContext()\ncontext.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1\n\n# Declaring a minimum version to restrict the protocol\ncontext = ssl.create_default_context()\ncontext.minimum_version = ssl.TLSVersion.TLSv1_2\n\n```\n\n## References\n* Wikipedia: [ Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security).\n* Python 3 documentation: [ class ssl.SSLContext](https://docs.python.org/3/library/ssl.html#ssl.SSLContext).\n* Python 3 documentation: [ ssl.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket).\n* Python 3 documentation: [ notes on context creation](https://docs.python.org/3/library/ssl.html#functions-constants-and-exceptions).\n* Python 3 documentation: [ notes on security considerations](https://docs.python.org/3/library/ssl.html#ssl-security).\n* pyOpenSSL documentation: [ An interface to the SSL-specific parts of OpenSSL](https://pyopenssl.org/en/stable/api/ssl.html).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n","text":"# Use of insecure SSL/TLS version\nUsing a broken or weak cryptographic protocol may make a connection vulnerable to interference from an attacker.\n\n\n## Recommendation\nEnsure that a modern, strong protocol is used. All versions of SSL, and TLS versions 1.0 and 1.1 are known to be vulnerable to attacks. Using TLS 1.2 or above is strongly recommended.\n\n\n## Example\nThe following code shows a variety of ways of setting up a connection using SSL or TLS. They are all insecure because of the version specified.\n\n\n```python\nimport ssl\nimport socket\n\n# Using the deprecated ssl.wrap_socket method\nssl.wrap_socket(socket.socket(), ssl_version=ssl.PROTOCOL_SSLv2)\n\n# Using SSLContext\ncontext = ssl.SSLContext(ssl_version=ssl.PROTOCOL_SSLv3)\n\n# Using pyOpenSSL\n\nfrom pyOpenSSL import SSL\n\ncontext = SSL.Context(SSL.TLSv1_METHOD)\n\n\n\n```\nAll cases should be updated to use a secure protocol, such as `PROTOCOL_TLSv1_2`.\n\nNote that `ssl.wrap_socket` has been deprecated in Python 3.7. The recommended alternatives are:\n\n* `ssl.SSLContext` - supported in Python 2.7.9, 3.2, and later versions\n* `ssl.create_default_context` - a convenience function, supported in Python 3.4 and later versions.\nEven when you use these alternatives, you should ensure that a safe protocol is used. The following code illustrates how to use flags (available since Python 3.2) or the \\`minimum_version\\` field (favored since Python 3.7) to restrict the protocols accepted when creating a connection.\n\n\n```python\nimport ssl\n\n# Using flags to restrict the protocol\ncontext = ssl.SSLContext()\ncontext.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1\n\n# Declaring a minimum version to restrict the protocol\ncontext = ssl.create_default_context()\ncontext.minimum_version = ssl.TLSVersion.TLSv1_2\n\n```\n\n## References\n* Wikipedia: [ Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security).\n* Python 3 documentation: [ class ssl.SSLContext](https://docs.python.org/3/library/ssl.html#ssl.SSLContext).\n* Python 3 documentation: [ ssl.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket).\n* Python 3 documentation: [ notes on context creation](https://docs.python.org/3/library/ssl.html#functions-constants-and-exceptions).\n* Python 3 documentation: [ notes on security considerations](https://docs.python.org/3/library/ssl.html#ssl-security).\n* pyOpenSSL documentation: [ An interface to the SSL-specific parts of OpenSSL](https://pyopenssl.org/en/stable/api/ssl.html).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n"},"id":"py/insecure-protocol","name":"py/insecure-protocol","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-327/InsecureProtocol.ql","security-severity":"7.5","tags":["external/cwe/cwe-327","security"]},"shortDescription":{"text":"Use of insecure SSL/TLS version"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Creating a temporary file using this method may be insecure."},"help":{"markdown":"# Insecure temporary file\nFunctions that create temporary file names (such as `tempfile.mktemp` and `os.tempnam`) are fundamentally insecure, as they do not ensure exclusive access to a file with the temporary name they return. The file name returned by these functions is guaranteed to be unique on creation but the file must be opened in a separate operation. There is no guarantee that the creation and open operations will happen atomically. This provides an opportunity for an attacker to interfere with the file before it is opened.\n\nNote that `mktemp` has been deprecated since Python 2.3.\n\n\n## Recommendation\nReplace the use of `mktemp` with some of the more secure functions in the `tempfile` module, such as `TemporaryFile`. If the file is intended to be accessed from other processes, consider using the `NamedTemporaryFile` function.\n\n\n## Example\nThe following piece of code opens a temporary file and writes a set of results to it. Because the file name is created using `mktemp`, another process may access this file before it is opened using `open`.\n\n\n```python\nfrom tempfile import mktemp\n\ndef write_results(results):\n    filename = mktemp()\n    with open(filename, \"w+\") as f:\n        f.write(results)\n    print(\"Results written to\", filename)\n\n```\nBy changing the code to use `NamedTemporaryFile` instead, the file is opened immediately.\n\n\n```python\nfrom tempfile import NamedTemporaryFile\n\ndef write_results(results):\n    with NamedTemporaryFile(mode=\"w+\", delete=False) as f:\n        f.write(results)\n    print(\"Results written to\", f.name)\n\n```\n\n## References\n* Python Standard Library: [tempfile.mktemp](https://docs.python.org/3/library/tempfile.html#tempfile.mktemp).\n* Common Weakness Enumeration: [CWE-377](https://cwe.mitre.org/data/definitions/377.html).\n","text":"# Insecure temporary file\nFunctions that create temporary file names (such as `tempfile.mktemp` and `os.tempnam`) are fundamentally insecure, as they do not ensure exclusive access to a file with the temporary name they return. The file name returned by these functions is guaranteed to be unique on creation but the file must be opened in a separate operation. There is no guarantee that the creation and open operations will happen atomically. This provides an opportunity for an attacker to interfere with the file before it is opened.\n\nNote that `mktemp` has been deprecated since Python 2.3.\n\n\n## Recommendation\nReplace the use of `mktemp` with some of the more secure functions in the `tempfile` module, such as `TemporaryFile`. If the file is intended to be accessed from other processes, consider using the `NamedTemporaryFile` function.\n\n\n## Example\nThe following piece of code opens a temporary file and writes a set of results to it. Because the file name is created using `mktemp`, another process may access this file before it is opened using `open`.\n\n\n```python\nfrom tempfile import mktemp\n\ndef write_results(results):\n    filename = mktemp()\n    with open(filename, \"w+\") as f:\n        f.write(results)\n    print(\"Results written to\", filename)\n\n```\nBy changing the code to use `NamedTemporaryFile` instead, the file is opened immediately.\n\n\n```python\nfrom tempfile import NamedTemporaryFile\n\ndef write_results(results):\n    with NamedTemporaryFile(mode=\"w+\", delete=False) as f:\n        f.write(results)\n    print(\"Results written to\", f.name)\n\n```\n\n## References\n* Python Standard Library: [tempfile.mktemp](https://docs.python.org/3/library/tempfile.html#tempfile.mktemp).\n* Common Weakness Enumeration: [CWE-377](https://cwe.mitre.org/data/definitions/377.html).\n"},"id":"py/insecure-temporary-file","name":"py/insecure-temporary-file","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-377/InsecureTemporaryFile.ql","security-severity":"7","tags":["external/cwe/cwe-377","security"]},"shortDescription":{"text":"Insecure temporary file"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Building an LDAP query from user-controlled sources is vulnerable to insertion of malicious LDAP code by the user."},"help":{"markdown":"# LDAP query built from user-controlled sources\nIf an LDAP query or DN is built using string concatenation or string formatting, and the components of the concatenation include user input without any proper sanitization, a user is likely to be able to run malicious LDAP queries.\n\n\n## Recommendation\nIf user input must be included in an LDAP query or DN, it should be escaped to avoid a malicious user providing special characters that change the meaning of the query. In Python2, user input should be escaped with `ldap.dn.escape_dn_chars` or `ldap.filter.escape_filter_chars`, while in Python3, user input should be escaped with `ldap3.utils.dn.escape_rdn` or `ldap3.utils.conv.escape_filter_chars` depending on the component tainted by the user. A good practice is to escape filter characters that could change the meaning of the query (https://tools.ietf.org/search/rfc4515\\#section-3).\n\n\n## Example\nIn the following examples, the code accepts both `username` and `dc` from the user, which it then uses to build a LDAP query and DN.\n\nThe first and the second example uses the unsanitized user input directly in the search filter and DN for the LDAP query. A malicious user could provide special characters to change the meaning of these components, and search for a completely different set of values.\n\n\n```python\nfrom flask import request, Flask\nimport ldap\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    dn = \"dc={}\".format(unsafe_dc)\n    search_filter = \"(user={})\".format(unsafe_filter)\n\n    ldap_connection = ldap.initialize(\"ldap://127.0.0.1\")\n    user = ldap_connection.search_s(\n        dn, ldap.SCOPE_SUBTREE, search_filter)\n\n```\n\n```python\nfrom flask import request, Flask\nimport ldap3\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    dn = \"dc={}\".format(unsafe_dc)\n    search_filter = \"(user={})\".format(unsafe_filter)\n\n    srv = ldap3.Server('ldap://127.0.0.1')\n    conn = ldap3.Connection(srv, user=dn, auto_bind=True)\n    conn.search(dn, search_filter)\n\n```\nIn the third and fourth example, the input provided by the user is sanitized before it is included in the search filter or DN. This ensures the meaning of the query cannot be changed by a malicious user.\n\n\n```python\nfrom flask import request, Flask\nimport ldap\nimport ldap.filter\nimport ldap.dn\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    safe_dc = ldap.dn.escape_dn_chars(unsafe_dc)\n    safe_filter = ldap.filter.escape_filter_chars(unsafe_filter)\n\n    dn = \"dc={}\".format(safe_dc)\n    search_filter = \"(user={})\".format(safe_filter)\n\n    ldap_connection = ldap.initialize(\"ldap://127.0.0.1\")\n    user = ldap_connection.search_s(\n        dn, ldap.SCOPE_SUBTREE, search_filter)\n\n```\n\n```python\nfrom flask import request, Flask\nimport ldap3\nfrom ldap3.utils.dn import escape_rdn\nfrom ldap3.utils.conv import escape_filter_chars\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    safe_dc = escape_rdn(unsafe_dc)\n    safe_filter = escape_filter_chars(unsafe_filter)\n\n    dn = \"dc={}\".format(safe_dc)\n    search_filter = \"(user={})\".format(safe_filter)\n\n    srv = ldap3.Server('ldap://127.0.0.1')\n    conn = ldap3.Connection(srv, user=dn, auto_bind=True)\n    conn.search(dn, search_filter)\n\n```\n\n## References\n* OWASP: [LDAP Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html).\n* OWASP: [LDAP Injection](https://owasp.org/www-community/attacks/LDAP_Injection).\n* SonarSource: [RSPEC-2078](https://rules.sonarsource.com/python/RSPEC-2078).\n* Python2: [LDAP Documentation](https://www.python-ldap.org/en/python-ldap-3.3.0/reference/ldap.html).\n* Python3: [LDAP Documentation](https://ldap3.readthedocs.io/en/latest/).\n* Wikipedia: [LDAP injection](https://en.wikipedia.org/wiki/LDAP_injection).\n* BlackHat: [LDAP Injection and Blind LDAP Injection](https://www.blackhat.com/presentations/bh-europe-08/Alonso-Parada/Whitepaper/bh-eu-08-alonso-parada-WP.pdf).\n* LDAP: [Understanding and Defending Against LDAP Injection Attacks](https://ldap.com/2018/05/04/understanding-and-defending-against-ldap-injection-attacks/).\n* Common Weakness Enumeration: [CWE-90](https://cwe.mitre.org/data/definitions/90.html).\n","text":"# LDAP query built from user-controlled sources\nIf an LDAP query or DN is built using string concatenation or string formatting, and the components of the concatenation include user input without any proper sanitization, a user is likely to be able to run malicious LDAP queries.\n\n\n## Recommendation\nIf user input must be included in an LDAP query or DN, it should be escaped to avoid a malicious user providing special characters that change the meaning of the query. In Python2, user input should be escaped with `ldap.dn.escape_dn_chars` or `ldap.filter.escape_filter_chars`, while in Python3, user input should be escaped with `ldap3.utils.dn.escape_rdn` or `ldap3.utils.conv.escape_filter_chars` depending on the component tainted by the user. A good practice is to escape filter characters that could change the meaning of the query (https://tools.ietf.org/search/rfc4515\\#section-3).\n\n\n## Example\nIn the following examples, the code accepts both `username` and `dc` from the user, which it then uses to build a LDAP query and DN.\n\nThe first and the second example uses the unsanitized user input directly in the search filter and DN for the LDAP query. A malicious user could provide special characters to change the meaning of these components, and search for a completely different set of values.\n\n\n```python\nfrom flask import request, Flask\nimport ldap\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    dn = \"dc={}\".format(unsafe_dc)\n    search_filter = \"(user={})\".format(unsafe_filter)\n\n    ldap_connection = ldap.initialize(\"ldap://127.0.0.1\")\n    user = ldap_connection.search_s(\n        dn, ldap.SCOPE_SUBTREE, search_filter)\n\n```\n\n```python\nfrom flask import request, Flask\nimport ldap3\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    dn = \"dc={}\".format(unsafe_dc)\n    search_filter = \"(user={})\".format(unsafe_filter)\n\n    srv = ldap3.Server('ldap://127.0.0.1')\n    conn = ldap3.Connection(srv, user=dn, auto_bind=True)\n    conn.search(dn, search_filter)\n\n```\nIn the third and fourth example, the input provided by the user is sanitized before it is included in the search filter or DN. This ensures the meaning of the query cannot be changed by a malicious user.\n\n\n```python\nfrom flask import request, Flask\nimport ldap\nimport ldap.filter\nimport ldap.dn\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    safe_dc = ldap.dn.escape_dn_chars(unsafe_dc)\n    safe_filter = ldap.filter.escape_filter_chars(unsafe_filter)\n\n    dn = \"dc={}\".format(safe_dc)\n    search_filter = \"(user={})\".format(safe_filter)\n\n    ldap_connection = ldap.initialize(\"ldap://127.0.0.1\")\n    user = ldap_connection.search_s(\n        dn, ldap.SCOPE_SUBTREE, search_filter)\n\n```\n\n```python\nfrom flask import request, Flask\nimport ldap3\nfrom ldap3.utils.dn import escape_rdn\nfrom ldap3.utils.conv import escape_filter_chars\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    safe_dc = escape_rdn(unsafe_dc)\n    safe_filter = escape_filter_chars(unsafe_filter)\n\n    dn = \"dc={}\".format(safe_dc)\n    search_filter = \"(user={})\".format(safe_filter)\n\n    srv = ldap3.Server('ldap://127.0.0.1')\n    conn = ldap3.Connection(srv, user=dn, auto_bind=True)\n    conn.search(dn, search_filter)\n\n```\n\n## References\n* OWASP: [LDAP Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html).\n* OWASP: [LDAP Injection](https://owasp.org/www-community/attacks/LDAP_Injection).\n* SonarSource: [RSPEC-2078](https://rules.sonarsource.com/python/RSPEC-2078).\n* Python2: [LDAP Documentation](https://www.python-ldap.org/en/python-ldap-3.3.0/reference/ldap.html).\n* Python3: [LDAP Documentation](https://ldap3.readthedocs.io/en/latest/).\n* Wikipedia: [LDAP injection](https://en.wikipedia.org/wiki/LDAP_injection).\n* BlackHat: [LDAP Injection and Blind LDAP Injection](https://www.blackhat.com/presentations/bh-europe-08/Alonso-Parada/Whitepaper/bh-eu-08-alonso-parada-WP.pdf).\n* LDAP: [Understanding and Defending Against LDAP Injection Attacks](https://ldap.com/2018/05/04/understanding-and-defending-against-ldap-injection-attacks/).\n* Common Weakness Enumeration: [CWE-90](https://cwe.mitre.org/data/definitions/90.html).\n"},"id":"py/ldap-injection","name":"py/ldap-injection","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-090/LdapInjection.ql","security-severity":"9.8","tags":["external/cwe/cwe-090","security"]},"shortDescription":{"text":"LDAP query built from user-controlled sources"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Building a NoSQL query from user-controlled sources is vulnerable to insertion of malicious NoSQL code by the user."},"help":{"markdown":"# NoSQL Injection\nPassing user-controlled sources into NoSQL queries can result in a NoSQL injection flaw. This tainted NoSQL query containing a user-controlled source can then execute a malicious query in a NoSQL database such as MongoDB. In order for the user-controlled source to taint the NoSQL query, the user-controller source must be converted into a Python object using something like `json.loads` or `xmltodict.parse`.\n\nBecause a user-controlled source is passed into the query, the malicious user can have complete control over the query itself. When the tainted query is executed, the malicious user can commit malicious actions such as bypassing role restrictions or accessing and modifying restricted data in the NoSQL database.\n\n\n## Recommendation\nNoSQL injections can be prevented by escaping user-input's special characters that are passed into the NoSQL query from the user-supplied source. Alternatively, using a sanitize library such as MongoSanitizer will ensure that user-supplied sources can not act as a malicious query.\n\n\n## Example\nIn the example below, the user-supplied source is passed to a MongoDB function that queries the MongoDB database.\n\n\n```python\nfrom flask import Flask, request\nfrom flask_pymongo import PyMongo\nimport json\n\nmongo = PyMongo(app)\n\n\n@app.route(\"/\")\ndef home_page():\n    unsanitized_search = request.args['search']\n    json_search = json.loads(unsanitized_search)\n\n    result = mongo.db.user.find({'name': json_search})\n\n```\nThis can be fixed by using a sanitizer library like MongoSanitizer as shown in this annotated code version below.\n\n\n```python\nfrom flask import Flask, request\nfrom flask_pymongo import PyMongo\nfrom mongosanitizer.sanitizer import sanitize\nimport json\n\nmongo = PyMongo(app)\n\n\n@app.route(\"/\")\ndef home_page():\n    unsafe_search = request.args['search']\n    json_search = json.loads(unsafe_search)\n    safe_search = sanitize(unsanitized_search)\n\n    result = client.db.collection.find_one({'data': safe_search})\n\n```\n\n## References\n* Mongoengine: [Documentation](http://mongoengine.org/).\n* Flask-Mongoengine: [Documentation](http://docs.mongoengine.org/projects/flask-mongoengine/en/latest/).\n* PyMongo: [Documentation](https://pypi.org/project/pymongo/).\n* Flask-PyMongo: [Documentation](https://flask-pymongo.readthedocs.io/en/latest/).\n* OWASP: [NoSQL Injection](https://owasp.org/www-pdf-archive/GOD16-NOSQL.pdf).\n* Security Stack Exchange Discussion: [Question 83231](https://security.stackexchange.com/questions/83231/mongodb-nosql-injection-in-python-code).\n* Common Weakness Enumeration: [CWE-943](https://cwe.mitre.org/data/definitions/943.html).\n","text":"# NoSQL Injection\nPassing user-controlled sources into NoSQL queries can result in a NoSQL injection flaw. This tainted NoSQL query containing a user-controlled source can then execute a malicious query in a NoSQL database such as MongoDB. In order for the user-controlled source to taint the NoSQL query, the user-controller source must be converted into a Python object using something like `json.loads` or `xmltodict.parse`.\n\nBecause a user-controlled source is passed into the query, the malicious user can have complete control over the query itself. When the tainted query is executed, the malicious user can commit malicious actions such as bypassing role restrictions or accessing and modifying restricted data in the NoSQL database.\n\n\n## Recommendation\nNoSQL injections can be prevented by escaping user-input's special characters that are passed into the NoSQL query from the user-supplied source. Alternatively, using a sanitize library such as MongoSanitizer will ensure that user-supplied sources can not act as a malicious query.\n\n\n## Example\nIn the example below, the user-supplied source is passed to a MongoDB function that queries the MongoDB database.\n\n\n```python\nfrom flask import Flask, request\nfrom flask_pymongo import PyMongo\nimport json\n\nmongo = PyMongo(app)\n\n\n@app.route(\"/\")\ndef home_page():\n    unsanitized_search = request.args['search']\n    json_search = json.loads(unsanitized_search)\n\n    result = mongo.db.user.find({'name': json_search})\n\n```\nThis can be fixed by using a sanitizer library like MongoSanitizer as shown in this annotated code version below.\n\n\n```python\nfrom flask import Flask, request\nfrom flask_pymongo import PyMongo\nfrom mongosanitizer.sanitizer import sanitize\nimport json\n\nmongo = PyMongo(app)\n\n\n@app.route(\"/\")\ndef home_page():\n    unsafe_search = request.args['search']\n    json_search = json.loads(unsafe_search)\n    safe_search = sanitize(unsanitized_search)\n\n    result = client.db.collection.find_one({'data': safe_search})\n\n```\n\n## References\n* Mongoengine: [Documentation](http://mongoengine.org/).\n* Flask-Mongoengine: [Documentation](http://docs.mongoengine.org/projects/flask-mongoengine/en/latest/).\n* PyMongo: [Documentation](https://pypi.org/project/pymongo/).\n* Flask-PyMongo: [Documentation](https://flask-pymongo.readthedocs.io/en/latest/).\n* OWASP: [NoSQL Injection](https://owasp.org/www-pdf-archive/GOD16-NOSQL.pdf).\n* Security Stack Exchange Discussion: [Question 83231](https://security.stackexchange.com/questions/83231/mongodb-nosql-injection-in-python-code).\n* Common Weakness Enumeration: [CWE-943](https://cwe.mitre.org/data/definitions/943.html).\n"},"id":"py/nosql-injection","name":"py/nosql-injection","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-943/NoSqlInjection.ql","security-severity":"8.8","tags":["external/cwe/cwe-943","security"]},"shortDescription":{"text":"NoSQL Injection"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Overly permissive regular expression ranges match a wider range of characters than intended. This may allow an attacker to bypass a filter or sanitizer."},"help":{"markdown":"# Overly permissive regular expression range\nIt's easy to write a regular expression range that matches a wider range of characters than you intended. For example, `/[a-zA-z]/` matches all lowercase and all uppercase letters, as you would expect, but it also matches the characters: `` [ \\ ] ^ _ ` ``.\n\nAnother common problem is failing to escape the dash character in a regular expression. An unescaped dash is interpreted as part of a range. For example, in the character class `[a-zA-Z0-9%=.,-_]` the last character range matches the 55 characters between `,` and `_` (both included), which overlaps with the range `[0-9]` and is clearly not intended by the writer.\n\n\n## Recommendation\nAvoid any confusion about which characters are included in the range by writing unambiguous regular expressions. Always check that character ranges match only the expected characters.\n\n\n## Example\nThe following example code is intended to check whether a string is a valid 6 digit hex color.\n\n```python\n\nimport re\ndef is_valid_hex_color(color):\n    return re.match(r'^#[0-9a-fA-f]{6}$', color) is not None\n\n```\nHowever, the `A-f` range is overly large and matches every uppercase character. It would parse a \"color\" like `#XXYYZZ` as valid.\n\nThe fix is to use an uppercase `A-F` range instead.\n\n```python\n\nimport re\ndef is_valid_hex_color(color):\n    return re.match(r'^#[0-9a-fA-F]{6}$', color) is not None\n\n```\n\n## References\n* GitHub Advisory Database: [CVE-2021-42740: Improper Neutralization of Special Elements used in a Command in Shell-quote](https://github.com/advisories/GHSA-g4rg-993r-mgx7)\n* wh0.github.io: [Exploiting CVE-2021-42740](https://wh0.github.io/2021/10/28/shell-quote-rce-exploiting.html)\n* Yosuke Ota: [no-obscure-range](https://ota-meshi.github.io/eslint-plugin-regexp/rules/no-obscure-range.html)\n* Paul Boyd: [The regex \\[,-.\\]](https://pboyd.io/posts/comma-dash-dot/)\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n","text":"# Overly permissive regular expression range\nIt's easy to write a regular expression range that matches a wider range of characters than you intended. For example, `/[a-zA-z]/` matches all lowercase and all uppercase letters, as you would expect, but it also matches the characters: `` [ \\ ] ^ _ ` ``.\n\nAnother common problem is failing to escape the dash character in a regular expression. An unescaped dash is interpreted as part of a range. For example, in the character class `[a-zA-Z0-9%=.,-_]` the last character range matches the 55 characters between `,` and `_` (both included), which overlaps with the range `[0-9]` and is clearly not intended by the writer.\n\n\n## Recommendation\nAvoid any confusion about which characters are included in the range by writing unambiguous regular expressions. Always check that character ranges match only the expected characters.\n\n\n## Example\nThe following example code is intended to check whether a string is a valid 6 digit hex color.\n\n```python\n\nimport re\ndef is_valid_hex_color(color):\n    return re.match(r'^#[0-9a-fA-f]{6}$', color) is not None\n\n```\nHowever, the `A-f` range is overly large and matches every uppercase character. It would parse a \"color\" like `#XXYYZZ` as valid.\n\nThe fix is to use an uppercase `A-F` range instead.\n\n```python\n\nimport re\ndef is_valid_hex_color(color):\n    return re.match(r'^#[0-9a-fA-F]{6}$', color) is not None\n\n```\n\n## References\n* GitHub Advisory Database: [CVE-2021-42740: Improper Neutralization of Special Elements used in a Command in Shell-quote](https://github.com/advisories/GHSA-g4rg-993r-mgx7)\n* wh0.github.io: [Exploiting CVE-2021-42740](https://wh0.github.io/2021/10/28/shell-quote-rce-exploiting.html)\n* Yosuke Ota: [no-obscure-range](https://ota-meshi.github.io/eslint-plugin-regexp/rules/no-obscure-range.html)\n* Paul Boyd: [The regex \\[,-.\\]](https://pboyd.io/posts/comma-dash-dot/)\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n"},"id":"py/overly-large-range","name":"py/overly-large-range","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-020/OverlyLargeRange.ql","security-severity":"5","tags":["correctness","external/cwe/cwe-020","security"]},"shortDescription":{"text":"Overly permissive regular expression range"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Not using `pam_acct_mgmt` after `pam_authenticate` to check the validity of a login can lead to authorization bypass."},"help":{"markdown":"# PAM authorization bypass due to incorrect usage\nUsing only a call to `pam_authenticate` to check the validity of a login can lead to authorization bypass vulnerabilities.\n\nA `pam_authenticate` only verifies the credentials of a user. It does not check if a user has an appropriate authorization to actually login. This means a user with an expired login or a password can still access the system.\n\n\n## Recommendation\nA call to `pam_authenticate` should be followed by a call to `pam_acct_mgmt` to check if a user is allowed to login.\n\n\n## Example\nIn the following example, the code only checks the credentials of a user. Hence, in this case, a user with expired credentials can still login. This can be verified by creating a new user account, expiring it with ``` chage -E0 `username`  ``` and then trying to log in.\n\n\n```python\nlibpam                    = CDLL(find_library(\"pam\"))\n\npam_authenticate          = libpam.pam_authenticate\npam_authenticate.restype  = c_int\npam_authenticate.argtypes = [PamHandle, c_int]\n\ndef authenticate(username, password, service='login'):\n    def my_conv(n_messages, messages, p_response, app_data):\n        \"\"\"\n        Simple conversation function that responds to any prompt where the echo is off with the supplied password\n        \"\"\"\n        ...\n\n    handle = PamHandle()\n    conv   = PamConv(my_conv, 0)\n    retval = pam_start(service, username, byref(conv), byref(handle))\n\n    retval = pam_authenticate(handle, 0)\n    return retval == 0\n\n```\nThis can be avoided by calling `pam_acct_mgmt` call to verify access as has been done in the snippet shown below.\n\n\n```python\nlibpam                    = CDLL(find_library(\"pam\"))\n\npam_authenticate          = libpam.pam_authenticate\npam_authenticate.restype  = c_int\npam_authenticate.argtypes = [PamHandle, c_int]\n\npam_acct_mgmt          = libpam.pam_acct_mgmt\npam_acct_mgmt.restype  = c_int\npam_acct_mgmt.argtypes = [PamHandle, c_int]\n\ndef authenticate(username, password, service='login'):\n    def my_conv(n_messages, messages, p_response, app_data):\n        \"\"\"\n        Simple conversation function that responds to any prompt where the echo is off with the supplied password\n        \"\"\"\n        ...\n\n    handle = PamHandle()\n    conv   = PamConv(my_conv, 0)\n    retval = pam_start(service, username, byref(conv), byref(handle))\n\n    retval = pam_authenticate(handle, 0)\n    if retval == 0:\n        retval = pam_acct_mgmt(handle, 0)\n    return retval == 0\n\n```\n\n## References\n* Man-Page: [pam_acct_mgmt](https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html)\n* Common Weakness Enumeration: [CWE-285](https://cwe.mitre.org/data/definitions/285.html).\n","text":"# PAM authorization bypass due to incorrect usage\nUsing only a call to `pam_authenticate` to check the validity of a login can lead to authorization bypass vulnerabilities.\n\nA `pam_authenticate` only verifies the credentials of a user. It does not check if a user has an appropriate authorization to actually login. This means a user with an expired login or a password can still access the system.\n\n\n## Recommendation\nA call to `pam_authenticate` should be followed by a call to `pam_acct_mgmt` to check if a user is allowed to login.\n\n\n## Example\nIn the following example, the code only checks the credentials of a user. Hence, in this case, a user with expired credentials can still login. This can be verified by creating a new user account, expiring it with ``` chage -E0 `username`  ``` and then trying to log in.\n\n\n```python\nlibpam                    = CDLL(find_library(\"pam\"))\n\npam_authenticate          = libpam.pam_authenticate\npam_authenticate.restype  = c_int\npam_authenticate.argtypes = [PamHandle, c_int]\n\ndef authenticate(username, password, service='login'):\n    def my_conv(n_messages, messages, p_response, app_data):\n        \"\"\"\n        Simple conversation function that responds to any prompt where the echo is off with the supplied password\n        \"\"\"\n        ...\n\n    handle = PamHandle()\n    conv   = PamConv(my_conv, 0)\n    retval = pam_start(service, username, byref(conv), byref(handle))\n\n    retval = pam_authenticate(handle, 0)\n    return retval == 0\n\n```\nThis can be avoided by calling `pam_acct_mgmt` call to verify access as has been done in the snippet shown below.\n\n\n```python\nlibpam                    = CDLL(find_library(\"pam\"))\n\npam_authenticate          = libpam.pam_authenticate\npam_authenticate.restype  = c_int\npam_authenticate.argtypes = [PamHandle, c_int]\n\npam_acct_mgmt          = libpam.pam_acct_mgmt\npam_acct_mgmt.restype  = c_int\npam_acct_mgmt.argtypes = [PamHandle, c_int]\n\ndef authenticate(username, password, service='login'):\n    def my_conv(n_messages, messages, p_response, app_data):\n        \"\"\"\n        Simple conversation function that responds to any prompt where the echo is off with the supplied password\n        \"\"\"\n        ...\n\n    handle = PamHandle()\n    conv   = PamConv(my_conv, 0)\n    retval = pam_start(service, username, byref(conv), byref(handle))\n\n    retval = pam_authenticate(handle, 0)\n    if retval == 0:\n        retval = pam_acct_mgmt(handle, 0)\n    return retval == 0\n\n```\n\n## References\n* Man-Page: [pam_acct_mgmt](https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html)\n* Common Weakness Enumeration: [CWE-285](https://cwe.mitre.org/data/definitions/285.html).\n"},"id":"py/pam-auth-bypass","name":"py/pam-auth-bypass","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-285/PamAuthorization.ql","security-severity":"8.1","tags":["external/cwe/cwe-285","security"]},"shortDescription":{"text":"PAM authorization bypass due to incorrect usage"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Accepting unknown host keys can allow man-in-the-middle attacks."},"help":{"markdown":"# Accepting unknown SSH host keys when using Paramiko\nIn the Secure Shell (SSH) protocol, host keys are used to verify the identity of remote hosts. Accepting unknown host keys may leave the connection open to man-in-the-middle attacks.\n\n\n## Recommendation\nDo not accept unknown host keys. In particular, do not set the default missing host key policy for the Paramiko library to either `AutoAddPolicy` or `WarningPolicy`. Both of these policies continue even when the host key is unknown. The default setting of `RejectPolicy` is secure because it throws an exception when it encounters an unknown host key.\n\n\n## Example\nThe following example shows two ways of opening an SSH connection to `example.com`. The first function sets the missing host key policy to `AutoAddPolicy`. If the host key verification fails, the client will continue to interact with the server, even though the connection may be compromised. The second function sets the host key policy to `RejectPolicy`, and will throw an exception if the host key verification fails.\n\n\n```python\nfrom paramiko.client import SSHClient, AutoAddPolicy, RejectPolicy\n\ndef unsafe_connect():\n    client = SSHClient()\n    client.set_missing_host_key_policy(AutoAddPolicy)\n    client.connect(\"example.com\")\n\n    # ... interaction with server\n\n    client.close()\n\ndef safe_connect():\n    client = SSHClient()\n    client.set_missing_host_key_policy(RejectPolicy)\n    client.connect(\"example.com\")\n\n    # ... interaction with server\n\n    client.close()\n\n```\n\n## References\n* Paramiko documentation: [set_missing_host_key_policy](http://docs.paramiko.org/en/2.4/api/client.html?highlight=set_missing_host_key_policy#paramiko.client.SSHClient.set_missing_host_key_policy).\n* Common Weakness Enumeration: [CWE-295](https://cwe.mitre.org/data/definitions/295.html).\n","text":"# Accepting unknown SSH host keys when using Paramiko\nIn the Secure Shell (SSH) protocol, host keys are used to verify the identity of remote hosts. Accepting unknown host keys may leave the connection open to man-in-the-middle attacks.\n\n\n## Recommendation\nDo not accept unknown host keys. In particular, do not set the default missing host key policy for the Paramiko library to either `AutoAddPolicy` or `WarningPolicy`. Both of these policies continue even when the host key is unknown. The default setting of `RejectPolicy` is secure because it throws an exception when it encounters an unknown host key.\n\n\n## Example\nThe following example shows two ways of opening an SSH connection to `example.com`. The first function sets the missing host key policy to `AutoAddPolicy`. If the host key verification fails, the client will continue to interact with the server, even though the connection may be compromised. The second function sets the host key policy to `RejectPolicy`, and will throw an exception if the host key verification fails.\n\n\n```python\nfrom paramiko.client import SSHClient, AutoAddPolicy, RejectPolicy\n\ndef unsafe_connect():\n    client = SSHClient()\n    client.set_missing_host_key_policy(AutoAddPolicy)\n    client.connect(\"example.com\")\n\n    # ... interaction with server\n\n    client.close()\n\ndef safe_connect():\n    client = SSHClient()\n    client.set_missing_host_key_policy(RejectPolicy)\n    client.connect(\"example.com\")\n\n    # ... interaction with server\n\n    client.close()\n\n```\n\n## References\n* Paramiko documentation: [set_missing_host_key_policy](http://docs.paramiko.org/en/2.4/api/client.html?highlight=set_missing_host_key_policy#paramiko.client.SSHClient.set_missing_host_key_policy).\n* Common Weakness Enumeration: [CWE-295](https://cwe.mitre.org/data/definitions/295.html).\n"},"id":"py/paramiko-missing-host-key-validation","name":"py/paramiko-missing-host-key-validation","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-295/MissingHostKeyValidation.ql","security-severity":"7.5","tags":["external/cwe/cwe-295","security"]},"shortDescription":{"text":"Accepting unknown SSH host keys when using Paramiko"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Accessing paths influenced by users can allow an attacker to access unexpected resources."},"help":{"markdown":"# Uncontrolled data used in path expression\nAccessing files using paths constructed from user-controlled data can allow an attacker to access unexpected resources. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\n\n## Recommendation\nValidate user input before using it to construct a file path, either using an off-the-shelf library function like `werkzeug.utils.secure_filename`, or by performing custom validation.\n\nIdeally, follow these rules:\n\n* Do not allow more than a single \".\" character.\n* Do not allow directory separators such as \"/\" or \"\\\\\" (depending on the file system).\n* Do not rely on simply replacing problematic sequences such as \"../\". For example, after applying this filter to \".../...//\", the resulting string would still be \"../\".\n* Use an allowlist of known good patterns.\n\n## Example\nIn the first example, a file name is read from an HTTP request and then used to access a file. However, a malicious user could enter a file name that is an absolute path, such as `\"/etc/passwd\"`.\n\nIn the second example, it appears that the user is restricted to opening a file within the `\"user\"` home directory. However, a malicious user could enter a file name containing special characters. For example, the string `\"../../../etc/passwd\"` will result in the code reading the file located at `\"/server/static/images/../../../etc/passwd\"`, which is the system's password file. This file would then be sent back to the user, giving them access to all the system's passwords. Note that a user could also use an absolute path here, since the result of `os.path.join(\"/server/static/images/\", \"/etc/passwd\")` is `\"/etc/passwd\"`.\n\nIn the third example, the path used to access the file system is normalized *before* being checked against a known prefix. This ensures that regardless of the user input, the resulting path is safe.\n\n\n```python\nimport os.path\nfrom flask import Flask, request, abort\n\napp = Flask(__name__)\n\n@app.route(\"/user_picture1\")\ndef user_picture1():\n    filename = request.args.get('p')\n    # BAD: This could read any file on the file system\n    data = open(filename, 'rb').read()\n    return data\n\n@app.route(\"/user_picture2\")\ndef user_picture2():\n    base_path = '/server/static/images'\n    filename = request.args.get('p')\n    # BAD: This could still read any file on the file system\n    data = open(os.path.join(base_path, filename), 'rb').read()\n    return data\n\n@app.route(\"/user_picture3\")\ndef user_picture3():\n    base_path = '/server/static/images'\n    filename = request.args.get('p')\n    #GOOD -- Verify with normalised version of path\n    fullpath = os.path.normpath(os.path.join(base_path, filename))\n    if not fullpath.startswith(base_path):\n        raise Exception(\"not allowed\")\n    data = open(fullpath, 'rb').read()\n    return data\n\n```\n\n## References\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* npm: [werkzeug.utils.secure_filename](http://werkzeug.pocoo.org/docs/utils/#werkzeug.utils.secure_filename).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n* Common Weakness Enumeration: [CWE-23](https://cwe.mitre.org/data/definitions/23.html).\n* Common Weakness Enumeration: [CWE-36](https://cwe.mitre.org/data/definitions/36.html).\n* Common Weakness Enumeration: [CWE-73](https://cwe.mitre.org/data/definitions/73.html).\n* Common Weakness Enumeration: [CWE-99](https://cwe.mitre.org/data/definitions/99.html).\n","text":"# Uncontrolled data used in path expression\nAccessing files using paths constructed from user-controlled data can allow an attacker to access unexpected resources. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\n\n## Recommendation\nValidate user input before using it to construct a file path, either using an off-the-shelf library function like `werkzeug.utils.secure_filename`, or by performing custom validation.\n\nIdeally, follow these rules:\n\n* Do not allow more than a single \".\" character.\n* Do not allow directory separators such as \"/\" or \"\\\\\" (depending on the file system).\n* Do not rely on simply replacing problematic sequences such as \"../\". For example, after applying this filter to \".../...//\", the resulting string would still be \"../\".\n* Use an allowlist of known good patterns.\n\n## Example\nIn the first example, a file name is read from an HTTP request and then used to access a file. However, a malicious user could enter a file name that is an absolute path, such as `\"/etc/passwd\"`.\n\nIn the second example, it appears that the user is restricted to opening a file within the `\"user\"` home directory. However, a malicious user could enter a file name containing special characters. For example, the string `\"../../../etc/passwd\"` will result in the code reading the file located at `\"/server/static/images/../../../etc/passwd\"`, which is the system's password file. This file would then be sent back to the user, giving them access to all the system's passwords. Note that a user could also use an absolute path here, since the result of `os.path.join(\"/server/static/images/\", \"/etc/passwd\")` is `\"/etc/passwd\"`.\n\nIn the third example, the path used to access the file system is normalized *before* being checked against a known prefix. This ensures that regardless of the user input, the resulting path is safe.\n\n\n```python\nimport os.path\nfrom flask import Flask, request, abort\n\napp = Flask(__name__)\n\n@app.route(\"/user_picture1\")\ndef user_picture1():\n    filename = request.args.get('p')\n    # BAD: This could read any file on the file system\n    data = open(filename, 'rb').read()\n    return data\n\n@app.route(\"/user_picture2\")\ndef user_picture2():\n    base_path = '/server/static/images'\n    filename = request.args.get('p')\n    # BAD: This could still read any file on the file system\n    data = open(os.path.join(base_path, filename), 'rb').read()\n    return data\n\n@app.route(\"/user_picture3\")\ndef user_picture3():\n    base_path = '/server/static/images'\n    filename = request.args.get('p')\n    #GOOD -- Verify with normalised version of path\n    fullpath = os.path.normpath(os.path.join(base_path, filename))\n    if not fullpath.startswith(base_path):\n        raise Exception(\"not allowed\")\n    data = open(fullpath, 'rb').read()\n    return data\n\n```\n\n## References\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* npm: [werkzeug.utils.secure_filename](http://werkzeug.pocoo.org/docs/utils/#werkzeug.utils.secure_filename).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n* Common Weakness Enumeration: [CWE-23](https://cwe.mitre.org/data/definitions/23.html).\n* Common Weakness Enumeration: [CWE-36](https://cwe.mitre.org/data/definitions/36.html).\n* Common Weakness Enumeration: [CWE-73](https://cwe.mitre.org/data/definitions/73.html).\n* Common Weakness Enumeration: [CWE-99](https://cwe.mitre.org/data/definitions/99.html).\n"},"id":"py/path-injection","name":"py/path-injection","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-022/PathInjection.ql","security-severity":"7.5","tags":["correctness","external/cwe/cwe-022","external/cwe/cwe-023","external/cwe/cwe-036","external/cwe/cwe-073","external/cwe/cwe-099","security"]},"shortDescription":{"text":"Uncontrolled data used in path expression"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"A regular expression that can require polynomial time to match may be vulnerable to denial-of-service attacks."},"help":{"markdown":"# Polynomial regular expression used on uncontrolled data\nSome regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length *n* is proportional to *n\u003csup\u003ek\u003c/sup\u003e* or even *2\u003csup\u003en\u003c/sup\u003e*. Such regular expressions can negatively affect performance, or even allow a malicious user to perform a Denial of Service (\"DoS\") attack by crafting an expensive input string for the regular expression to match.\n\nThe regular expression engine provided by Python uses a backtracking non-deterministic finite automata to implement regular expression matching. While this approach is space-efficient and allows supporting advanced features like capture groups, it is not time-efficient in general. The worst-case time complexity of such an automaton can be polynomial or even exponential, meaning that for strings of a certain shape, increasing the input length by ten characters may make the automaton about 1000 times slower.\n\nTypically, a regular expression is affected by this problem if it contains a repetition of the form `r*` or `r+` where the sub-expression `r` is ambiguous in the sense that it can match some string in multiple ways. More information about the precise circumstances can be found in the references.\n\n\n## Recommendation\nModify the regular expression to remove the ambiguity, or ensure that the strings matched with the regular expression are short enough that the time-complexity does not matter.\n\n\n## Example\nConsider this use of a regular expression, which removes all leading and trailing whitespace in a string:\n\n```python\n\nre.sub(r\"^\\s+|\\s+$\", \"\", text) # BAD\n```\nThe sub-expression `\"\\s+$\"` will match the whitespace characters in `text` from left to right, but it can start matching anywhere within a whitespace sequence. This is problematic for strings that do **not** end with a whitespace character. Such a string will force the regular expression engine to process each whitespace sequence once per whitespace character in the sequence.\n\nThis ultimately means that the time cost of trimming a string is quadratic in the length of the string. So a string like `\"a b\"` will take milliseconds to process, but a similar string with a million spaces instead of just one will take several minutes.\n\nAvoid this problem by rewriting the regular expression to not contain the ambiguity about when to start matching whitespace sequences. For instance, by using a negative look-behind (`^\\s+|(?\u003c!\\s)\\s+$`), or just by using the built-in strip method (`text.strip()`).\n\nNote that the sub-expression `\"^\\s+\"` is **not** problematic as the `^` anchor restricts when that sub-expression can start matching, and as the regular expression engine matches from left to right.\n\n\n## Example\nAs a similar, but slightly subtler problem, consider the regular expression that matches lines with numbers, possibly written using scientific notation:\n\n```python\n\n^0\\.\\d+E?\\d+$ # BAD\n```\nThe problem with this regular expression is in the sub-expression `\\d+E?\\d+` because the second `\\d+` can start matching digits anywhere after the first match of the first `\\d+` if there is no `E` in the input string.\n\nThis is problematic for strings that do **not** end with a digit. Such a string will force the regular expression engine to process each digit sequence once per digit in the sequence, again leading to a quadratic time complexity.\n\nTo make the processing faster, the regular expression should be rewritten such that the two `\\d+` sub-expressions do not have overlapping matches: `^0\\.\\d+(E\\d+)?$`.\n\n\n## Example\nSometimes it is unclear how a regular expression can be rewritten to avoid the problem. In such cases, it often suffices to limit the length of the input string. For instance, the following regular expression is used to match numbers, and on some non-number inputs it can have quadratic time complexity:\n\n```python\n\nmatch = re.search(r'^(\\+|-)?(\\d+|(\\d*\\.\\d*))?(E|e)?([-+])?(\\d+)?$', str) \n```\nIt is not immediately obvious how to rewrite this regular expression to avoid the problem. However, you can mitigate performance issues by limiting the length to 1000 characters, which will always finish in a reasonable amount of time.\n\n```python\n\nif len(str) \u003e 1000:\n    raise ValueError(\"Input too long\")\n\nmatch = re.search(r'^(\\+|-)?(\\d+|(\\d*\\.\\d*))?(E|e)?([-+])?(\\d+)?$', str) \n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Wikipedia: [Time complexity](https://en.wikipedia.org/wiki/Time_complexity).\n* James Kirrage, Asiri Rathnayake, Hayo Thielecke: [Static Analysis for Regular Expression Denial-of-Service Attack](https://arxiv.org/abs/1301.0849).\n* Common Weakness Enumeration: [CWE-1333](https://cwe.mitre.org/data/definitions/1333.html).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n","text":"# Polynomial regular expression used on uncontrolled data\nSome regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length *n* is proportional to *n\u003csup\u003ek\u003c/sup\u003e* or even *2\u003csup\u003en\u003c/sup\u003e*. Such regular expressions can negatively affect performance, or even allow a malicious user to perform a Denial of Service (\"DoS\") attack by crafting an expensive input string for the regular expression to match.\n\nThe regular expression engine provided by Python uses a backtracking non-deterministic finite automata to implement regular expression matching. While this approach is space-efficient and allows supporting advanced features like capture groups, it is not time-efficient in general. The worst-case time complexity of such an automaton can be polynomial or even exponential, meaning that for strings of a certain shape, increasing the input length by ten characters may make the automaton about 1000 times slower.\n\nTypically, a regular expression is affected by this problem if it contains a repetition of the form `r*` or `r+` where the sub-expression `r` is ambiguous in the sense that it can match some string in multiple ways. More information about the precise circumstances can be found in the references.\n\n\n## Recommendation\nModify the regular expression to remove the ambiguity, or ensure that the strings matched with the regular expression are short enough that the time-complexity does not matter.\n\n\n## Example\nConsider this use of a regular expression, which removes all leading and trailing whitespace in a string:\n\n```python\n\nre.sub(r\"^\\s+|\\s+$\", \"\", text) # BAD\n```\nThe sub-expression `\"\\s+$\"` will match the whitespace characters in `text` from left to right, but it can start matching anywhere within a whitespace sequence. This is problematic for strings that do **not** end with a whitespace character. Such a string will force the regular expression engine to process each whitespace sequence once per whitespace character in the sequence.\n\nThis ultimately means that the time cost of trimming a string is quadratic in the length of the string. So a string like `\"a b\"` will take milliseconds to process, but a similar string with a million spaces instead of just one will take several minutes.\n\nAvoid this problem by rewriting the regular expression to not contain the ambiguity about when to start matching whitespace sequences. For instance, by using a negative look-behind (`^\\s+|(?\u003c!\\s)\\s+$`), or just by using the built-in strip method (`text.strip()`).\n\nNote that the sub-expression `\"^\\s+\"` is **not** problematic as the `^` anchor restricts when that sub-expression can start matching, and as the regular expression engine matches from left to right.\n\n\n## Example\nAs a similar, but slightly subtler problem, consider the regular expression that matches lines with numbers, possibly written using scientific notation:\n\n```python\n\n^0\\.\\d+E?\\d+$ # BAD\n```\nThe problem with this regular expression is in the sub-expression `\\d+E?\\d+` because the second `\\d+` can start matching digits anywhere after the first match of the first `\\d+` if there is no `E` in the input string.\n\nThis is problematic for strings that do **not** end with a digit. Such a string will force the regular expression engine to process each digit sequence once per digit in the sequence, again leading to a quadratic time complexity.\n\nTo make the processing faster, the regular expression should be rewritten such that the two `\\d+` sub-expressions do not have overlapping matches: `^0\\.\\d+(E\\d+)?$`.\n\n\n## Example\nSometimes it is unclear how a regular expression can be rewritten to avoid the problem. In such cases, it often suffices to limit the length of the input string. For instance, the following regular expression is used to match numbers, and on some non-number inputs it can have quadratic time complexity:\n\n```python\n\nmatch = re.search(r'^(\\+|-)?(\\d+|(\\d*\\.\\d*))?(E|e)?([-+])?(\\d+)?$', str) \n```\nIt is not immediately obvious how to rewrite this regular expression to avoid the problem. However, you can mitigate performance issues by limiting the length to 1000 characters, which will always finish in a reasonable amount of time.\n\n```python\n\nif len(str) \u003e 1000:\n    raise ValueError(\"Input too long\")\n\nmatch = re.search(r'^(\\+|-)?(\\d+|(\\d*\\.\\d*))?(E|e)?([-+])?(\\d+)?$', str) \n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Wikipedia: [Time complexity](https://en.wikipedia.org/wiki/Time_complexity).\n* James Kirrage, Asiri Rathnayake, Hayo Thielecke: [Static Analysis for Regular Expression Denial-of-Service Attack](https://arxiv.org/abs/1301.0849).\n* Common Weakness Enumeration: [CWE-1333](https://cwe.mitre.org/data/definitions/1333.html).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n"},"id":"py/polynomial-redos","name":"py/polynomial-redos","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-730/PolynomialReDoS.ql","security-severity":"7.5","tags":["external/cwe/cwe-1333","external/cwe/cwe-400","external/cwe/cwe-730","security"]},"shortDescription":{"text":"Polynomial regular expression used on uncontrolled data"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"A regular expression that requires exponential time to match certain inputs can be a performance bottleneck, and may be vulnerable to denial-of-service attacks."},"help":{"markdown":"# Inefficient regular expression\nSome regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length *n* is proportional to *n\u003csup\u003ek\u003c/sup\u003e* or even *2\u003csup\u003en\u003c/sup\u003e*. Such regular expressions can negatively affect performance, or even allow a malicious user to perform a Denial of Service (\"DoS\") attack by crafting an expensive input string for the regular expression to match.\n\nThe regular expression engine provided by Python uses a backtracking non-deterministic finite automata to implement regular expression matching. While this approach is space-efficient and allows supporting advanced features like capture groups, it is not time-efficient in general. The worst-case time complexity of such an automaton can be polynomial or even exponential, meaning that for strings of a certain shape, increasing the input length by ten characters may make the automaton about 1000 times slower.\n\nTypically, a regular expression is affected by this problem if it contains a repetition of the form `r*` or `r+` where the sub-expression `r` is ambiguous in the sense that it can match some string in multiple ways. More information about the precise circumstances can be found in the references.\n\n\n## Recommendation\nModify the regular expression to remove the ambiguity, or ensure that the strings matched with the regular expression are short enough that the time-complexity does not matter.\n\n\n## Example\nConsider this regular expression:\n\n```python\n\n^_(__|.)+_$\n```\nIts sub-expression `\"(__|.)+?\"` can match the string `\"__\"` either by the first alternative `\"__\"` to the left of the `\"|\"` operator, or by two repetitions of the second alternative `\".\"` to the right. Thus, a string consisting of an odd number of underscores followed by some other character will cause the regular expression engine to run for an exponential amount of time before rejecting the input.\n\nThis problem can be avoided by rewriting the regular expression to remove the ambiguity between the two branches of the alternative inside the repetition:\n\n```python\n\n^_(__|[^_])+_$\n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Wikipedia: [Time complexity](https://en.wikipedia.org/wiki/Time_complexity).\n* James Kirrage, Asiri Rathnayake, Hayo Thielecke: [Static Analysis for Regular Expression Denial-of-Service Attack](https://arxiv.org/abs/1301.0849).\n* Common Weakness Enumeration: [CWE-1333](https://cwe.mitre.org/data/definitions/1333.html).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n","text":"# Inefficient regular expression\nSome regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length *n* is proportional to *n\u003csup\u003ek\u003c/sup\u003e* or even *2\u003csup\u003en\u003c/sup\u003e*. Such regular expressions can negatively affect performance, or even allow a malicious user to perform a Denial of Service (\"DoS\") attack by crafting an expensive input string for the regular expression to match.\n\nThe regular expression engine provided by Python uses a backtracking non-deterministic finite automata to implement regular expression matching. While this approach is space-efficient and allows supporting advanced features like capture groups, it is not time-efficient in general. The worst-case time complexity of such an automaton can be polynomial or even exponential, meaning that for strings of a certain shape, increasing the input length by ten characters may make the automaton about 1000 times slower.\n\nTypically, a regular expression is affected by this problem if it contains a repetition of the form `r*` or `r+` where the sub-expression `r` is ambiguous in the sense that it can match some string in multiple ways. More information about the precise circumstances can be found in the references.\n\n\n## Recommendation\nModify the regular expression to remove the ambiguity, or ensure that the strings matched with the regular expression are short enough that the time-complexity does not matter.\n\n\n## Example\nConsider this regular expression:\n\n```python\n\n^_(__|.)+_$\n```\nIts sub-expression `\"(__|.)+?\"` can match the string `\"__\"` either by the first alternative `\"__\"` to the left of the `\"|\"` operator, or by two repetitions of the second alternative `\".\"` to the right. Thus, a string consisting of an odd number of underscores followed by some other character will cause the regular expression engine to run for an exponential amount of time before rejecting the input.\n\nThis problem can be avoided by rewriting the regular expression to remove the ambiguity between the two branches of the alternative inside the repetition:\n\n```python\n\n^_(__|[^_])+_$\n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Wikipedia: [Time complexity](https://en.wikipedia.org/wiki/Time_complexity).\n* James Kirrage, Asiri Rathnayake, Hayo Thielecke: [Static Analysis for Regular Expression Denial-of-Service Attack](https://arxiv.org/abs/1301.0849).\n* Common Weakness Enumeration: [CWE-1333](https://cwe.mitre.org/data/definitions/1333.html).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n"},"id":"py/redos","name":"py/redos","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-730/ReDoS.ql","security-severity":"7.5","tags":["external/cwe/cwe-1333","external/cwe/cwe-400","external/cwe/cwe-730","security"]},"shortDescription":{"text":"Inefficient regular expression"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Writing user input directly to a web page allows for a cross-site scripting vulnerability."},"help":{"markdown":"# Reflected server-side cross-site scripting\nDirectly writing user input (for example, an HTTP request parameter) to a webpage without properly sanitizing the input first, allows for a cross-site scripting vulnerability.\n\n\n## Recommendation\nTo guard against cross-site scripting, consider escaping the input before writing user input to the page. The standard library provides escaping functions: `html.escape()` for Python 3.2 upwards or `cgi.escape()` older versions of Python. Most frameworks also provide their own escaping functions, for example `flask.escape()`.\n\n\n## Example\nThe following example is a minimal flask app which shows a safe and unsafe way to render the given name back to the page. The first view is unsafe as `first_name` is not escaped, leaving the page vulnerable to cross-site scripting attacks. The second view is safe as `first_name` is escaped, so it is not vulnerable to cross-site scripting attacks.\n\n\n```python\nfrom flask import Flask, request, make_response, escape\n\napp = Flask(__name__)\n\n@app.route('/unsafe')\ndef unsafe():\n    first_name = request.args.get('name', '')\n    return make_response(\"Your name is \" + first_name)\n\n@app.route('/safe')\ndef safe():\n    first_name = request.args.get('name', '')\n    return make_response(\"Your name is \" + escape(first_name))\n\n```\n\n## References\n* OWASP: [XSS (Cross Site Scripting) Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html).\n* Wikipedia: [Cross-site scripting](http://en.wikipedia.org/wiki/Cross-site_scripting).\n* Python Library Reference: [html.escape()](https://docs.python.org/3/library/html.html#html.escape).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n","text":"# Reflected server-side cross-site scripting\nDirectly writing user input (for example, an HTTP request parameter) to a webpage without properly sanitizing the input first, allows for a cross-site scripting vulnerability.\n\n\n## Recommendation\nTo guard against cross-site scripting, consider escaping the input before writing user input to the page. The standard library provides escaping functions: `html.escape()` for Python 3.2 upwards or `cgi.escape()` older versions of Python. Most frameworks also provide their own escaping functions, for example `flask.escape()`.\n\n\n## Example\nThe following example is a minimal flask app which shows a safe and unsafe way to render the given name back to the page. The first view is unsafe as `first_name` is not escaped, leaving the page vulnerable to cross-site scripting attacks. The second view is safe as `first_name` is escaped, so it is not vulnerable to cross-site scripting attacks.\n\n\n```python\nfrom flask import Flask, request, make_response, escape\n\napp = Flask(__name__)\n\n@app.route('/unsafe')\ndef unsafe():\n    first_name = request.args.get('name', '')\n    return make_response(\"Your name is \" + first_name)\n\n@app.route('/safe')\ndef safe():\n    first_name = request.args.get('name', '')\n    return make_response(\"Your name is \" + escape(first_name))\n\n```\n\n## References\n* OWASP: [XSS (Cross Site Scripting) Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html).\n* Wikipedia: [Cross-site scripting](http://en.wikipedia.org/wiki/Cross-site_scripting).\n* Python Library Reference: [html.escape()](https://docs.python.org/3/library/html.html#html.escape).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n"},"id":"py/reflective-xss","name":"py/reflective-xss","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-079/ReflectedXss.ql","security-severity":"6.1","tags":["external/cwe/cwe-079","external/cwe/cwe-116","security"]},"shortDescription":{"text":"Reflected server-side cross-site scripting"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"User input should not be used in regular expressions without first being escaped, otherwise a malicious user may be able to inject an expression that could require exponential time on certain inputs."},"help":{"markdown":"# Regular expression injection\nConstructing a regular expression with unsanitized user input is dangerous as a malicious user may be able to modify the meaning of the expression. In particular, such a user may be able to provide a regular expression fragment that takes exponential time in the worst case, and use that to perform a Denial of Service attack.\n\n\n## Recommendation\nBefore embedding user input into a regular expression, use a sanitization function such as `re.escape` to escape meta-characters that have a special meaning regarding regular expressions' syntax.\n\n\n## Example\nThe following examples are based on a simple Flask web server environment.\n\nThe following example shows a HTTP request parameter that is used to construct a regular expression without sanitizing it first:\n\n\n```python\nfrom flask import request, Flask\nimport re\n\n\n@app.route(\"/direct\")\ndef direct():\n    unsafe_pattern = request.args[\"pattern\"]\n    re.search(unsafe_pattern, \"\")\n\n\n@app.route(\"/compile\")\ndef compile():\n    unsafe_pattern = request.args[\"pattern\"]\n    compiled_pattern = re.compile(unsafe_pattern)\n    compiled_pattern.search(\"\")\n\n```\nInstead, the request parameter should be sanitized first, for example using the function `re.escape`. This ensures that the user cannot insert characters which have a special meaning in regular expressions.\n\n\n```python\nfrom flask import request, Flask\nimport re\n\n\n@app.route(\"/direct\")\ndef direct():\n    unsafe_pattern = request.args['pattern']\n    safe_pattern = re.escape(unsafe_pattern)\n    re.search(safe_pattern, \"\")\n\n\n@app.route(\"/compile\")\ndef compile():\n    unsafe_pattern = request.args['pattern']\n    safe_pattern = re.escape(unsafe_pattern)\n    compiled_pattern = re.compile(safe_pattern)\n    compiled_pattern.search(\"\")\n\n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Python docs: [re](https://docs.python.org/3/library/re.html).\n* SonarSource: [RSPEC-2631](https://rules.sonarsource.com/python/type/Vulnerability/RSPEC-2631).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n","text":"# Regular expression injection\nConstructing a regular expression with unsanitized user input is dangerous as a malicious user may be able to modify the meaning of the expression. In particular, such a user may be able to provide a regular expression fragment that takes exponential time in the worst case, and use that to perform a Denial of Service attack.\n\n\n## Recommendation\nBefore embedding user input into a regular expression, use a sanitization function such as `re.escape` to escape meta-characters that have a special meaning regarding regular expressions' syntax.\n\n\n## Example\nThe following examples are based on a simple Flask web server environment.\n\nThe following example shows a HTTP request parameter that is used to construct a regular expression without sanitizing it first:\n\n\n```python\nfrom flask import request, Flask\nimport re\n\n\n@app.route(\"/direct\")\ndef direct():\n    unsafe_pattern = request.args[\"pattern\"]\n    re.search(unsafe_pattern, \"\")\n\n\n@app.route(\"/compile\")\ndef compile():\n    unsafe_pattern = request.args[\"pattern\"]\n    compiled_pattern = re.compile(unsafe_pattern)\n    compiled_pattern.search(\"\")\n\n```\nInstead, the request parameter should be sanitized first, for example using the function `re.escape`. This ensures that the user cannot insert characters which have a special meaning in regular expressions.\n\n\n```python\nfrom flask import request, Flask\nimport re\n\n\n@app.route(\"/direct\")\ndef direct():\n    unsafe_pattern = request.args['pattern']\n    safe_pattern = re.escape(unsafe_pattern)\n    re.search(safe_pattern, \"\")\n\n\n@app.route(\"/compile\")\ndef compile():\n    unsafe_pattern = request.args['pattern']\n    safe_pattern = re.escape(unsafe_pattern)\n    compiled_pattern = re.compile(safe_pattern)\n    compiled_pattern.search(\"\")\n\n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Python docs: [re](https://docs.python.org/3/library/re.html).\n* SonarSource: [RSPEC-2631](https://rules.sonarsource.com/python/type/Vulnerability/RSPEC-2631).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n"},"id":"py/regex-injection","name":"py/regex-injection","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-730/RegexInjection.ql","security-severity":"7.5","tags":["external/cwe/cwe-400","external/cwe/cwe-730","security"]},"shortDescription":{"text":"Regular expression injection"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Building a SQL query from user-controlled sources is vulnerable to insertion of malicious SQL code by the user."},"help":{"markdown":"# SQL query built from user-controlled sources\nIf a database query (such as a SQL or NoSQL query) is built from user-provided data without sufficient sanitization, a user may be able to run malicious database queries.\n\nThis also includes using the `TextClause` class in the `[SQLAlchemy](https://pypi.org/project/SQLAlchemy/)` PyPI package, which is used to represent a literal SQL fragment and is inserted directly into the final SQL when used in a query built using the ORM.\n\n\n## Recommendation\nMost database connector libraries offer a way of safely embedding untrusted data into a query by means of query parameters or prepared statements.\n\n\n## Example\nIn the following snippet, a user is fetched from the database using three different queries.\n\nIn the first case, the query string is built by directly using string formatting from a user-supplied request parameter. The parameter may include quote characters, so this code is vulnerable to a SQL injection attack.\n\nIn the second case, the user-supplied request attribute is passed to the database using query parameters. The database connector library will take care of escaping and inserting quotes as needed.\n\nIn the third case, the placeholder in the SQL string has been manually quoted. Since most databaseconnector libraries will insert their own quotes, doing so yourself will make the code vulnerable to SQL injection attacks. In this example, if `username` was `; DROP ALL TABLES -- `, the final SQL query would be `SELECT * FROM users WHERE username = ''; DROP ALL TABLES -- ''`\n\n\n```python\nfrom django.conf.urls import url\nfrom django.db import connection\n\n\ndef show_user(request, username):\n    with connection.cursor() as cursor:\n        # BAD -- Using string formatting\n        cursor.execute(\"SELECT * FROM users WHERE username = '%s'\" % username)\n        user = cursor.fetchone()\n\n        # GOOD -- Using parameters\n        cursor.execute(\"SELECT * FROM users WHERE username = %s\", username)\n        user = cursor.fetchone()\n\n        # BAD -- Manually quoting placeholder (%s)\n        cursor.execute(\"SELECT * FROM users WHERE username = '%s'\", username)\n        user = cursor.fetchone()\n\nurlpatterns = [url(r'^users/(?P\u003cusername\u003e[^/]+)$', show_user)]\n\n```\n\n## References\n* Wikipedia: [SQL injection](https://en.wikipedia.org/wiki/SQL_injection).\n* OWASP: [SQL Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html).\n* [SQLAlchemy documentation for TextClause](https://docs.sqlalchemy.org/en/14/core/sqlelement.html#sqlalchemy.sql.expression.text.params.text).\n* Common Weakness Enumeration: [CWE-89](https://cwe.mitre.org/data/definitions/89.html).\n","text":"# SQL query built from user-controlled sources\nIf a database query (such as a SQL or NoSQL query) is built from user-provided data without sufficient sanitization, a user may be able to run malicious database queries.\n\nThis also includes using the `TextClause` class in the `[SQLAlchemy](https://pypi.org/project/SQLAlchemy/)` PyPI package, which is used to represent a literal SQL fragment and is inserted directly into the final SQL when used in a query built using the ORM.\n\n\n## Recommendation\nMost database connector libraries offer a way of safely embedding untrusted data into a query by means of query parameters or prepared statements.\n\n\n## Example\nIn the following snippet, a user is fetched from the database using three different queries.\n\nIn the first case, the query string is built by directly using string formatting from a user-supplied request parameter. The parameter may include quote characters, so this code is vulnerable to a SQL injection attack.\n\nIn the second case, the user-supplied request attribute is passed to the database using query parameters. The database connector library will take care of escaping and inserting quotes as needed.\n\nIn the third case, the placeholder in the SQL string has been manually quoted. Since most databaseconnector libraries will insert their own quotes, doing so yourself will make the code vulnerable to SQL injection attacks. In this example, if `username` was `; DROP ALL TABLES -- `, the final SQL query would be `SELECT * FROM users WHERE username = ''; DROP ALL TABLES -- ''`\n\n\n```python\nfrom django.conf.urls import url\nfrom django.db import connection\n\n\ndef show_user(request, username):\n    with connection.cursor() as cursor:\n        # BAD -- Using string formatting\n        cursor.execute(\"SELECT * FROM users WHERE username = '%s'\" % username)\n        user = cursor.fetchone()\n\n        # GOOD -- Using parameters\n        cursor.execute(\"SELECT * FROM users WHERE username = %s\", username)\n        user = cursor.fetchone()\n\n        # BAD -- Manually quoting placeholder (%s)\n        cursor.execute(\"SELECT * FROM users WHERE username = '%s'\", username)\n        user = cursor.fetchone()\n\nurlpatterns = [url(r'^users/(?P\u003cusername\u003e[^/]+)$', show_user)]\n\n```\n\n## References\n* Wikipedia: [SQL injection](https://en.wikipedia.org/wiki/SQL_injection).\n* OWASP: [SQL Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html).\n* [SQLAlchemy documentation for TextClause](https://docs.sqlalchemy.org/en/14/core/sqlelement.html#sqlalchemy.sql.expression.text.params.text).\n* Common Weakness Enumeration: [CWE-89](https://cwe.mitre.org/data/definitions/89.html).\n"},"id":"py/sql-injection","name":"py/sql-injection","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-089/SqlInjection.ql","security-severity":"8.8","tags":["external/cwe/cwe-089","security"]},"shortDescription":{"text":"SQL query built from user-controlled sources"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Leaking information about an exception, such as messages and stack traces, to an external user can expose implementation details that are useful to an attacker for developing a subsequent exploit."},"help":{"markdown":"# Information exposure through an exception\nSoftware developers often add stack traces to error messages, as a debugging aid. Whenever that error message occurs for an end user, the developer can use the stack trace to help identify how to fix the problem. In particular, stack traces can tell the developer more about the sequence of events that led to a failure, as opposed to merely the final state of the software when the error occurred.\n\nUnfortunately, the same information can be useful to an attacker. The sequence of class names in a stack trace can reveal the structure of the application as well as any internal components it relies on. Furthermore, the error message at the top of a stack trace can include information such as server-side file names and SQL code that the application relies on, allowing an attacker to fine-tune a subsequent injection attack.\n\n\n## Recommendation\nSend the user a more generic error message that reveals less information. Either suppress the stack trace entirely, or log it only on the server.\n\n\n## Example\nIn the following example, an exception is handled in two different ways. In the first version, labeled BAD, the exception is sent back to the remote user by returning it from the function. As such, the user is able to see a detailed stack trace, which may contain sensitive information. In the second version, the error message is logged only on the server, and a generic error message is displayed to the user. That way, the developers can still access and use the error log, but remote users will not see the information.\n\n\n```python\nfrom flask import Flask\napp = Flask(__name__)\n\n\nimport traceback\n\ndef do_computation():\n    raise Exception(\"Secret info\")\n\n# BAD\n@app.route('/bad')\ndef server_bad():\n    try:\n        do_computation()\n    except Exception as e:\n        return traceback.format_exc()\n\n# GOOD\n@app.route('/good')\ndef server_good():\n    try:\n        do_computation()\n    except Exception as e:\n        log(traceback.format_exc())\n        return \"An internal error has occurred!\"\n\n```\n\n## References\n* OWASP: [Improper Error Handling](https://owasp.org/www-community/Improper_Error_Handling).\n* Common Weakness Enumeration: [CWE-209](https://cwe.mitre.org/data/definitions/209.html).\n* Common Weakness Enumeration: [CWE-497](https://cwe.mitre.org/data/definitions/497.html).\n","text":"# Information exposure through an exception\nSoftware developers often add stack traces to error messages, as a debugging aid. Whenever that error message occurs for an end user, the developer can use the stack trace to help identify how to fix the problem. In particular, stack traces can tell the developer more about the sequence of events that led to a failure, as opposed to merely the final state of the software when the error occurred.\n\nUnfortunately, the same information can be useful to an attacker. The sequence of class names in a stack trace can reveal the structure of the application as well as any internal components it relies on. Furthermore, the error message at the top of a stack trace can include information such as server-side file names and SQL code that the application relies on, allowing an attacker to fine-tune a subsequent injection attack.\n\n\n## Recommendation\nSend the user a more generic error message that reveals less information. Either suppress the stack trace entirely, or log it only on the server.\n\n\n## Example\nIn the following example, an exception is handled in two different ways. In the first version, labeled BAD, the exception is sent back to the remote user by returning it from the function. As such, the user is able to see a detailed stack trace, which may contain sensitive information. In the second version, the error message is logged only on the server, and a generic error message is displayed to the user. That way, the developers can still access and use the error log, but remote users will not see the information.\n\n\n```python\nfrom flask import Flask\napp = Flask(__name__)\n\n\nimport traceback\n\ndef do_computation():\n    raise Exception(\"Secret info\")\n\n# BAD\n@app.route('/bad')\ndef server_bad():\n    try:\n        do_computation()\n    except Exception as e:\n        return traceback.format_exc()\n\n# GOOD\n@app.route('/good')\ndef server_good():\n    try:\n        do_computation()\n    except Exception as e:\n        log(traceback.format_exc())\n        return \"An internal error has occurred!\"\n\n```\n\n## References\n* OWASP: [Improper Error Handling](https://owasp.org/www-community/Improper_Error_Handling).\n* Common Weakness Enumeration: [CWE-209](https://cwe.mitre.org/data/definitions/209.html).\n* Common Weakness Enumeration: [CWE-497](https://cwe.mitre.org/data/definitions/497.html).\n"},"id":"py/stack-trace-exposure","name":"py/stack-trace-exposure","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-209/StackTraceExposure.ql","security-severity":"5.4","tags":["external/cwe/cwe-209","external/cwe/cwe-497","security"]},"shortDescription":{"text":"Information exposure through an exception"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"The total number of lines of Python code across all files, including external libraries and auto-generated files. This is a useful metric of the size of a database. This query counts the lines of code, excluding whitespace or comments."},"id":"py/summary/lines-of-code","name":"py/summary/lines-of-code","properties":{"tags":["summary","telemetry"]},"shortDescription":{"text":"Total lines of Python code in the database"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"The total number of lines of Python code from the source code directory, excluding auto-generated files. This query counts the lines of code, excluding whitespace or comments. Note: If external libraries are included in the codebase either in a checked-in virtual environment or as vendored code, that will currently be counted as user written code."},"id":"py/summary/lines-of-user-code","name":"py/summary/lines-of-user-code","properties":{"tags":["debug","lines-of-code","summary"]},"shortDescription":{"text":"Total lines of user written Python code in the database"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Deserializing user-controlled data may allow attackers to execute arbitrary code."},"help":{"markdown":"# Deserialization of user-controlled data\nDeserializing untrusted data using any deserialization framework that allows the construction of arbitrary serializable objects is easily exploitable and in many cases allows an attacker to execute arbitrary code. Even before a deserialized object is returned to the caller of a deserialization method a lot of code may have been executed, including static initializers, constructors, and finalizers. Automatic deserialization of fields means that an attacker may craft a nested combination of objects on which the executed initialization code may have unforeseen effects, such as the execution of arbitrary code.\n\nThere are many different serialization frameworks. This query currently supports Pickle, Marshal and Yaml.\n\n\n## Recommendation\nAvoid deserialization of untrusted data if at all possible. If the architecture permits it then use other formats instead of serialized objects, for example JSON.\n\nIf you need to use YAML, use the `yaml.safe_load` function.\n\n\n## Example\nThe following example calls `pickle.loads` directly on a value provided by an incoming HTTP request. Pickle then creates a new value from untrusted data, and is therefore inherently unsafe.\n\n\n```python\n\nfrom django.conf.urls import url\nimport pickle\n\ndef unsafe(pickled):\n    return pickle.loads(pickled)\n\nurlpatterns = [\n    url(r'^(?P\u003cobject\u003e.*)$', unsafe)\n]\n```\nChanging the code to use `json.loads` instead of `pickle.loads` removes the vulnerability.\n\n\n```python\n\nfrom django.conf.urls import url\nimport json\n\ndef safe(pickled):\n    return json.loads(pickled)\n\nurlpatterns = [\n    url(r'^(?P\u003cobject\u003e.*)$', safe)\n]\n\n```\n\n## References\n* OWASP vulnerability description: [Deserialization of untrusted data](https://www.owasp.org/index.php/Deserialization_of_untrusted_data).\n* OWASP guidance on deserializing objects: [Deserialization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html).\n* Talks by Chris Frohoff \u0026amp; Gabriel Lawrence: [ AppSecCali 2015: Marshalling Pickles - how deserializing objects will ruin your day](http://frohoff.github.io/appseccali-marshalling-pickles/)\n* Common Weakness Enumeration: [CWE-502](https://cwe.mitre.org/data/definitions/502.html).\n","text":"# Deserialization of user-controlled data\nDeserializing untrusted data using any deserialization framework that allows the construction of arbitrary serializable objects is easily exploitable and in many cases allows an attacker to execute arbitrary code. Even before a deserialized object is returned to the caller of a deserialization method a lot of code may have been executed, including static initializers, constructors, and finalizers. Automatic deserialization of fields means that an attacker may craft a nested combination of objects on which the executed initialization code may have unforeseen effects, such as the execution of arbitrary code.\n\nThere are many different serialization frameworks. This query currently supports Pickle, Marshal and Yaml.\n\n\n## Recommendation\nAvoid deserialization of untrusted data if at all possible. If the architecture permits it then use other formats instead of serialized objects, for example JSON.\n\nIf you need to use YAML, use the `yaml.safe_load` function.\n\n\n## Example\nThe following example calls `pickle.loads` directly on a value provided by an incoming HTTP request. Pickle then creates a new value from untrusted data, and is therefore inherently unsafe.\n\n\n```python\n\nfrom django.conf.urls import url\nimport pickle\n\ndef unsafe(pickled):\n    return pickle.loads(pickled)\n\nurlpatterns = [\n    url(r'^(?P\u003cobject\u003e.*)$', unsafe)\n]\n```\nChanging the code to use `json.loads` instead of `pickle.loads` removes the vulnerability.\n\n\n```python\n\nfrom django.conf.urls import url\nimport json\n\ndef safe(pickled):\n    return json.loads(pickled)\n\nurlpatterns = [\n    url(r'^(?P\u003cobject\u003e.*)$', safe)\n]\n\n```\n\n## References\n* OWASP vulnerability description: [Deserialization of untrusted data](https://www.owasp.org/index.php/Deserialization_of_untrusted_data).\n* OWASP guidance on deserializing objects: [Deserialization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html).\n* Talks by Chris Frohoff \u0026amp; Gabriel Lawrence: [ AppSecCali 2015: Marshalling Pickles - how deserializing objects will ruin your day](http://frohoff.github.io/appseccali-marshalling-pickles/)\n* Common Weakness Enumeration: [CWE-502](https://cwe.mitre.org/data/definitions/502.html).\n"},"id":"py/unsafe-deserialization","name":"py/unsafe-deserialization","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-502/UnsafeDeserialization.ql","security-severity":"9.8","tags":["external/cwe/cwe-502","security","serialization"]},"shortDescription":{"text":"Deserialization of user-controlled data"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"URL redirection based on unvalidated user input may cause redirection to malicious web sites."},"help":{"markdown":"# URL redirection from remote source\nDirectly incorporating user input into a URL redirect request without validating the input can facilitate phishing attacks. In these attacks, unsuspecting users can be redirected to a malicious site that looks very similar to the real site they intend to visit, but which is controlled by the attacker.\n\n\n## Recommendation\nTo guard against untrusted URL redirection, it is advisable to avoid putting user input directly into a redirect URL. Instead, maintain a list of authorized redirects on the server; then choose from that list based on the user input provided.\n\nIf this is not possible, then the user input should be validated in some other way, for example, by verifying that the target URL does not include an explicit host name.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly in a URL redirect without validating the input, which facilitates phishing attacks:\n\n\n```python\nfrom flask import Flask, request, redirect\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    return redirect(target, code=302)\n\n```\nIf you know the set of valid redirect targets, you can maintain a list of them on the server and check that the user input is in that list:\n\n\n```python\nfrom flask import Flask, request, redirect\n\nVALID_REDIRECT = \"http://cwe.mitre.org/data/definitions/601.html\"\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    if target == VALID_REDIRECT:\n        return redirect(target, code=302)\n    else:\n        # ignore the target and redirect to the home page\n        return redirect('/', code=302)\n\n```\nOften this is not possible, so an alternative is to check that the target URL does not specify an explicit host name. For example, you can use the `urlparse` function from the Python standard library to parse the URL and check that the `netloc` attribute is empty.\n\nNote, however, that some cases are not handled as we desire out-of-the-box by `urlparse`, so we need to adjust two things, as shown in the example below:\n\n* Many browsers accept backslash characters (`\\`) as equivalent to forward slash characters (`/`) in URLs, but the `urlparse` function does not.\n* Mistyped URLs such as `https:/example.com` or `https:///example.com` are parsed as having an empty `netloc` attribute, while browsers will still redirect to the correct site.\n\n```python\nfrom flask import Flask, request, redirect\nfrom urllib.parse import urlparse\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    target = target.replace('\\\\', '')\n    if not urlparse(target).netloc and not urlparse(target).scheme:\n        # relative path, safe to redirect\n        return redirect(target, code=302)\n    # ignore the target and redirect to the home page\n    return redirect('/', code=302)\n\n```\nFor Django application, you can use the function `url_has_allowed_host_and_scheme` to check that a URL is safe to redirect to, as shown in the following example:\n\n\n```python\nfrom django.http import HttpResponseRedirect\nfrom django.shortcuts import redirect\nfrom django.utils.http import url_has_allowed_host_and_scheme\nfrom django.views import View\n\nclass RedirectView(View):\n    def get(self, request, *args, **kwargs):\n        target = request.GET.get('target', '')\n        if url_has_allowed_host_and_scheme(target, allowed_hosts=None):\n            return HttpResponseRedirect(target)\n        else:\n            # ignore the target and redirect to the home page\n            return redirect('/')\n```\nNote that `url_has_allowed_host_and_scheme` handles backslashes correctly, so no additional processing is required.\n\n\n## References\n* OWASP: [ XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Python standard library: [ urllib.parse](https://docs.python.org/3/library/urllib.parse.html).\n* Common Weakness Enumeration: [CWE-601](https://cwe.mitre.org/data/definitions/601.html).\n","text":"# URL redirection from remote source\nDirectly incorporating user input into a URL redirect request without validating the input can facilitate phishing attacks. In these attacks, unsuspecting users can be redirected to a malicious site that looks very similar to the real site they intend to visit, but which is controlled by the attacker.\n\n\n## Recommendation\nTo guard against untrusted URL redirection, it is advisable to avoid putting user input directly into a redirect URL. Instead, maintain a list of authorized redirects on the server; then choose from that list based on the user input provided.\n\nIf this is not possible, then the user input should be validated in some other way, for example, by verifying that the target URL does not include an explicit host name.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly in a URL redirect without validating the input, which facilitates phishing attacks:\n\n\n```python\nfrom flask import Flask, request, redirect\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    return redirect(target, code=302)\n\n```\nIf you know the set of valid redirect targets, you can maintain a list of them on the server and check that the user input is in that list:\n\n\n```python\nfrom flask import Flask, request, redirect\n\nVALID_REDIRECT = \"http://cwe.mitre.org/data/definitions/601.html\"\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    if target == VALID_REDIRECT:\n        return redirect(target, code=302)\n    else:\n        # ignore the target and redirect to the home page\n        return redirect('/', code=302)\n\n```\nOften this is not possible, so an alternative is to check that the target URL does not specify an explicit host name. For example, you can use the `urlparse` function from the Python standard library to parse the URL and check that the `netloc` attribute is empty.\n\nNote, however, that some cases are not handled as we desire out-of-the-box by `urlparse`, so we need to adjust two things, as shown in the example below:\n\n* Many browsers accept backslash characters (`\\`) as equivalent to forward slash characters (`/`) in URLs, but the `urlparse` function does not.\n* Mistyped URLs such as `https:/example.com` or `https:///example.com` are parsed as having an empty `netloc` attribute, while browsers will still redirect to the correct site.\n\n```python\nfrom flask import Flask, request, redirect\nfrom urllib.parse import urlparse\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    target = target.replace('\\\\', '')\n    if not urlparse(target).netloc and not urlparse(target).scheme:\n        # relative path, safe to redirect\n        return redirect(target, code=302)\n    # ignore the target and redirect to the home page\n    return redirect('/', code=302)\n\n```\nFor Django application, you can use the function `url_has_allowed_host_and_scheme` to check that a URL is safe to redirect to, as shown in the following example:\n\n\n```python\nfrom django.http import HttpResponseRedirect\nfrom django.shortcuts import redirect\nfrom django.utils.http import url_has_allowed_host_and_scheme\nfrom django.views import View\n\nclass RedirectView(View):\n    def get(self, request, *args, **kwargs):\n        target = request.GET.get('target', '')\n        if url_has_allowed_host_and_scheme(target, allowed_hosts=None):\n            return HttpResponseRedirect(target)\n        else:\n            # ignore the target and redirect to the home page\n            return redirect('/')\n```\nNote that `url_has_allowed_host_and_scheme` handles backslashes correctly, so no additional processing is required.\n\n\n## References\n* OWASP: [ XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Python standard library: [ urllib.parse](https://docs.python.org/3/library/urllib.parse.html).\n* Common Weakness Enumeration: [CWE-601](https://cwe.mitre.org/data/definitions/601.html).\n"},"id":"py/url-redirection","name":"py/url-redirection","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-601/UrlRedirect.ql","security-severity":"6.1","tags":["external/cwe/cwe-601","security"]},"shortDescription":{"text":"URL redirection from remote source"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"The built-in function 'input' is used which, in Python 2, can allow arbitrary code to be run."},"help":{"markdown":"# 'input' function used in Python 2\nIn Python 2, a call to the `input()` function, `input(prompt)` is equivalent to `eval(raw_input(prompt))`. Evaluating user input without any checking can be a serious security flaw.\n\n\n## Recommendation\nGet user input with `raw_input(prompt)` and then validate that input before evaluating. If the expected input is a number or string, then `ast.literal_eval()` can always be used safely.\n\n\n## References\n* Python Standard Library: [input](http://docs.python.org/2/library/functions.html#input), [ast.literal_eval](http://docs.python.org/2/library/ast.html#ast.literal_eval).\n* Wikipedia: [Data validation](http://en.wikipedia.org/wiki/Data_validation).\n","text":"# 'input' function used in Python 2\nIn Python 2, a call to the `input()` function, `input(prompt)` is equivalent to `eval(raw_input(prompt))`. Evaluating user input without any checking can be a serious security flaw.\n\n\n## Recommendation\nGet user input with `raw_input(prompt)` and then validate that input before evaluating. If the expected input is a number or string, then `ast.literal_eval()` can always be used safely.\n\n\n## References\n* Python Standard Library: [input](http://docs.python.org/2/library/functions.html#input), [ast.literal_eval](http://docs.python.org/2/library/ast.html#ast.literal_eval).\n* Wikipedia: [Data validation](http://en.wikipedia.org/wiki/Data_validation).\n"},"id":"py/use-of-input","name":"py/use-of-input","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Expressions/UseofInput.ql","security-severity":"9.8","tags":["correctness","security","security/cwe/cwe-94","security/cwe/cwe-95"]},"shortDescription":{"text":"'input' function used in Python 2"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Use of a cryptographic key that is too small may allow the encryption to be broken."},"help":{"markdown":"# Use of weak cryptographic key\nModern encryption relies on it being computationally infeasible to break the cipher and decode a message without the key. As computational power increases, the ability to break ciphers grows and keys need to become larger.\n\nThe three main asymmetric key algorithms currently in use are Rivest–Shamir–Adleman (RSA) cryptography, Digital Signature Algorithm (DSA), and Elliptic-curve cryptography (ECC). With current technology, key sizes of 2048 bits for RSA and DSA, or 256 bits for ECC, are regarded as unbreakable.\n\n\n## Recommendation\nIncrease the key size to the recommended amount or larger. For RSA or DSA this is at least 2048 bits, for ECC this is at least 256 bits.\n\n\n## References\n* Wikipedia: [Digital Signature Algorithm](https://en.wikipedia.org/wiki/Digital_Signature_Algorithm).\n* Wikipedia: [RSA cryptosystem](https://en.wikipedia.org/wiki/RSA_(cryptosystem)).\n* Wikipedia: [Elliptic-curve cryptography](https://en.wikipedia.org/wiki/Elliptic-curve_cryptography).\n* Python cryptography module: [cryptography.io](https://cryptography.io/en/latest/).\n* NIST: [ Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* Common Weakness Enumeration: [CWE-326](https://cwe.mitre.org/data/definitions/326.html).\n","text":"# Use of weak cryptographic key\nModern encryption relies on it being computationally infeasible to break the cipher and decode a message without the key. As computational power increases, the ability to break ciphers grows and keys need to become larger.\n\nThe three main asymmetric key algorithms currently in use are Rivest–Shamir–Adleman (RSA) cryptography, Digital Signature Algorithm (DSA), and Elliptic-curve cryptography (ECC). With current technology, key sizes of 2048 bits for RSA and DSA, or 256 bits for ECC, are regarded as unbreakable.\n\n\n## Recommendation\nIncrease the key size to the recommended amount or larger. For RSA or DSA this is at least 2048 bits, for ECC this is at least 256 bits.\n\n\n## References\n* Wikipedia: [Digital Signature Algorithm](https://en.wikipedia.org/wiki/Digital_Signature_Algorithm).\n* Wikipedia: [RSA cryptosystem](https://en.wikipedia.org/wiki/RSA_(cryptosystem)).\n* Wikipedia: [Elliptic-curve cryptography](https://en.wikipedia.org/wiki/Elliptic-curve_cryptography).\n* Python cryptography module: [cryptography.io](https://cryptography.io/en/latest/).\n* NIST: [ Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* Common Weakness Enumeration: [CWE-326](https://cwe.mitre.org/data/definitions/326.html).\n"},"id":"py/weak-crypto-key","name":"py/weak-crypto-key","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-326/WeakCryptoKey.ql","security-severity":"7.5","tags":["external/cwe/cwe-326","security"]},"shortDescription":{"text":"Use of weak cryptographic key"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Using broken or weak cryptographic algorithms can compromise security."},"help":{"markdown":"# Use of a broken or weak cryptographic algorithm\nUsing broken or weak cryptographic algorithms can leave data vulnerable to being decrypted or forged by an attacker.\n\nMany cryptographic algorithms provided by cryptography libraries are known to be weak, or flawed. Using such an algorithm means that encrypted or hashed data is less secure than it appears to be.\n\nThis query alerts on any use of a weak cryptographic algorithm, that is not a hashing algorithm. Use of broken or weak cryptographic hash functions are handled by the `py/weak-sensitive-data-hashing` query.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic algorithm, such as AES-128 or RSA-2048.\n\n\n## Example\nThe following code uses the `pycryptodome` library to encrypt some secret data. When you create a cipher using `pycryptodome` you must specify the encryption algorithm to use. The first example uses DES, which is an older algorithm that is now considered weak. The second example uses AES, which is a stronger modern algorithm.\n\n\n```python\nfrom Crypto.Cipher import DES, AES\n\ncipher = DES.new(SECRET_KEY)\n\ndef send_encrypted(channel, message):\n    channel.send(cipher.encrypt(message)) # BAD: weak encryption\n\n\ncipher = AES.new(SECRET_KEY)\n\ndef send_encrypted(channel, message):\n    channel.send(cipher.encrypt(message)) # GOOD: strong encryption\n\n\n```\nNOTICE: the original `[pycrypto](https://pypi.org/project/pycrypto/)` PyPI package that provided the `Crypto` module is not longer actively maintained, so you should use the `[pycryptodome](https://pypi.org/project/pycryptodome/)` PyPI package instead (which has a compatible API).\n\n\n## References\n* NIST, FIPS 140 Annex a: [ Approved Security Functions](http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf).\n* NIST, SP 800-131A: [ Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* OWASP: [Rule - Use strong approved cryptographic algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#rule---use-strong-approved-authenticated-encryption).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n","text":"# Use of a broken or weak cryptographic algorithm\nUsing broken or weak cryptographic algorithms can leave data vulnerable to being decrypted or forged by an attacker.\n\nMany cryptographic algorithms provided by cryptography libraries are known to be weak, or flawed. Using such an algorithm means that encrypted or hashed data is less secure than it appears to be.\n\nThis query alerts on any use of a weak cryptographic algorithm, that is not a hashing algorithm. Use of broken or weak cryptographic hash functions are handled by the `py/weak-sensitive-data-hashing` query.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic algorithm, such as AES-128 or RSA-2048.\n\n\n## Example\nThe following code uses the `pycryptodome` library to encrypt some secret data. When you create a cipher using `pycryptodome` you must specify the encryption algorithm to use. The first example uses DES, which is an older algorithm that is now considered weak. The second example uses AES, which is a stronger modern algorithm.\n\n\n```python\nfrom Crypto.Cipher import DES, AES\n\ncipher = DES.new(SECRET_KEY)\n\ndef send_encrypted(channel, message):\n    channel.send(cipher.encrypt(message)) # BAD: weak encryption\n\n\ncipher = AES.new(SECRET_KEY)\n\ndef send_encrypted(channel, message):\n    channel.send(cipher.encrypt(message)) # GOOD: strong encryption\n\n\n```\nNOTICE: the original `[pycrypto](https://pypi.org/project/pycrypto/)` PyPI package that provided the `Crypto` module is not longer actively maintained, so you should use the `[pycryptodome](https://pypi.org/project/pycryptodome/)` PyPI package instead (which has a compatible API).\n\n\n## References\n* NIST, FIPS 140 Annex a: [ Approved Security Functions](http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf).\n* NIST, SP 800-131A: [ Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* OWASP: [Rule - Use strong approved cryptographic algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#rule---use-strong-approved-authenticated-encryption).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n"},"id":"py/weak-cryptographic-algorithm","name":"py/weak-cryptographic-algorithm","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql","security-severity":"7.5","tags":["external/cwe/cwe-327","security"]},"shortDescription":{"text":"Use of a broken or weak cryptographic algorithm"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Using broken or weak cryptographic hashing algorithms can compromise security."},"help":{"markdown":"# Use of a broken or weak cryptographic hashing algorithm on sensitive data\nUsing a broken or weak cryptographic hash function can leave data vulnerable, and should not be used in security related code.\n\nA strong cryptographic hash function should be resistant to:\n\n* pre-image attacks: if you know a hash value `h(x)`, you should not be able to easily find the input `x`.\n* collision attacks: if you know a hash value `h(x)`, you should not be able to easily find a different input `y` with the same hash value `h(x) = h(y)`.\nIn cases with a limited input space, such as for passwords, the hash function also needs to be computationally expensive to be resistant to brute-force attacks. Passwords should also have an unique salt applied before hashing, but that is not considered by this query.\n\nAs an example, both MD5 and SHA-1 are known to be vulnerable to collision attacks.\n\nSince it's OK to use a weak cryptographic hash function in a non-security context, this query only alerts when these are used to hash sensitive data (such as passwords, certificates, usernames).\n\nUse of broken or weak cryptographic algorithms that are not hashing algorithms, is handled by the `py/weak-cryptographic-algorithm` query.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic hash function:\n\n* such as Argon2, scrypt, bcrypt, or PBKDF2 for passwords and other data with limited input space.\n* such as SHA-2, or SHA-3 in other cases.\n\n## Example\nThe following example shows two functions for checking whether the hash of a certificate matches a known value -- to prevent tampering. The first function uses MD5 that is known to be vulnerable to collision attacks. The second function uses SHA-256 that is a strong cryptographic hashing function.\n\n\n```python\nimport hashlib\n\ndef certificate_matches_known_hash_bad(certificate, known_hash):\n    hash = hashlib.md5(certificate).hexdigest() # BAD\n    return hash == known_hash\n\ndef certificate_matches_known_hash_good(certificate, known_hash):\n    hash = hashlib.sha256(certificate).hexdigest() # GOOD\n    return hash == known_hash\n\n```\n\n## Example\nThe following example shows two functions for hashing passwords. The first function uses SHA-256 to hash passwords. Although SHA-256 is a strong cryptographic hash function, it is not suitable for password hashing since it is not computationally expensive.\n\n\n```python\nimport hashlib\n\ndef get_password_hash(password: str, salt: str):\n    return hashlib.sha256(password + salt).hexdigest() # BAD\n\n```\nThe second function uses Argon2 (through the `argon2-cffi` PyPI package), which is a strong password hashing algorithm (and includes a per-password salt by default).\n\n\n```python\nfrom argon2 import PasswordHasher\n\ndef get_initial_hash(password: str):\n    ph = PasswordHasher()\n    return ph.hash(password) # GOOD\n\ndef check_password(password: str, known_hash):\n    ph = PasswordHasher()\n    return ph.verify(known_hash, password) # GOOD\n\n```\n\n## References\n* OWASP: [Password Storage Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n* Common Weakness Enumeration: [CWE-328](https://cwe.mitre.org/data/definitions/328.html).\n* Common Weakness Enumeration: [CWE-916](https://cwe.mitre.org/data/definitions/916.html).\n","text":"# Use of a broken or weak cryptographic hashing algorithm on sensitive data\nUsing a broken or weak cryptographic hash function can leave data vulnerable, and should not be used in security related code.\n\nA strong cryptographic hash function should be resistant to:\n\n* pre-image attacks: if you know a hash value `h(x)`, you should not be able to easily find the input `x`.\n* collision attacks: if you know a hash value `h(x)`, you should not be able to easily find a different input `y` with the same hash value `h(x) = h(y)`.\nIn cases with a limited input space, such as for passwords, the hash function also needs to be computationally expensive to be resistant to brute-force attacks. Passwords should also have an unique salt applied before hashing, but that is not considered by this query.\n\nAs an example, both MD5 and SHA-1 are known to be vulnerable to collision attacks.\n\nSince it's OK to use a weak cryptographic hash function in a non-security context, this query only alerts when these are used to hash sensitive data (such as passwords, certificates, usernames).\n\nUse of broken or weak cryptographic algorithms that are not hashing algorithms, is handled by the `py/weak-cryptographic-algorithm` query.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic hash function:\n\n* such as Argon2, scrypt, bcrypt, or PBKDF2 for passwords and other data with limited input space.\n* such as SHA-2, or SHA-3 in other cases.\n\n## Example\nThe following example shows two functions for checking whether the hash of a certificate matches a known value -- to prevent tampering. The first function uses MD5 that is known to be vulnerable to collision attacks. The second function uses SHA-256 that is a strong cryptographic hashing function.\n\n\n```python\nimport hashlib\n\ndef certificate_matches_known_hash_bad(certificate, known_hash):\n    hash = hashlib.md5(certificate).hexdigest() # BAD\n    return hash == known_hash\n\ndef certificate_matches_known_hash_good(certificate, known_hash):\n    hash = hashlib.sha256(certificate).hexdigest() # GOOD\n    return hash == known_hash\n\n```\n\n## Example\nThe following example shows two functions for hashing passwords. The first function uses SHA-256 to hash passwords. Although SHA-256 is a strong cryptographic hash function, it is not suitable for password hashing since it is not computationally expensive.\n\n\n```python\nimport hashlib\n\ndef get_password_hash(password: str, salt: str):\n    return hashlib.sha256(password + salt).hexdigest() # BAD\n\n```\nThe second function uses Argon2 (through the `argon2-cffi` PyPI package), which is a strong password hashing algorithm (and includes a per-password salt by default).\n\n\n```python\nfrom argon2 import PasswordHasher\n\ndef get_initial_hash(password: str):\n    ph = PasswordHasher()\n    return ph.hash(password) # GOOD\n\ndef check_password(password: str, known_hash):\n    ph = PasswordHasher()\n    return ph.verify(known_hash, password) # GOOD\n\n```\n\n## References\n* OWASP: [Password Storage Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n* Common Weakness Enumeration: [CWE-328](https://cwe.mitre.org/data/definitions/328.html).\n* Common Weakness Enumeration: [CWE-916](https://cwe.mitre.org/data/definitions/916.html).\n"},"id":"py/weak-sensitive-data-hashing","name":"py/weak-sensitive-data-hashing","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql","security-severity":"7.5","tags":["external/cwe/cwe-327","external/cwe/cwe-328","external/cwe/cwe-916","security"]},"shortDescription":{"text":"Use of a broken or weak cryptographic hashing algorithm on sensitive data"}},{"defaultConfiguration":{"level":"warning"},"fullDescription":{"text":"Parsing user input as an XML document with arbitrary internal entity expansion is vulnerable to denial-of-service attacks."},"help":{"markdown":"# XML internal entity expansion\nParsing untrusted XML files with a weakly configured XML parser may be vulnerable to denial-of-service (DoS) attacks exploiting uncontrolled internal entity expansion.\n\nIn XML, so-called *internal entities* are a mechanism for introducing an abbreviation for a piece of text or part of a document. When a parser that has been configured to expand entities encounters a reference to an internal entity, it replaces the entity by the data it represents. The replacement text may itself contain other entity references, which are expanded recursively. This means that entity expansion can increase document size dramatically.\n\nIf untrusted XML is parsed with entity expansion enabled, a malicious attacker could submit a document that contains very deeply nested entity definitions, causing the parser to take a very long time or use large amounts of memory. This is sometimes called an *XML bomb* attack.\n\n\n## Recommendation\nThe safest way to prevent XML bomb attacks is to disable entity expansion when parsing untrusted data. Whether this can be done depends on the library being used. Note that some libraries, such as `lxml`, have measures enabled by default to prevent such DoS XML attacks, so unless you have explicitly set `huge_tree` to `True`, no further action is needed.\n\nWe recommend using the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package, which has been created to prevent XML attacks (both XXE and XML bombs).\n\n\n## Example\nThe following example uses the `xml.etree` XML parser provided by the Python standard library to parse a string `xml_src`. That string is from an untrusted source, so this code is vulnerable to a DoS attack, since the `xml.etree` XML parser expands internal entities by default:\n\n\n```python\nfrom flask import Flask, request\nimport xml.etree.ElementTree as ET\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = ET.fromstring(xml_src)\n    return ET.tostring(doc)\n\n```\nIt is not possible to guard against internal entity expansion with `xml.etree`, so to guard against these attacks, the following example uses the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package instead, which is not exposed to such internal entity expansion attacks.\n\n\n```python\nfrom flask import Flask, request\nimport defusedxml.ElementTree as ET\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = ET.fromstring(xml_src)\n    return ET.tostring(doc)\n\n```\n\n## References\n* Wikipedia: [Billion Laughs](https://en.wikipedia.org/wiki/Billion_laughs).\n* Bryan Sullivan: [Security Briefs - XML Denial of Service Attacks and Defenses](https://msdn.microsoft.com/en-us/magazine/ee335713.aspx).\n* Python 3 standard library: [XML Vulnerabilities](https://docs.python.org/3/library/xml.html#xml-vulnerabilities).\n* Python 2 standard library: [XML Vulnerabilities](https://docs.python.org/2/library/xml.html#xml-vulnerabilities).\n* Common Weakness Enumeration: [CWE-776](https://cwe.mitre.org/data/definitions/776.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n","text":"# XML internal entity expansion\nParsing untrusted XML files with a weakly configured XML parser may be vulnerable to denial-of-service (DoS) attacks exploiting uncontrolled internal entity expansion.\n\nIn XML, so-called *internal entities* are a mechanism for introducing an abbreviation for a piece of text or part of a document. When a parser that has been configured to expand entities encounters a reference to an internal entity, it replaces the entity by the data it represents. The replacement text may itself contain other entity references, which are expanded recursively. This means that entity expansion can increase document size dramatically.\n\nIf untrusted XML is parsed with entity expansion enabled, a malicious attacker could submit a document that contains very deeply nested entity definitions, causing the parser to take a very long time or use large amounts of memory. This is sometimes called an *XML bomb* attack.\n\n\n## Recommendation\nThe safest way to prevent XML bomb attacks is to disable entity expansion when parsing untrusted data. Whether this can be done depends on the library being used. Note that some libraries, such as `lxml`, have measures enabled by default to prevent such DoS XML attacks, so unless you have explicitly set `huge_tree` to `True`, no further action is needed.\n\nWe recommend using the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package, which has been created to prevent XML attacks (both XXE and XML bombs).\n\n\n## Example\nThe following example uses the `xml.etree` XML parser provided by the Python standard library to parse a string `xml_src`. That string is from an untrusted source, so this code is vulnerable to a DoS attack, since the `xml.etree` XML parser expands internal entities by default:\n\n\n```python\nfrom flask import Flask, request\nimport xml.etree.ElementTree as ET\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = ET.fromstring(xml_src)\n    return ET.tostring(doc)\n\n```\nIt is not possible to guard against internal entity expansion with `xml.etree`, so to guard against these attacks, the following example uses the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package instead, which is not exposed to such internal entity expansion attacks.\n\n\n```python\nfrom flask import Flask, request\nimport defusedxml.ElementTree as ET\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = ET.fromstring(xml_src)\n    return ET.tostring(doc)\n\n```\n\n## References\n* Wikipedia: [Billion Laughs](https://en.wikipedia.org/wiki/Billion_laughs).\n* Bryan Sullivan: [Security Briefs - XML Denial of Service Attacks and Defenses](https://msdn.microsoft.com/en-us/magazine/ee335713.aspx).\n* Python 3 standard library: [XML Vulnerabilities](https://docs.python.org/3/library/xml.html#xml-vulnerabilities).\n* Python 2 standard library: [XML Vulnerabilities](https://docs.python.org/2/library/xml.html#xml-vulnerabilities).\n* Common Weakness Enumeration: [CWE-776](https://cwe.mitre.org/data/definitions/776.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n"},"id":"py/xml-bomb","name":"py/xml-bomb","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-776/XmlBomb.ql","security-severity":"7.5","tags":["external/cwe/cwe-400","external/cwe/cwe-776","security"]},"shortDescription":{"text":"XML internal entity expansion"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Building a XPath query from user-controlled sources is vulnerable to insertion of malicious Xpath code by the user."},"help":{"markdown":"# XPath query built from user-controlled sources\nIf an XPath expression is built using string concatenation, and the components of the concatenation include user input, it makes it very easy for a user to create a malicious XPath expression.\n\n\n## Recommendation\nIf user input must be included in an XPath expression, either sanitize the data or use variable references to safely embed it without altering the structure of the expression.\n\n\n## Example\nIn the example below, the xpath query is controlled by the user and hence leads to a vulnerability.\n\n\n```python\nfrom lxml import etree\nfrom io import StringIO\n\nfrom django.urls import path\nfrom django.http import HttpResponse\nfrom django.template import Template, Context, Engine, engines\n\n\ndef a(request):\n    value = request.GET['xpath']\n    f = StringIO('\u003cfoo\u003e\u003cbar\u003e\u003c/bar\u003e\u003c/foo\u003e')\n    tree = etree.parse(f)\n    r = tree.xpath(\"/tag[@id='%s']\" % value)\n\n\nurlpatterns = [\n    path('a', a)\n]\n\n```\nThis can be fixed by using a parameterized query as shown below.\n\n\n```python\nfrom lxml import etree\nfrom io import StringIO\n\nfrom django.urls import path\nfrom django.http import HttpResponse\nfrom django.template import Template, Context, Engine, engines\n\n\ndef a(request):\n    value = request.GET['xpath']\n    f = StringIO('\u003cfoo\u003e\u003cbar\u003e\u003c/bar\u003e\u003c/foo\u003e')\n    tree = etree.parse(f)\n    r = tree.xpath(\"/tag[@id=$tagid]\", tagid=value)\n\n\nurlpatterns = [\n    path('a', a)\n]\n\n```\n\n## References\n* OWASP XPath injection : [](https://owasp.org/www-community/attacks/XPATH_Injection)/\u0026gt;\u0026gt;\n* Common Weakness Enumeration: [CWE-643](https://cwe.mitre.org/data/definitions/643.html).\n","text":"# XPath query built from user-controlled sources\nIf an XPath expression is built using string concatenation, and the components of the concatenation include user input, it makes it very easy for a user to create a malicious XPath expression.\n\n\n## Recommendation\nIf user input must be included in an XPath expression, either sanitize the data or use variable references to safely embed it without altering the structure of the expression.\n\n\n## Example\nIn the example below, the xpath query is controlled by the user and hence leads to a vulnerability.\n\n\n```python\nfrom lxml import etree\nfrom io import StringIO\n\nfrom django.urls import path\nfrom django.http import HttpResponse\nfrom django.template import Template, Context, Engine, engines\n\n\ndef a(request):\n    value = request.GET['xpath']\n    f = StringIO('\u003cfoo\u003e\u003cbar\u003e\u003c/bar\u003e\u003c/foo\u003e')\n    tree = etree.parse(f)\n    r = tree.xpath(\"/tag[@id='%s']\" % value)\n\n\nurlpatterns = [\n    path('a', a)\n]\n\n```\nThis can be fixed by using a parameterized query as shown below.\n\n\n```python\nfrom lxml import etree\nfrom io import StringIO\n\nfrom django.urls import path\nfrom django.http import HttpResponse\nfrom django.template import Template, Context, Engine, engines\n\n\ndef a(request):\n    value = request.GET['xpath']\n    f = StringIO('\u003cfoo\u003e\u003cbar\u003e\u003c/bar\u003e\u003c/foo\u003e')\n    tree = etree.parse(f)\n    r = tree.xpath(\"/tag[@id=$tagid]\", tagid=value)\n\n\nurlpatterns = [\n    path('a', a)\n]\n\n```\n\n## References\n* OWASP XPath injection : [](https://owasp.org/www-community/attacks/XPATH_Injection)/\u0026gt;\u0026gt;\n* Common Weakness Enumeration: [CWE-643](https://cwe.mitre.org/data/definitions/643.html).\n"},"id":"py/xpath-injection","name":"py/xpath-injection","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-643/XpathInjection.ql","security-severity":"9.8","tags":["external/cwe/cwe-643","security"]},"shortDescription":{"text":"XPath query built from user-controlled sources"}},{"defaultConfiguration":{"level":"error"},"fullDescription":{"text":"Parsing user input as an XML document with external entity expansion is vulnerable to XXE attacks."},"help":{"markdown":"# XML external entity expansion\nParsing untrusted XML files with a weakly configured XML parser may lead to an XML External Entity (XXE) attack. This type of attack uses external entity references to access arbitrary files on a system, carry out denial-of-service (DoS) attacks, or server-side request forgery. Even when the result of parsing is not returned to the user, DoS attacks are still possible and out-of-band data retrieval techniques may allow attackers to steal sensitive data.\n\n\n## Recommendation\nThe easiest way to prevent XXE attacks is to disable external entity handling when parsing untrusted data. How this is done depends on the library being used. Note that some libraries, such as recent versions of the XML libraries in the standard library of Python 3, disable entity expansion by default, so unless you have explicitly enabled entity expansion, no further action needs to be taken.\n\nWe recommend using the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package, which has been created to prevent XML attacks (both XXE and XML bombs).\n\n\n## Example\nThe following example uses the `lxml` XML parser to parse a string `xml_src`. That string is from an untrusted source, so this code is vulnerable to an XXE attack, since the [ default parser](https://lxml.de/apidoc/lxml.etree.html#lxml.etree.XMLParser) from `lxml.etree` allows local external entities to be resolved.\n\n\n```python\nfrom flask import Flask, request\nimport lxml.etree\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = lxml.etree.fromstring(xml_src)\n    return lxml.etree.tostring(doc)\n\n```\nTo guard against XXE attacks with the `lxml` library, you should create a parser with `resolve_entities` set to `false`. This means that no entity expansion is undertaken, although standard predefined entities such as `\u0026gt;`, for writing `\u003e` inside the text of an XML element, are still allowed.\n\n\n```python\nfrom flask import Flask, request\nimport lxml.etree\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    parser = lxml.etree.XMLParser(resolve_entities=False)\n    doc = lxml.etree.fromstring(xml_src, parser=parser)\n    return lxml.etree.tostring(doc)\n\n```\n\n## References\n* OWASP: [XML External Entity (XXE) Processing](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing).\n* Timothy Morgen: [XML Schema, DTD, and Entity Attacks](https://research.nccgroup.com/2014/05/19/xml-schema-dtd-and-entity-attacks-a-compendium-of-known-techniques/).\n* Timur Yunusov, Alexey Osipov: [XML Out-Of-Band Data Retrieval](https://www.slideshare.net/qqlan/bh-ready-v4).\n* Python 3 standard library: [XML Vulnerabilities](https://docs.python.org/3/library/xml.html#xml-vulnerabilities).\n* Python 2 standard library: [XML Vulnerabilities](https://docs.python.org/2/library/xml.html#xml-vulnerabilities).\n* PortSwigger: [XML external entity (XXE) injection](https://portswigger.net/web-security/xxe).\n* Common Weakness Enumeration: [CWE-611](https://cwe.mitre.org/data/definitions/611.html).\n* Common Weakness Enumeration: [CWE-827](https://cwe.mitre.org/data/definitions/827.html).\n","text":"# XML external entity expansion\nParsing untrusted XML files with a weakly configured XML parser may lead to an XML External Entity (XXE) attack. This type of attack uses external entity references to access arbitrary files on a system, carry out denial-of-service (DoS) attacks, or server-side request forgery. Even when the result of parsing is not returned to the user, DoS attacks are still possible and out-of-band data retrieval techniques may allow attackers to steal sensitive data.\n\n\n## Recommendation\nThe easiest way to prevent XXE attacks is to disable external entity handling when parsing untrusted data. How this is done depends on the library being used. Note that some libraries, such as recent versions of the XML libraries in the standard library of Python 3, disable entity expansion by default, so unless you have explicitly enabled entity expansion, no further action needs to be taken.\n\nWe recommend using the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package, which has been created to prevent XML attacks (both XXE and XML bombs).\n\n\n## Example\nThe following example uses the `lxml` XML parser to parse a string `xml_src`. That string is from an untrusted source, so this code is vulnerable to an XXE attack, since the [ default parser](https://lxml.de/apidoc/lxml.etree.html#lxml.etree.XMLParser) from `lxml.etree` allows local external entities to be resolved.\n\n\n```python\nfrom flask import Flask, request\nimport lxml.etree\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = lxml.etree.fromstring(xml_src)\n    return lxml.etree.tostring(doc)\n\n```\nTo guard against XXE attacks with the `lxml` library, you should create a parser with `resolve_entities` set to `false`. This means that no entity expansion is undertaken, although standard predefined entities such as `\u0026gt;`, for writing `\u003e` inside the text of an XML element, are still allowed.\n\n\n```python\nfrom flask import Flask, request\nimport lxml.etree\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    parser = lxml.etree.XMLParser(resolve_entities=False)\n    doc = lxml.etree.fromstring(xml_src, parser=parser)\n    return lxml.etree.tostring(doc)\n\n```\n\n## References\n* OWASP: [XML External Entity (XXE) Processing](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing).\n* Timothy Morgen: [XML Schema, DTD, and Entity Attacks](https://research.nccgroup.com/2014/05/19/xml-schema-dtd-and-entity-attacks-a-compendium-of-known-techniques/).\n* Timur Yunusov, Alexey Osipov: [XML Out-Of-Band Data Retrieval](https://www.slideshare.net/qqlan/bh-ready-v4).\n* Python 3 standard library: [XML Vulnerabilities](https://docs.python.org/3/library/xml.html#xml-vulnerabilities).\n* Python 2 standard library: [XML Vulnerabilities](https://docs.python.org/2/library/xml.html#xml-vulnerabilities).\n* PortSwigger: [XML external entity (XXE) injection](https://portswigger.net/web-security/xxe).\n* Common Weakness Enumeration: [CWE-611](https://cwe.mitre.org/data/definitions/611.html).\n* Common Weakness Enumeration: [CWE-827](https://cwe.mitre.org/data/definitions/827.html).\n"},"id":"py/xxe","name":"py/xxe","properties":{"precision":"high","queryURI":"https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-611/Xxe.ql","security-severity":"9.1","tags":["external/cwe/cwe-611","external/cwe/cwe-827","security"]},"shortDescription":{"text":"XML external entity expansion"}}],"semanticVersion":"1.3.2+39a67b6e2e6490a9bd010db50e148f647765e9f7"},{"name":"codeql/python-all","semanticVersion":"2.1.2+39a67b6e2e6490a9bd010db50e148f647765e9f7"},{"name":"codeql/threat-models","semanticVersion":"1.0.11+39a67b6e2e6490a9bd010db50e148f647765e9f7"}]},"versionControlProvenance":[{"branch":"refs/heads/master","repositoryUri":"https://github.com/nahsra/Vulnerable-Code-Snippets","revisionId":"07669239ed45467b3c169b9747b3ccdc229632ca"}]}],"$schema":"https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json","version":"2.1.0"}
+{
+  "version": "2.1.0",
+  "schema_uri": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
+  "runs": [
+    {
+      "tool": {
+        "driver": {
+          "name": "CodeQL",
+          "semantic_version": "2.19.3"
+        },
+        "extensions": [
+          {
+            "name": "codeql/python-queries",
+            "semantic_version": "1.3.2+39a67b6e2e6490a9bd010db50e148f647765e9f7",
+            "rules": [
+              {
+                "id": "py/bad-tag-filter",
+                "name": "py/bad-tag-filter",
+                "short_description": {
+                  "text": "Bad HTML filtering regexp"
+                },
+                "full_description": {
+                  "text": "Matching HTML tags using regular expressions is hard to do right, and can easily lead to security issues."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Bad HTML filtering regexp\nIt is possible to match some single HTML tags using regular expressions (parsing general HTML using regular expressions is impossible). However, if the regular expression is not written well it might be possible to circumvent it, which can lead to cross-site scripting or other security issues.\n\nSome of these mistakes are caused by browsers having very forgiving HTML parsers, and will often render invalid HTML containing syntax errors. Regular expressions that attempt to match HTML should also recognize tags containing such syntax errors.\n\n\n## Recommendation\nUse a well-tested sanitization or parser library if at all possible. These libraries are much more likely to handle corner cases correctly than a custom implementation.\n\n\n## Example\nThe following example attempts to filters out all `<script>` tags.\n\n\n```python\nimport re\n\ndef filterScriptTags(content): \n    oldContent = \"\"\n    while oldContent != content:\n        oldContent = content\n        content = re.sub(r'<script.*?>.*?</script>', '', content, flags= re.DOTALL | re.IGNORECASE)\n    return content\n```\nThe above sanitizer does not filter out all `<script>` tags. Browsers will not only accept `</script>` as script end tags, but also tags such as `</script foo=\"bar\">` even though it is a parser error. This means that an attack string such as `<script>alert(1)</script foo=\"bar\">` will not be filtered by the function, and `alert(1)` will be executed by a browser if the string is rendered as HTML.\n\nOther corner cases include that HTML comments can end with `--!>`, and that HTML tag names can contain upper case characters.\n\n\n## References\n* Securitum: [The Curious Case of Copy &amp; Paste](https://research.securitum.com/the-curious-case-of-copy-paste/).\n* stackoverflow.com: [You can't parse \\[X\\]HTML with regex](https://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags#answer-1732454).\n* HTML Standard: [Comment end bang state](https://html.spec.whatwg.org/multipage/parsing.html#comment-end-bang-state).\n* stackoverflow.com: [Why aren't browsers strict about HTML?](https://stackoverflow.com/questions/25559999/why-arent-browsers-strict-about-html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n* Common Weakness Enumeration: [CWE-185](https://cwe.mitre.org/data/definitions/185.html).\n* Common Weakness Enumeration: [CWE-186](https://cwe.mitre.org/data/definitions/186.html).\n",
+                  "markdown": "# Bad HTML filtering regexp\nIt is possible to match some single HTML tags using regular expressions (parsing general HTML using regular expressions is impossible). However, if the regular expression is not written well it might be possible to circumvent it, which can lead to cross-site scripting or other security issues.\n\nSome of these mistakes are caused by browsers having very forgiving HTML parsers, and will often render invalid HTML containing syntax errors. Regular expressions that attempt to match HTML should also recognize tags containing such syntax errors.\n\n\n## Recommendation\nUse a well-tested sanitization or parser library if at all possible. These libraries are much more likely to handle corner cases correctly than a custom implementation.\n\n\n## Example\nThe following example attempts to filters out all `<script>` tags.\n\n\n```python\nimport re\n\ndef filterScriptTags(content): \n    oldContent = \"\"\n    while oldContent != content:\n        oldContent = content\n        content = re.sub(r'<script.*?>.*?</script>', '', content, flags= re.DOTALL | re.IGNORECASE)\n    return content\n```\nThe above sanitizer does not filter out all `<script>` tags. Browsers will not only accept `</script>` as script end tags, but also tags such as `</script foo=\"bar\">` even though it is a parser error. This means that an attack string such as `<script>alert(1)</script foo=\"bar\">` will not be filtered by the function, and `alert(1)` will be executed by a browser if the string is rendered as HTML.\n\nOther corner cases include that HTML comments can end with `--!>`, and that HTML tag names can contain upper case characters.\n\n\n## References\n* Securitum: [The Curious Case of Copy &amp; Paste](https://research.securitum.com/the-curious-case-of-copy-paste/).\n* stackoverflow.com: [You can't parse \\[X\\]HTML with regex](https://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags#answer-1732454).\n* HTML Standard: [Comment end bang state](https://html.spec.whatwg.org/multipage/parsing.html#comment-end-bang-state).\n* stackoverflow.com: [Why aren't browsers strict about HTML?](https://stackoverflow.com/questions/25559999/why-arent-browsers-strict-about-html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n* Common Weakness Enumeration: [CWE-185](https://cwe.mitre.org/data/definitions/185.html).\n* Common Weakness Enumeration: [CWE-186](https://cwe.mitre.org/data/definitions/186.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-116/BadTagFilter.ql",
+                  "security-severity": "7.8",
+                  "tags": [
+                    "correctness",
+                    "external/cwe/cwe-020",
+                    "external/cwe/cwe-116",
+                    "external/cwe/cwe-185",
+                    "external/cwe/cwe-186",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/bind-socket-all-network-interfaces",
+                "name": "py/bind-socket-all-network-interfaces",
+                "short_description": {
+                  "text": "Binding a socket to all network interfaces"
+                },
+                "full_description": {
+                  "text": "Binding a socket to all interfaces opens it up to traffic from any IPv4 address and is therefore associated with security risks."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Binding a socket to all network interfaces\nSockets can be used to communicate with other machines on a network. You can use the (IP address, port) pair to define the access restrictions for the socket you create. When using the built-in Python `socket` module (for instance, when building a message sender service or an FTP server data transmitter), one has to bind the port to some interface. When you bind the port to all interfaces using `0.0.0.0` as the IP address, you essentially allow it to accept connections from any IPv4 address provided that it can get to the socket via routing. Binding to all interfaces is therefore associated with security risks.\n\n\n## Recommendation\nBind your service incoming traffic only to a dedicated interface. If you need to bind more than one interface using the built-in `socket` module, create multiple sockets (instead of binding to one socket to all interfaces).\n\n\n## Example\nIn this example, two sockets are insecure because they are bound to all interfaces; one through the `0.0.0.0` notation and another one through an empty string `''`.\n\n\n```python\nimport socket\n\n# binds to all interfaces, insecure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('0.0.0.0', 31137))\n\n# binds to all interfaces, insecure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('', 4040))\n\n# binds only to a dedicated interface, secure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('84.68.10.12', 8080))\n\n```\n\n## References\n* Python reference: [ Socket families](https://docs.python.org/3/library/socket.html#socket-families).\n* Python reference: [ Socket Programming HOWTO](https://docs.python.org/3.7/howto/sockets.html).\n* Common Vulnerabilities and Exposures: [ CVE-2018-1281 Detail](https://nvd.nist.gov/vuln/detail/CVE-2018-1281).\n* Common Weakness Enumeration: [CWE-200](https://cwe.mitre.org/data/definitions/200.html).\n",
+                  "markdown": "# Binding a socket to all network interfaces\nSockets can be used to communicate with other machines on a network. You can use the (IP address, port) pair to define the access restrictions for the socket you create. When using the built-in Python `socket` module (for instance, when building a message sender service or an FTP server data transmitter), one has to bind the port to some interface. When you bind the port to all interfaces using `0.0.0.0` as the IP address, you essentially allow it to accept connections from any IPv4 address provided that it can get to the socket via routing. Binding to all interfaces is therefore associated with security risks.\n\n\n## Recommendation\nBind your service incoming traffic only to a dedicated interface. If you need to bind more than one interface using the built-in `socket` module, create multiple sockets (instead of binding to one socket to all interfaces).\n\n\n## Example\nIn this example, two sockets are insecure because they are bound to all interfaces; one through the `0.0.0.0` notation and another one through an empty string `''`.\n\n\n```python\nimport socket\n\n# binds to all interfaces, insecure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('0.0.0.0', 31137))\n\n# binds to all interfaces, insecure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('', 4040))\n\n# binds only to a dedicated interface, secure\ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.bind(('84.68.10.12', 8080))\n\n```\n\n## References\n* Python reference: [ Socket families](https://docs.python.org/3/library/socket.html#socket-families).\n* Python reference: [ Socket Programming HOWTO](https://docs.python.org/3.7/howto/sockets.html).\n* Common Vulnerabilities and Exposures: [ CVE-2018-1281 Detail](https://nvd.nist.gov/vuln/detail/CVE-2018-1281).\n* Common Weakness Enumeration: [CWE-200](https://cwe.mitre.org/data/definitions/200.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CVE-2018-1281/BindToAllInterfaces.ql",
+                  "security-severity": "6.5",
+                  "tags": [
+                    "external/cwe/cwe-200",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/clear-text-logging-sensitive-data",
+                "name": "py/clear-text-logging-sensitive-data",
+                "short_description": {
+                  "text": "Clear-text logging of sensitive information"
+                },
+                "full_description": {
+                  "text": "Logging sensitive information without encryption or hashing can expose it to an attacker."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Clear-text logging of sensitive information\nIf sensitive data is written to a log entry it could be exposed to an attacker who gains access to the logs.\n\nPotential attackers can obtain sensitive user data when the log output is displayed. Additionally that data may expose system information such as full path names, system information, and sometimes usernames and passwords.\n\n\n## Recommendation\nSensitive data should not be logged.\n\n\n## Example\nIn the example the entire process environment is logged using \\`print\\`. Regular users of the production deployed application should not have access to this much information about the environment configuration.\n\n\n```python\n# BAD: Logging cleartext sensitive data\nimport os\nprint(f\"[INFO] Environment: {os.environ}\")\n```\nIn the second example the data that is logged is not sensitive.\n\n\n```python\nnot_sensitive_data = {'a': 1, 'b': 2}\n# GOOD: it is fine to log data that is not sensitive\nprint(f\"[INFO] Some object contains: {not_sensitive_data}\")\n```\n\n## References\n* OWASP: [Insertion of Sensitive Information into Log File](https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/).\n* Common Weakness Enumeration: [CWE-312](https://cwe.mitre.org/data/definitions/312.html).\n* Common Weakness Enumeration: [CWE-359](https://cwe.mitre.org/data/definitions/359.html).\n* Common Weakness Enumeration: [CWE-532](https://cwe.mitre.org/data/definitions/532.html).\n",
+                  "markdown": "# Clear-text logging of sensitive information\nIf sensitive data is written to a log entry it could be exposed to an attacker who gains access to the logs.\n\nPotential attackers can obtain sensitive user data when the log output is displayed. Additionally that data may expose system information such as full path names, system information, and sometimes usernames and passwords.\n\n\n## Recommendation\nSensitive data should not be logged.\n\n\n## Example\nIn the example the entire process environment is logged using \\`print\\`. Regular users of the production deployed application should not have access to this much information about the environment configuration.\n\n\n```python\n# BAD: Logging cleartext sensitive data\nimport os\nprint(f\"[INFO] Environment: {os.environ}\")\n```\nIn the second example the data that is logged is not sensitive.\n\n\n```python\nnot_sensitive_data = {'a': 1, 'b': 2}\n# GOOD: it is fine to log data that is not sensitive\nprint(f\"[INFO] Some object contains: {not_sensitive_data}\")\n```\n\n## References\n* OWASP: [Insertion of Sensitive Information into Log File](https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/).\n* Common Weakness Enumeration: [CWE-312](https://cwe.mitre.org/data/definitions/312.html).\n* Common Weakness Enumeration: [CWE-359](https://cwe.mitre.org/data/definitions/359.html).\n* Common Weakness Enumeration: [CWE-532](https://cwe.mitre.org/data/definitions/532.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-312/CleartextLogging.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-312",
+                    "external/cwe/cwe-359",
+                    "external/cwe/cwe-532",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/clear-text-storage-sensitive-data",
+                "name": "py/clear-text-storage-sensitive-data",
+                "short_description": {
+                  "text": "Clear-text storage of sensitive information"
+                },
+                "full_description": {
+                  "text": "Sensitive information stored without encryption or hashing can expose it to an attacker."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Clear-text storage of sensitive information\nSensitive information that is stored unencrypted is accessible to an attacker who gains access to the storage. This is particularly important for cookies, which are stored on the machine of the end-user.\n\n\n## Recommendation\nEnsure that sensitive information is always encrypted before being stored. If possible, avoid placing sensitive information in cookies altogether. Instead, prefer storing, in the cookie, a key that can be used to look up the sensitive information.\n\nIn general, decrypt sensitive information only at the point where it is necessary for it to be used in cleartext.\n\nBe aware that external processes often store the `standard out` and `standard error` streams of the application, causing logged sensitive information to be stored as well.\n\n\n## Example\nThe following example code stores user credentials (in this case, their password) in a cookie in plain text:\n\n\n```python\nfrom flask import Flask, make_response, request\n\napp = Flask(\"Leak password\")\n\n@app.route('/')\ndef index():\n    password = request.args.get(\"password\")\n    resp = make_response(render_template(...))\n    resp.set_cookie(\"password\", password)\n    return resp\n\n```\nInstead, the credentials should be encrypted, for instance by using the `cryptography` module, or not stored at all.\n\n\n## References\n* M. Dowd, J. McDonald and J. Schuhm, *The Art of Software Security Assessment*, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.\n* M. Howard and D. LeBlanc, *Writing Secure Code*, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.\n* Common Weakness Enumeration: [CWE-312](https://cwe.mitre.org/data/definitions/312.html).\n* Common Weakness Enumeration: [CWE-315](https://cwe.mitre.org/data/definitions/315.html).\n* Common Weakness Enumeration: [CWE-359](https://cwe.mitre.org/data/definitions/359.html).\n",
+                  "markdown": "# Clear-text storage of sensitive information\nSensitive information that is stored unencrypted is accessible to an attacker who gains access to the storage. This is particularly important for cookies, which are stored on the machine of the end-user.\n\n\n## Recommendation\nEnsure that sensitive information is always encrypted before being stored. If possible, avoid placing sensitive information in cookies altogether. Instead, prefer storing, in the cookie, a key that can be used to look up the sensitive information.\n\nIn general, decrypt sensitive information only at the point where it is necessary for it to be used in cleartext.\n\nBe aware that external processes often store the `standard out` and `standard error` streams of the application, causing logged sensitive information to be stored as well.\n\n\n## Example\nThe following example code stores user credentials (in this case, their password) in a cookie in plain text:\n\n\n```python\nfrom flask import Flask, make_response, request\n\napp = Flask(\"Leak password\")\n\n@app.route('/')\ndef index():\n    password = request.args.get(\"password\")\n    resp = make_response(render_template(...))\n    resp.set_cookie(\"password\", password)\n    return resp\n\n```\nInstead, the credentials should be encrypted, for instance by using the `cryptography` module, or not stored at all.\n\n\n## References\n* M. Dowd, J. McDonald and J. Schuhm, *The Art of Software Security Assessment*, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.\n* M. Howard and D. LeBlanc, *Writing Secure Code*, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.\n* Common Weakness Enumeration: [CWE-312](https://cwe.mitre.org/data/definitions/312.html).\n* Common Weakness Enumeration: [CWE-315](https://cwe.mitre.org/data/definitions/315.html).\n* Common Weakness Enumeration: [CWE-359](https://cwe.mitre.org/data/definitions/359.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-312/CleartextStorage.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-312",
+                    "external/cwe/cwe-315",
+                    "external/cwe/cwe-359",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/code-injection",
+                "name": "py/code-injection",
+                "short_description": {
+                  "text": "Code injection"
+                },
+                "full_description": {
+                  "text": "Interpreting unsanitized user input as code allows a malicious user to perform arbitrary code execution."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Code injection\nDirectly evaluating user input (for example, an HTTP request parameter) as code without properly sanitizing the input first allows an attacker arbitrary code execution. This can occur when user input is passed to code that interprets it as an expression to be evaluated, such as `eval` or `exec`.\n\n\n## Recommendation\nAvoid including user input in any expression that may be dynamically evaluated. If user input must be included, use context-specific escaping before including it. It is important that the correct escaping is used for the type of evaluation that will occur.\n\n\n## Example\nThe following example shows two functions setting a name from a request. The first function uses `exec` to execute the `setname` function. This is dangerous as it can allow a malicious user to execute arbitrary code on the server. For example, the user could supply the value `\"' + subprocess.call('rm -rf') + '\"` to destroy the server's file system. The second function calls the `setname` function directly and is thus safe.\n\n\n```python\n\nurlpatterns = [\n    # Route to code_execution\n    url(r'^code-ex1$', code_execution_bad, name='code-execution-bad'),\n    url(r'^code-ex2$', code_execution_good, name='code-execution-good')\n]\n\ndef code_execution(request):\n    if request.method == 'POST':\n        first_name = base64.decodestring(request.POST.get('first_name', ''))\n        #BAD -- Allow user to define code to be run.\n        exec(\"setname('%s')\" % first_name)\n\ndef code_execution(request):\n    if request.method == 'POST':\n        first_name = base64.decodestring(request.POST.get('first_name', ''))\n        #GOOD --Call code directly\n        setname(first_name)\n\n```\n\n## References\n* OWASP: [Code Injection](https://www.owasp.org/index.php/Code_Injection).\n* Wikipedia: [Code Injection](https://en.wikipedia.org/wiki/Code_injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n* Common Weakness Enumeration: [CWE-95](https://cwe.mitre.org/data/definitions/95.html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n",
+                  "markdown": "# Code injection\nDirectly evaluating user input (for example, an HTTP request parameter) as code without properly sanitizing the input first allows an attacker arbitrary code execution. This can occur when user input is passed to code that interprets it as an expression to be evaluated, such as `eval` or `exec`.\n\n\n## Recommendation\nAvoid including user input in any expression that may be dynamically evaluated. If user input must be included, use context-specific escaping before including it. It is important that the correct escaping is used for the type of evaluation that will occur.\n\n\n## Example\nThe following example shows two functions setting a name from a request. The first function uses `exec` to execute the `setname` function. This is dangerous as it can allow a malicious user to execute arbitrary code on the server. For example, the user could supply the value `\"' + subprocess.call('rm -rf') + '\"` to destroy the server's file system. The second function calls the `setname` function directly and is thus safe.\n\n\n```python\n\nurlpatterns = [\n    # Route to code_execution\n    url(r'^code-ex1$', code_execution_bad, name='code-execution-bad'),\n    url(r'^code-ex2$', code_execution_good, name='code-execution-good')\n]\n\ndef code_execution(request):\n    if request.method == 'POST':\n        first_name = base64.decodestring(request.POST.get('first_name', ''))\n        #BAD -- Allow user to define code to be run.\n        exec(\"setname('%s')\" % first_name)\n\ndef code_execution(request):\n    if request.method == 'POST':\n        first_name = base64.decodestring(request.POST.get('first_name', ''))\n        #GOOD --Call code directly\n        setname(first_name)\n\n```\n\n## References\n* OWASP: [Code Injection](https://www.owasp.org/index.php/Code_Injection).\n* Wikipedia: [Code Injection](https://en.wikipedia.org/wiki/Code_injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n* Common Weakness Enumeration: [CWE-95](https://cwe.mitre.org/data/definitions/95.html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-094/CodeInjection.ql",
+                  "security-severity": "9.3",
+                  "tags": [
+                    "external/cwe/cwe-094",
+                    "external/cwe/cwe-095",
+                    "external/cwe/cwe-116",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/command-line-injection",
+                "name": "py/command-line-injection",
+                "short_description": {
+                  "text": "Uncontrolled command line"
+                },
+                "full_description": {
+                  "text": "Using externally controlled strings in a command line may allow a malicious user to change the meaning of the command."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Uncontrolled command line\nCode that passes user input directly to `exec`, `eval`, or some other library routine that executes a command, allows the user to execute malicious code.\n\n\n## Recommendation\nIf possible, use hard-coded string literals to specify the command to run or the library to load. Instead of passing the user input directly to the process or library function, examine the user input and then choose among hard-coded string literals.\n\nIf the applicable libraries or commands cannot be determined at compile time, then add code to verify that the user input string is safe before using it.\n\n\n## Example\nThe following example shows two functions. The first is unsafe as it takes a shell script that can be changed by a user, and passes it straight to `subprocess.call()` without examining it first. The second is safe as it selects the command from a predefined allowlist.\n\n\n```python\n\nurlpatterns = [\n    # Route to command_execution\n    url(r'^command-ex1$', command_execution_unsafe, name='command-execution-unsafe'),\n    url(r'^command-ex2$', command_execution_safe, name='command-execution-safe')\n]\n\nCOMMANDS = {\n    \"list\" :\"ls\",\n    \"stat\" : \"stat\"\n}\n\ndef command_execution_unsafe(request):\n    if request.method == 'POST':\n        action = request.POST.get('action', '')\n        #BAD -- No sanitizing of input\n        subprocess.call([\"application\", action])\n\ndef command_execution_safe(request):\n    if request.method == 'POST':\n        action = request.POST.get('action', '')\n        #GOOD -- Use an allowlist\n        subprocess.call([\"application\", COMMANDS[action]])\n\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n",
+                  "markdown": "# Uncontrolled command line\nCode that passes user input directly to `exec`, `eval`, or some other library routine that executes a command, allows the user to execute malicious code.\n\n\n## Recommendation\nIf possible, use hard-coded string literals to specify the command to run or the library to load. Instead of passing the user input directly to the process or library function, examine the user input and then choose among hard-coded string literals.\n\nIf the applicable libraries or commands cannot be determined at compile time, then add code to verify that the user input string is safe before using it.\n\n\n## Example\nThe following example shows two functions. The first is unsafe as it takes a shell script that can be changed by a user, and passes it straight to `subprocess.call()` without examining it first. The second is safe as it selects the command from a predefined allowlist.\n\n\n```python\n\nurlpatterns = [\n    # Route to command_execution\n    url(r'^command-ex1$', command_execution_unsafe, name='command-execution-unsafe'),\n    url(r'^command-ex2$', command_execution_safe, name='command-execution-safe')\n]\n\nCOMMANDS = {\n    \"list\" :\"ls\",\n    \"stat\" : \"stat\"\n}\n\ndef command_execution_unsafe(request):\n    if request.method == 'POST':\n        action = request.POST.get('action', '')\n        #BAD -- No sanitizing of input\n        subprocess.call([\"application\", action])\n\ndef command_execution_safe(request):\n    if request.method == 'POST':\n        action = request.POST.get('action', '')\n        #GOOD -- Use an allowlist\n        subprocess.call([\"application\", COMMANDS[action]])\n\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-078/CommandInjection.ql",
+                  "security-severity": "9.8",
+                  "tags": [
+                    "correctness",
+                    "external/cwe/cwe-078",
+                    "external/cwe/cwe-088",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/cookie-injection",
+                "name": "py/cookie-injection",
+                "short_description": {
+                  "text": "Construction of a cookie using user-supplied input"
+                },
+                "full_description": {
+                  "text": "Constructing cookies from user input may allow an attacker to perform a Cookie Poisoning attack."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Construction of a cookie using user-supplied input\nConstructing cookies from user input can allow an attacker to control a user's cookie. This may lead to a session fixation attack. Additionally, client code may not expect a cookie to contain attacker-controlled data, and fail to sanitize it for common vulnerabilities such as Cross Site Scripting (XSS). An attacker manipulating the raw cookie header may additionally be able to set cookie attributes such as `HttpOnly` to insecure values.\n\n\n## Recommendation\nDo not use raw user input to construct cookies.\n\n\n## Example\nIn the following cases, a cookie is constructed for a Flask response using user input. The first uses `set_cookie`, and the second sets a cookie's raw value through the `set-cookie` header.\n\n\n```python\nfrom flask import request, make_response\n\n\n@app.route(\"/1\")\ndef set_cookie():\n    resp = make_response()\n    resp.set_cookie(request.args[\"name\"], # BAD: User input is used to set the cookie's name and value\n                    value=request.args[\"name\"])\n    return resp\n\n\n@app.route(\"/2\")\ndef set_cookie_header():\n    resp = make_response()\n    resp.headers['Set-Cookie'] = f\"{request.args['name']}={request.args['name']};\" # BAD: User input is used to set the raw cookie header.\n    return resp\n\n```\n\n## References\n* Wikipedia - [Session Fixation](https://en.wikipedia.org/wiki/Session_fixation).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n",
+                  "markdown": "# Construction of a cookie using user-supplied input\nConstructing cookies from user input can allow an attacker to control a user's cookie. This may lead to a session fixation attack. Additionally, client code may not expect a cookie to contain attacker-controlled data, and fail to sanitize it for common vulnerabilities such as Cross Site Scripting (XSS). An attacker manipulating the raw cookie header may additionally be able to set cookie attributes such as `HttpOnly` to insecure values.\n\n\n## Recommendation\nDo not use raw user input to construct cookies.\n\n\n## Example\nIn the following cases, a cookie is constructed for a Flask response using user input. The first uses `set_cookie`, and the second sets a cookie's raw value through the `set-cookie` header.\n\n\n```python\nfrom flask import request, make_response\n\n\n@app.route(\"/1\")\ndef set_cookie():\n    resp = make_response()\n    resp.set_cookie(request.args[\"name\"], # BAD: User input is used to set the cookie's name and value\n                    value=request.args[\"name\"])\n    return resp\n\n\n@app.route(\"/2\")\ndef set_cookie_header():\n    resp = make_response()\n    resp.headers['Set-Cookie'] = f\"{request.args['name']}={request.args['name']};\" # BAD: User input is used to set the raw cookie header.\n    return resp\n\n```\n\n## References\n* Wikipedia - [Session Fixation](https://en.wikipedia.org/wiki/Session_fixation).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-020/CookieInjection.ql",
+                  "security-severity": "5",
+                  "tags": [
+                    "external/cwe/cwe-20",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/csrf-protection-disabled",
+                "name": "py/csrf-protection-disabled",
+                "short_description": {
+                  "text": "CSRF protection weakened or disabled"
+                },
+                "full_description": {
+                  "text": "Disabling or weakening CSRF protection may make the application vulnerable to a Cross-Site Request Forgery (CSRF) attack."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# CSRF protection weakened or disabled\nCross-site request forgery (CSRF) is a type of vulnerability in which an attacker is able to force a user to carry out an action that the user did not intend.\n\nThe attacker tricks an authenticated user into submitting a request to the web application. Typically this request will result in a state change on the server, such as changing the user's password. The request can be initiated when the user visits a site controlled by the attacker. If the web application relies only on cookies for authentication, or on other credentials that are automatically included in the request, then this request will appear as legitimate to the server.\n\nA common countermeasure for CSRF is to generate a unique token to be included in the HTML sent from the server to a user. This token can be used as a hidden field to be sent back with requests to the server, where the server can then check that the token is valid and associated with the relevant user session.\n\n\n## Recommendation\nIn many web frameworks, CSRF protection is enabled by default. In these cases, using the default configuration is sufficient to guard against most CSRF attacks.\n\n\n## Example\nThe following example shows a case where CSRF protection is disabled by overriding the default middleware stack and not including the one protecting against CSRF.\n\n\n```python\nMIDDLEWARE = [\n    'django.middleware.security.SecurityMiddleware',\n    'django.contrib.sessions.middleware.SessionMiddleware',\n    'django.middleware.common.CommonMiddleware',\n    # 'django.middleware.csrf.CsrfViewMiddleware',\n    'django.contrib.auth.middleware.AuthenticationMiddleware',\n    'django.contrib.messages.middleware.MessageMiddleware',\n    'django.middleware.clickjacking.XFrameOptionsMiddleware',\n]\n\n```\nThe protecting middleware was probably commented out during a testing phase, when server-side token generation was not set up. Simply commenting it back in will enable CSRF protection.\n\n\n## References\n* Wikipedia: [Cross-site request forgery](https://en.wikipedia.org/wiki/Cross-site_request_forgery)\n* OWASP: [Cross-site request forgery](https://owasp.org/www-community/attacks/csrf)\n* Common Weakness Enumeration: [CWE-352](https://cwe.mitre.org/data/definitions/352.html).\n",
+                  "markdown": "# CSRF protection weakened or disabled\nCross-site request forgery (CSRF) is a type of vulnerability in which an attacker is able to force a user to carry out an action that the user did not intend.\n\nThe attacker tricks an authenticated user into submitting a request to the web application. Typically this request will result in a state change on the server, such as changing the user's password. The request can be initiated when the user visits a site controlled by the attacker. If the web application relies only on cookies for authentication, or on other credentials that are automatically included in the request, then this request will appear as legitimate to the server.\n\nA common countermeasure for CSRF is to generate a unique token to be included in the HTML sent from the server to a user. This token can be used as a hidden field to be sent back with requests to the server, where the server can then check that the token is valid and associated with the relevant user session.\n\n\n## Recommendation\nIn many web frameworks, CSRF protection is enabled by default. In these cases, using the default configuration is sufficient to guard against most CSRF attacks.\n\n\n## Example\nThe following example shows a case where CSRF protection is disabled by overriding the default middleware stack and not including the one protecting against CSRF.\n\n\n```python\nMIDDLEWARE = [\n    'django.middleware.security.SecurityMiddleware',\n    'django.contrib.sessions.middleware.SessionMiddleware',\n    'django.middleware.common.CommonMiddleware',\n    # 'django.middleware.csrf.CsrfViewMiddleware',\n    'django.contrib.auth.middleware.AuthenticationMiddleware',\n    'django.contrib.messages.middleware.MessageMiddleware',\n    'django.middleware.clickjacking.XFrameOptionsMiddleware',\n]\n\n```\nThe protecting middleware was probably commented out during a testing phase, when server-side token generation was not set up. Simply commenting it back in will enable CSRF protection.\n\n\n## References\n* Wikipedia: [Cross-site request forgery](https://en.wikipedia.org/wiki/Cross-site_request_forgery)\n* OWASP: [Cross-site request forgery](https://owasp.org/www-community/attacks/csrf)\n* Common Weakness Enumeration: [CWE-352](https://cwe.mitre.org/data/definitions/352.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-352/CSRFProtectionDisabled.ql",
+                  "security-severity": "8.8",
+                  "tags": [
+                    "external/cwe/cwe-352",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/flask-debug",
+                "name": "py/flask-debug",
+                "short_description": {
+                  "text": "Flask app is run in debug mode"
+                },
+                "full_description": {
+                  "text": "Running a Flask app in debug mode may allow an attacker to run arbitrary code through the Werkzeug debugger."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Flask app is run in debug mode\nRunning a Flask application with debug mode enabled may allow an attacker to gain access through the Werkzeug debugger.\n\n\n## Recommendation\nEnsure that Flask applications that are run in a production environment have debugging disabled.\n\n\n## Example\nRunning the following code starts a Flask webserver that has debugging enabled. By visiting `/crash`, it is possible to gain access to the debugger, and run arbitrary code through the interactive debugger.\n\n\n```python\nfrom flask import Flask\n\napp = Flask(__name__)\n\n@app.route('/crash')\ndef main():\n    raise Exception()\n\napp.run(debug=True)\n\n```\n\n## References\n* Flask Quickstart Documentation: [Debug Mode](http://flask.pocoo.org/docs/1.0/quickstart/#debug-mode).\n* Werkzeug Documentation: [Debugging Applications](http://werkzeug.pocoo.org/docs/0.14/debug/).\n* Common Weakness Enumeration: [CWE-215](https://cwe.mitre.org/data/definitions/215.html).\n* Common Weakness Enumeration: [CWE-489](https://cwe.mitre.org/data/definitions/489.html).\n",
+                  "markdown": "# Flask app is run in debug mode\nRunning a Flask application with debug mode enabled may allow an attacker to gain access through the Werkzeug debugger.\n\n\n## Recommendation\nEnsure that Flask applications that are run in a production environment have debugging disabled.\n\n\n## Example\nRunning the following code starts a Flask webserver that has debugging enabled. By visiting `/crash`, it is possible to gain access to the debugger, and run arbitrary code through the interactive debugger.\n\n\n```python\nfrom flask import Flask\n\napp = Flask(__name__)\n\n@app.route('/crash')\ndef main():\n    raise Exception()\n\napp.run(debug=True)\n\n```\n\n## References\n* Flask Quickstart Documentation: [Debug Mode](http://flask.pocoo.org/docs/1.0/quickstart/#debug-mode).\n* Werkzeug Documentation: [Debugging Applications](http://werkzeug.pocoo.org/docs/0.14/debug/).\n* Common Weakness Enumeration: [CWE-215](https://cwe.mitre.org/data/definitions/215.html).\n* Common Weakness Enumeration: [CWE-489](https://cwe.mitre.org/data/definitions/489.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-215/FlaskDebug.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-215",
+                    "external/cwe/cwe-489",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/full-ssrf",
+                "name": "py/full-ssrf",
+                "short_description": {
+                  "text": "Full server-side request forgery"
+                },
+                "full_description": {
+                  "text": "Making a network request to a URL that is fully user-controlled allows for request forgery attacks."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Full server-side request forgery\nDirectly incorporating user input into an HTTP request without validating the input can facilitate server-side request forgery (SSRF) attacks. In these attacks, the request may be changed, directed at a different server, or via a different protocol. This can allow the attacker to obtain sensitive information or perform actions with escalated privilege.\n\nWe make a distinctions between how much of the URL an attacker can control:\n\n* **Full SSRF**: where the full URL can be controlled.\n* **Partial SSRF**: where only part of the URL can be controlled, such as the path component of a URL to a hardcoded domain.\n\n\nPartial control of a URL is often much harder to exploit. Therefore we have created a separate query for each of these.\n\nThis query covers full SSRF, to find partial SSRF use the `py/partial-ssrf` query.\n\n\n## Recommendation\nTo guard against SSRF attacks you should avoid putting user-provided input directly into a request URL. Instead, either maintain a list of authorized URLs on the server and choose from that list based on the input provided, or perform proper validation of the input.\n\n\n## Example\nThe following example shows code vulnerable to a full SSRF attack, because it uses untrusted input (HTTP request parameter) directly to construct a URL. By using `evil.com#` as the `target` value, the requested URL will be `https://evil.com#.example.com/data/`. It also shows how to remedy the problem by using the user input select a known fixed string.\n\n\n```python\nimport requests\nfrom flask import Flask, request\n\napp = Flask(__name__)\n\n@app.route(\"/full_ssrf\")\ndef full_ssrf():\n    target = request.args[\"target\"]\n\n    # BAD: user has full control of URL\n    resp = requests.get(\"https://\" + target + \".example.com/data/\")\n\n    # GOOD: `subdomain` is controlled by the server.\n    subdomain = \"europe\" if target == \"EU\" else \"world\"\n    resp = requests.get(\"https://\" + subdomain + \".example.com/data/\")\n\n```\n\n## Example\nThe following example shows code vulnerable to a partial SSRF attack, because it uses untrusted input (HTTP request parameter) directly to construct a URL. By using `../transfer-funds-to/123?amount=456` as the `user_id` value, the requested URL will be `https://api.example.com/transfer-funds-to/123?amount=456`. It also shows how to remedy the problem by validating the input.\n\n\n```python\nimport requests\nfrom flask import Flask, request\n\napp = Flask(__name__)\n\n@app.route(\"/partial_ssrf\")\ndef partial_ssrf():\n    user_id = request.args[\"user_id\"]\n\n    # BAD: user can fully control the path component of the URL\n    resp = requests.get(\"https://api.example.com/user_info/\" + user_id)\n\n    if user_id.isalnum():\n        # GOOD: user_id is restricted to be alpha-numeric, and cannot alter path component of URL\n        resp = requests.get(\"https://api.example.com/user_info/\" + user_id)\n\n```\n\n## References\n* [OWASP SSRF article](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n* [PortSwigger SSRF article](https://portswigger.net/web-security/ssrf)\n* Common Weakness Enumeration: [CWE-918](https://cwe.mitre.org/data/definitions/918.html).\n",
+                  "markdown": "# Full server-side request forgery\nDirectly incorporating user input into an HTTP request without validating the input can facilitate server-side request forgery (SSRF) attacks. In these attacks, the request may be changed, directed at a different server, or via a different protocol. This can allow the attacker to obtain sensitive information or perform actions with escalated privilege.\n\nWe make a distinctions between how much of the URL an attacker can control:\n\n* **Full SSRF**: where the full URL can be controlled.\n* **Partial SSRF**: where only part of the URL can be controlled, such as the path component of a URL to a hardcoded domain.\n\n\nPartial control of a URL is often much harder to exploit. Therefore we have created a separate query for each of these.\n\nThis query covers full SSRF, to find partial SSRF use the `py/partial-ssrf` query.\n\n\n## Recommendation\nTo guard against SSRF attacks you should avoid putting user-provided input directly into a request URL. Instead, either maintain a list of authorized URLs on the server and choose from that list based on the input provided, or perform proper validation of the input.\n\n\n## Example\nThe following example shows code vulnerable to a full SSRF attack, because it uses untrusted input (HTTP request parameter) directly to construct a URL. By using `evil.com#` as the `target` value, the requested URL will be `https://evil.com#.example.com/data/`. It also shows how to remedy the problem by using the user input select a known fixed string.\n\n\n```python\nimport requests\nfrom flask import Flask, request\n\napp = Flask(__name__)\n\n@app.route(\"/full_ssrf\")\ndef full_ssrf():\n    target = request.args[\"target\"]\n\n    # BAD: user has full control of URL\n    resp = requests.get(\"https://\" + target + \".example.com/data/\")\n\n    # GOOD: `subdomain` is controlled by the server.\n    subdomain = \"europe\" if target == \"EU\" else \"world\"\n    resp = requests.get(\"https://\" + subdomain + \".example.com/data/\")\n\n```\n\n## Example\nThe following example shows code vulnerable to a partial SSRF attack, because it uses untrusted input (HTTP request parameter) directly to construct a URL. By using `../transfer-funds-to/123?amount=456` as the `user_id` value, the requested URL will be `https://api.example.com/transfer-funds-to/123?amount=456`. It also shows how to remedy the problem by validating the input.\n\n\n```python\nimport requests\nfrom flask import Flask, request\n\napp = Flask(__name__)\n\n@app.route(\"/partial_ssrf\")\ndef partial_ssrf():\n    user_id = request.args[\"user_id\"]\n\n    # BAD: user can fully control the path component of the URL\n    resp = requests.get(\"https://api.example.com/user_info/\" + user_id)\n\n    if user_id.isalnum():\n        # GOOD: user_id is restricted to be alpha-numeric, and cannot alter path component of URL\n        resp = requests.get(\"https://api.example.com/user_info/\" + user_id)\n\n```\n\n## References\n* [OWASP SSRF article](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n* [PortSwigger SSRF article](https://portswigger.net/web-security/ssrf)\n* Common Weakness Enumeration: [CWE-918](https://cwe.mitre.org/data/definitions/918.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-918/FullServerSideRequestForgery.ql",
+                  "security-severity": "9.1",
+                  "tags": [
+                    "external/cwe/cwe-918",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/http-response-splitting",
+                "name": "py/http-response-splitting",
+                "short_description": {
+                  "text": "HTTP Response Splitting"
+                },
+                "full_description": {
+                  "text": "Writing user input directly to an HTTP header makes code vulnerable to attack by header splitting."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# HTTP Response Splitting\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability.\n\nIf user-controlled input is used in an HTTP header that allows line break characters, an attacker can inject additional headers or control the response body, leading to vulnerabilities such as XSS or cache poisoning.\n\n\n## Recommendation\nEnsure that user input containing line break characters is not written to an HTTP header.\n\n\n## Example\nIn the following example, the case marked BAD writes user input to the header name. In the GOOD case, input is first escaped to not contain any line break characters.\n\n\n```python\n@app.route(\"/example_bad\")\ndef example_bad():\n    rfs_header = request.args[\"rfs_header\"]\n    response = Response()\n    custom_header = \"X-MyHeader-\" + rfs_header\n    # BAD: User input is used as part of the header name.\n    response.headers[custom_header] = \"HeaderValue\" \n    return response\n\n@app.route(\"/example_good\")\ndef example_bad():\n    rfs_header = request.args[\"rfs_header\"]\n    response = Response()\n    custom_header = \"X-MyHeader-\" + rfs_header.replace(\"\\n\", \"\").replace(\"\\r\",\"\").replace(\":\",\"\")\n    # GOOD: Line break characters are removed from the input.\n    response.headers[custom_header] = \"HeaderValue\" \n    return response\n```\n\n## References\n* SecLists.org: [HTTP response splitting](https://seclists.org/bugtraq/2005/Apr/187).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* CAPEC: [CAPEC-105: HTTP Request Splitting](https://capec.mitre.org/data/definitions/105.html)\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n",
+                  "markdown": "# HTTP Response Splitting\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability.\n\nIf user-controlled input is used in an HTTP header that allows line break characters, an attacker can inject additional headers or control the response body, leading to vulnerabilities such as XSS or cache poisoning.\n\n\n## Recommendation\nEnsure that user input containing line break characters is not written to an HTTP header.\n\n\n## Example\nIn the following example, the case marked BAD writes user input to the header name. In the GOOD case, input is first escaped to not contain any line break characters.\n\n\n```python\n@app.route(\"/example_bad\")\ndef example_bad():\n    rfs_header = request.args[\"rfs_header\"]\n    response = Response()\n    custom_header = \"X-MyHeader-\" + rfs_header\n    # BAD: User input is used as part of the header name.\n    response.headers[custom_header] = \"HeaderValue\" \n    return response\n\n@app.route(\"/example_good\")\ndef example_bad():\n    rfs_header = request.args[\"rfs_header\"]\n    response = Response()\n    custom_header = \"X-MyHeader-\" + rfs_header.replace(\"\\n\", \"\").replace(\"\\r\",\"\").replace(\":\",\"\")\n    # GOOD: Line break characters are removed from the input.\n    response.headers[custom_header] = \"HeaderValue\" \n    return response\n```\n\n## References\n* SecLists.org: [HTTP response splitting](https://seclists.org/bugtraq/2005/Apr/187).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* CAPEC: [CAPEC-105: HTTP Request Splitting](https://capec.mitre.org/data/definitions/105.html)\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-113/HeaderInjection.ql",
+                  "security-severity": "6.1",
+                  "tags": [
+                    "external/cwe/cwe-079",
+                    "external/cwe/cwe-113",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/incomplete-hostname-regexp",
+                "name": "py/incomplete-hostname-regexp",
+                "short_description": {
+                  "text": "Incomplete regular expression for hostnames"
+                },
+                "full_description": {
+                  "text": "Matching a URL or hostname against a regular expression that contains an unescaped dot as part of the hostname might match more hostnames than expected."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Incomplete regular expression for hostnames\nSanitizing untrusted URLs is a common technique for preventing attacks such as request forgeries and malicious redirections. Often, this is done by checking that the host of a URL is in a set of allowed hosts.\n\nIf a regular expression implements such a check, it is easy to accidentally make the check too permissive by not escaping the `.` meta-characters appropriately. Even if the check is not used in a security-critical context, the incomplete check may still cause undesirable behaviors when it accidentally succeeds.\n\n\n## Recommendation\nEscape all meta-characters appropriately when constructing regular expressions for security checks, and pay special attention to the `.` meta-character.\n\n\n## Example\nThe following example code checks that a URL redirection will reach the `example.com` domain, or one of its subdomains.\n\n\n```python\nfrom flask import Flask, request, redirect\nimport re\n\napp = Flask(__name__)\n\nUNSAFE_REGEX = re.compile(\"(www|beta).example.com/\")\nSAFE_REGEX = re.compile(r\"(www|beta)\\.example\\.com/\")\n\n@app.route('/some/path/bad')\ndef unsafe(request):\n    target = request.args.get('target', '')\n    if UNSAFE_REGEX.match(target):\n        return redirect(target)\n\n@app.route('/some/path/good')\ndef safe(request):\n    target = request.args.get('target', '')\n    if SAFE_REGEX.match(target):\n        return redirect(target)\n\n```\nThe `unsafe` check is easy to bypass because the unescaped `.` allows for any character before `example.com`, effectively allowing the redirect to go to an attacker-controlled domain such as `wwwXexample.com`.\n\nThe `safe` check closes this vulnerability by escaping the `.` so that URLs of the form `wwwXexample.com` are rejected.\n\n\n## References\n* OWASP: [SSRF](https://www.owasp.org/index.php/Server_Side_Request_Forgery)\n* OWASP: [XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n",
+                  "markdown": "# Incomplete regular expression for hostnames\nSanitizing untrusted URLs is a common technique for preventing attacks such as request forgeries and malicious redirections. Often, this is done by checking that the host of a URL is in a set of allowed hosts.\n\nIf a regular expression implements such a check, it is easy to accidentally make the check too permissive by not escaping the `.` meta-characters appropriately. Even if the check is not used in a security-critical context, the incomplete check may still cause undesirable behaviors when it accidentally succeeds.\n\n\n## Recommendation\nEscape all meta-characters appropriately when constructing regular expressions for security checks, and pay special attention to the `.` meta-character.\n\n\n## Example\nThe following example code checks that a URL redirection will reach the `example.com` domain, or one of its subdomains.\n\n\n```python\nfrom flask import Flask, request, redirect\nimport re\n\napp = Flask(__name__)\n\nUNSAFE_REGEX = re.compile(\"(www|beta).example.com/\")\nSAFE_REGEX = re.compile(r\"(www|beta)\\.example\\.com/\")\n\n@app.route('/some/path/bad')\ndef unsafe(request):\n    target = request.args.get('target', '')\n    if UNSAFE_REGEX.match(target):\n        return redirect(target)\n\n@app.route('/some/path/good')\ndef safe(request):\n    target = request.args.get('target', '')\n    if SAFE_REGEX.match(target):\n        return redirect(target)\n\n```\nThe `unsafe` check is easy to bypass because the unescaped `.` allows for any character before `example.com`, effectively allowing the redirect to go to an attacker-controlled domain such as `wwwXexample.com`.\n\nThe `safe` check closes this vulnerability by escaping the `.` so that URLs of the form `wwwXexample.com` are rejected.\n\n\n## References\n* OWASP: [SSRF](https://www.owasp.org/index.php/Server_Side_Request_Forgery)\n* OWASP: [XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-020/IncompleteHostnameRegExp.ql",
+                  "security-severity": "7.8",
+                  "tags": [
+                    "correctness",
+                    "external/cwe/cwe-020",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/incomplete-url-substring-sanitization",
+                "name": "py/incomplete-url-substring-sanitization",
+                "short_description": {
+                  "text": "Incomplete URL substring sanitization"
+                },
+                "full_description": {
+                  "text": "Security checks on the substrings of an unparsed URL are often vulnerable to bypassing."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Incomplete URL substring sanitization\nSanitizing untrusted URLs is a common technique for preventing attacks such as request forgeries and malicious redirections. Usually, this is done by checking that the host of a URL is in a set of allowed hosts.\n\nHowever, treating the URL as a string and checking if one of the allowed hosts is a substring of the URL is very prone to errors. Malicious URLs can bypass such security checks by embedding one of the allowed hosts in an unexpected location.\n\nEven if the substring check is not used in a security-critical context, the incomplete check may still cause undesirable behaviors when the check succeeds accidentally.\n\n\n## Recommendation\nParse a URL before performing a check on its host value, and ensure that the check handles arbitrary subdomain sequences correctly.\n\n\n## Example\nThe following example code checks that a URL redirection will reach the `example.com` domain.\n\n\n```python\nfrom flask import Flask, request, redirect\nfrom urllib.parse import urlparse\n\napp = Flask(__name__)\n\n# Not safe, as \"evil-example.net/example.com\" would be accepted\n\n@app.route('/some/path/bad1')\ndef unsafe1(request):\n    target = request.args.get('target', '')\n    if \"example.com\" in target:\n        return redirect(target)\n\n# Not safe, as \"benign-looking-prefix-example.com\" would be accepted\n\n@app.route('/some/path/bad2')\ndef unsafe2(request):\n    target = request.args.get('target', '')\n    if target.endswith(\"example.com\"):\n        return redirect(target)\n\n\n\n#Simplest and safest approach is to use an allowlist\n\n@app.route('/some/path/good1')\ndef safe1(request):\n    allowlist = [\n        \"example.com/home\",\n        \"example.com/login\",\n    ]\n    target = request.args.get('target', '')\n    if target in allowlist:\n        return redirect(target)\n\n#More complex example allowing sub-domains.\n\n@app.route('/some/path/good2')\ndef safe2(request):\n    target = request.args.get('target', '')\n    host = urlparse(target).hostname\n    #Note the '.' preceding example.com\n    if host and host.endswith(\".example.com\"):\n        return redirect(target)\n\n\n```\nThe first two examples show unsafe checks that are easily bypassed. In `unsafe1` the attacker can simply add `example.com` anywhere in the url. For example, `http://evil-example.net/example.com`.\n\nIn `unsafe2` the attacker must use a hostname ending in `example.com`, but that is easy to do. For example, `http://benign-looking-prefix-example.com`.\n\nThe second two examples show safe checks. In `safe1`, an allowlist is used. Although fairly inflexible, this is easy to get right and is most likely to be safe.\n\nIn `safe2`, `urlparse` is used to parse the URL, then the hostname is checked to make sure it ends with `.example.com`.\n\n\n## References\n* OWASP: [SSRF](https://www.owasp.org/index.php/Server_Side_Request_Forgery)\n* OWASP: [XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n",
+                  "markdown": "# Incomplete URL substring sanitization\nSanitizing untrusted URLs is a common technique for preventing attacks such as request forgeries and malicious redirections. Usually, this is done by checking that the host of a URL is in a set of allowed hosts.\n\nHowever, treating the URL as a string and checking if one of the allowed hosts is a substring of the URL is very prone to errors. Malicious URLs can bypass such security checks by embedding one of the allowed hosts in an unexpected location.\n\nEven if the substring check is not used in a security-critical context, the incomplete check may still cause undesirable behaviors when the check succeeds accidentally.\n\n\n## Recommendation\nParse a URL before performing a check on its host value, and ensure that the check handles arbitrary subdomain sequences correctly.\n\n\n## Example\nThe following example code checks that a URL redirection will reach the `example.com` domain.\n\n\n```python\nfrom flask import Flask, request, redirect\nfrom urllib.parse import urlparse\n\napp = Flask(__name__)\n\n# Not safe, as \"evil-example.net/example.com\" would be accepted\n\n@app.route('/some/path/bad1')\ndef unsafe1(request):\n    target = request.args.get('target', '')\n    if \"example.com\" in target:\n        return redirect(target)\n\n# Not safe, as \"benign-looking-prefix-example.com\" would be accepted\n\n@app.route('/some/path/bad2')\ndef unsafe2(request):\n    target = request.args.get('target', '')\n    if target.endswith(\"example.com\"):\n        return redirect(target)\n\n\n\n#Simplest and safest approach is to use an allowlist\n\n@app.route('/some/path/good1')\ndef safe1(request):\n    allowlist = [\n        \"example.com/home\",\n        \"example.com/login\",\n    ]\n    target = request.args.get('target', '')\n    if target in allowlist:\n        return redirect(target)\n\n#More complex example allowing sub-domains.\n\n@app.route('/some/path/good2')\ndef safe2(request):\n    target = request.args.get('target', '')\n    host = urlparse(target).hostname\n    #Note the '.' preceding example.com\n    if host and host.endswith(\".example.com\"):\n        return redirect(target)\n\n\n```\nThe first two examples show unsafe checks that are easily bypassed. In `unsafe1` the attacker can simply add `example.com` anywhere in the url. For example, `http://evil-example.net/example.com`.\n\nIn `unsafe2` the attacker must use a hostname ending in `example.com`, but that is easy to do. For example, `http://benign-looking-prefix-example.com`.\n\nThe second two examples show safe checks. In `safe1`, an allowlist is used. Although fairly inflexible, this is easy to get right and is most likely to be safe.\n\nIn `safe2`, `urlparse` is used to parse the URL, then the hostname is checked to make sure it ends with `.example.com`.\n\n\n## References\n* OWASP: [SSRF](https://www.owasp.org/index.php/Server_Side_Request_Forgery)\n* OWASP: [XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.ql",
+                  "security-severity": "7.8",
+                  "tags": [
+                    "correctness",
+                    "external/cwe/cwe-20",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/insecure-cookie",
+                "name": "py/insecure-cookie",
+                "short_description": {
+                  "text": "Failure to use secure cookies"
+                },
+                "full_description": {
+                  "text": "Insecure cookies may be sent in cleartext, which makes them vulnerable to interception."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Failure to use secure cookies\nCookies without the `Secure` flag set may be transmitted using HTTP instead of HTTPS, which leaves them vulnerable to reading by a third party.\n\nCookies without the `HttpOnly` flag set are accessible to JavaScript running in the same origin. In case of a Cross-Site Scripting (XSS) vulnerability, the cookie can be stolen by a malicious script.\n\nCookies with the `SameSite` attribute set to `'None'` will be sent with cross-origin requests, which can be controlled by third-party JavaScript code and allow for Cross-Site Request Forgery (CSRF) attacks.\n\n\n## Recommendation\nAlways set `secure` to `True` or add \"; Secure;\" to the cookie's raw value.\n\nAlways set `httponly` to `True` or add \"; HttpOnly;\" to the cookie's raw value.\n\nAlways set `samesite` to `Lax` or `Strict`, or add \"; SameSite=Lax;\", or \"; Samesite=Strict;\" to the cookie's raw header value.\n\n\n## Example\nIn the following examples, the cases marked GOOD show secure cookie attributes being set; whereas in the cases marked BAD they are not set.\n\n\n```python\nfrom flask import Flask, request, make_response, Response\n\n\n@app.route(\"/good1\")\ndef good1():\n    resp = make_response()\n    resp.set_cookie(\"name\", value=\"value\", secure=True, httponly=True, samesite='Strict') # GOOD: Attributes are securely set\n    return resp\n\n\n@app.route(\"/good2\")\ndef good2():\n    resp = make_response()\n    resp.headers['Set-Cookie'] = \"name=value; Secure; HttpOnly; SameSite=Strict\" # GOOD: Attributes are securely set \n    return resp\n\n@app.route(\"/bad1\")\n    resp = make_response()\n    resp.set_cookie(\"name\", value=\"value\", samesite='None') # BAD: the SameSite attribute is set to 'None' and the 'Secure' and 'HttpOnly' attributes are set to False by default.\n    return resp\n```\n\n## References\n* Detectify: [Cookie lack Secure flag](https://support.detectify.com/support/solutions/articles/48001048982-cookie-lack-secure-flag).\n* PortSwigger: [TLS cookie without secure flag set](https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set).\n* Common Weakness Enumeration: [CWE-614](https://cwe.mitre.org/data/definitions/614.html).\n* Common Weakness Enumeration: [CWE-1004](https://cwe.mitre.org/data/definitions/1004.html).\n* Common Weakness Enumeration: [CWE-1275](https://cwe.mitre.org/data/definitions/1275.html).\n",
+                  "markdown": "# Failure to use secure cookies\nCookies without the `Secure` flag set may be transmitted using HTTP instead of HTTPS, which leaves them vulnerable to reading by a third party.\n\nCookies without the `HttpOnly` flag set are accessible to JavaScript running in the same origin. In case of a Cross-Site Scripting (XSS) vulnerability, the cookie can be stolen by a malicious script.\n\nCookies with the `SameSite` attribute set to `'None'` will be sent with cross-origin requests, which can be controlled by third-party JavaScript code and allow for Cross-Site Request Forgery (CSRF) attacks.\n\n\n## Recommendation\nAlways set `secure` to `True` or add \"; Secure;\" to the cookie's raw value.\n\nAlways set `httponly` to `True` or add \"; HttpOnly;\" to the cookie's raw value.\n\nAlways set `samesite` to `Lax` or `Strict`, or add \"; SameSite=Lax;\", or \"; Samesite=Strict;\" to the cookie's raw header value.\n\n\n## Example\nIn the following examples, the cases marked GOOD show secure cookie attributes being set; whereas in the cases marked BAD they are not set.\n\n\n```python\nfrom flask import Flask, request, make_response, Response\n\n\n@app.route(\"/good1\")\ndef good1():\n    resp = make_response()\n    resp.set_cookie(\"name\", value=\"value\", secure=True, httponly=True, samesite='Strict') # GOOD: Attributes are securely set\n    return resp\n\n\n@app.route(\"/good2\")\ndef good2():\n    resp = make_response()\n    resp.headers['Set-Cookie'] = \"name=value; Secure; HttpOnly; SameSite=Strict\" # GOOD: Attributes are securely set \n    return resp\n\n@app.route(\"/bad1\")\n    resp = make_response()\n    resp.set_cookie(\"name\", value=\"value\", samesite='None') # BAD: the SameSite attribute is set to 'None' and the 'Secure' and 'HttpOnly' attributes are set to False by default.\n    return resp\n```\n\n## References\n* Detectify: [Cookie lack Secure flag](https://support.detectify.com/support/solutions/articles/48001048982-cookie-lack-secure-flag).\n* PortSwigger: [TLS cookie without secure flag set](https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set).\n* Common Weakness Enumeration: [CWE-614](https://cwe.mitre.org/data/definitions/614.html).\n* Common Weakness Enumeration: [CWE-1004](https://cwe.mitre.org/data/definitions/1004.html).\n* Common Weakness Enumeration: [CWE-1275](https://cwe.mitre.org/data/definitions/1275.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-614/InsecureCookie.ql",
+                  "security-severity": "5",
+                  "tags": [
+                    "external/cwe/cwe-1004",
+                    "external/cwe/cwe-1275",
+                    "external/cwe/cwe-614",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/insecure-default-protocol",
+                "name": "py/insecure-default-protocol",
+                "short_description": {
+                  "text": "Default version of SSL/TLS may be insecure"
+                },
+                "full_description": {
+                  "text": "Leaving the SSL/TLS version unspecified may result in an insecure default protocol being used."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Default version of SSL/TLS may be insecure\nThe `ssl.wrap_socket` function defaults to an insecure version of SSL/TLS when no specific protocol version is specified. This may leave the connection vulnerable to attack.\n\n\n## Recommendation\nEnsure that a modern, strong protocol is used. All versions of SSL, and TLS 1.0 and 1.1 are known to be vulnerable to attacks. Using TLS 1.2 or above is strongly recommended. If no explicit `ssl_version` is specified, the default `PROTOCOL_TLS` is chosen. This protocol is insecure because it allows TLS 1.0 and TLS 1.1 and so should not be used.\n\n\n## Example\nThe following code shows two different ways of setting up a connection using SSL or TLS. They are both potentially insecure because the default version is used.\n\n\n```python\nimport ssl\nimport socket\n\n# Using the deprecated ssl.wrap_socket method\nssl.wrap_socket(socket.socket())\n\n# Using SSLContext\ncontext = ssl.SSLContext()\n\n```\nBoth of the cases above should be updated to use a secure protocol instead, for instance by specifying `ssl_version=PROTOCOL_TLSv1_2` as a keyword argument.\n\nThe latter example can also be made secure by modifying the created context before it is used to create a connection. Therefore it will not be flagged by this query. However, if a connection is created before the context has been secured (for example, by setting the value of `minimum_version`), then the code should be flagged by the query `py/insecure-protocol`.\n\nNote that `ssl.wrap_socket` has been deprecated in Python 3.7. The recommended alternatives are:\n\n* `ssl.SSLContext` - supported in Python 2.7.9, 3.2, and later versions\n* `ssl.create_default_context` - a convenience function, supported in Python 3.4 and later versions.\nEven when you use these alternatives, you should ensure that a safe protocol is used. The following code illustrates how to use flags (available since Python 3.2) or the \\`minimum_version\\` field (favored since Python 3.7) to restrict the protocols accepted when creating a connection.\n\n\n```python\nimport ssl\n\n# Using flags to restrict the protocol\ncontext = ssl.SSLContext()\ncontext.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1\n\n# Declaring a minimum version to restrict the protocol\ncontext = ssl.create_default_context()\ncontext.minimum_version = ssl.TLSVersion.TLSv1_2\n\n```\n\n## References\n* Wikipedia: [ Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security).\n* Python 3 documentation: [ class ssl.SSLContext](https://docs.python.org/3/library/ssl.html#ssl.SSLContext).\n* Python 3 documentation: [ ssl.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket).\n* Python 3 documentation: [ notes on context creation](https://docs.python.org/3/library/ssl.html#functions-constants-and-exceptions).\n* Python 3 documentation: [ notes on security considerations](https://docs.python.org/3/library/ssl.html#ssl-security).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n",
+                  "markdown": "# Default version of SSL/TLS may be insecure\nThe `ssl.wrap_socket` function defaults to an insecure version of SSL/TLS when no specific protocol version is specified. This may leave the connection vulnerable to attack.\n\n\n## Recommendation\nEnsure that a modern, strong protocol is used. All versions of SSL, and TLS 1.0 and 1.1 are known to be vulnerable to attacks. Using TLS 1.2 or above is strongly recommended. If no explicit `ssl_version` is specified, the default `PROTOCOL_TLS` is chosen. This protocol is insecure because it allows TLS 1.0 and TLS 1.1 and so should not be used.\n\n\n## Example\nThe following code shows two different ways of setting up a connection using SSL or TLS. They are both potentially insecure because the default version is used.\n\n\n```python\nimport ssl\nimport socket\n\n# Using the deprecated ssl.wrap_socket method\nssl.wrap_socket(socket.socket())\n\n# Using SSLContext\ncontext = ssl.SSLContext()\n\n```\nBoth of the cases above should be updated to use a secure protocol instead, for instance by specifying `ssl_version=PROTOCOL_TLSv1_2` as a keyword argument.\n\nThe latter example can also be made secure by modifying the created context before it is used to create a connection. Therefore it will not be flagged by this query. However, if a connection is created before the context has been secured (for example, by setting the value of `minimum_version`), then the code should be flagged by the query `py/insecure-protocol`.\n\nNote that `ssl.wrap_socket` has been deprecated in Python 3.7. The recommended alternatives are:\n\n* `ssl.SSLContext` - supported in Python 2.7.9, 3.2, and later versions\n* `ssl.create_default_context` - a convenience function, supported in Python 3.4 and later versions.\nEven when you use these alternatives, you should ensure that a safe protocol is used. The following code illustrates how to use flags (available since Python 3.2) or the \\`minimum_version\\` field (favored since Python 3.7) to restrict the protocols accepted when creating a connection.\n\n\n```python\nimport ssl\n\n# Using flags to restrict the protocol\ncontext = ssl.SSLContext()\ncontext.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1\n\n# Declaring a minimum version to restrict the protocol\ncontext = ssl.create_default_context()\ncontext.minimum_version = ssl.TLSVersion.TLSv1_2\n\n```\n\n## References\n* Wikipedia: [ Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security).\n* Python 3 documentation: [ class ssl.SSLContext](https://docs.python.org/3/library/ssl.html#ssl.SSLContext).\n* Python 3 documentation: [ ssl.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket).\n* Python 3 documentation: [ notes on context creation](https://docs.python.org/3/library/ssl.html#functions-constants-and-exceptions).\n* Python 3 documentation: [ notes on security considerations](https://docs.python.org/3/library/ssl.html#ssl-security).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-327/InsecureDefaultProtocol.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-327",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/insecure-protocol",
+                "name": "py/insecure-protocol",
+                "short_description": {
+                  "text": "Use of insecure SSL/TLS version"
+                },
+                "full_description": {
+                  "text": "Using an insecure SSL/TLS version may leave the connection vulnerable to attacks."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Use of insecure SSL/TLS version\nUsing a broken or weak cryptographic protocol may make a connection vulnerable to interference from an attacker.\n\n\n## Recommendation\nEnsure that a modern, strong protocol is used. All versions of SSL, and TLS versions 1.0 and 1.1 are known to be vulnerable to attacks. Using TLS 1.2 or above is strongly recommended.\n\n\n## Example\nThe following code shows a variety of ways of setting up a connection using SSL or TLS. They are all insecure because of the version specified.\n\n\n```python\nimport ssl\nimport socket\n\n# Using the deprecated ssl.wrap_socket method\nssl.wrap_socket(socket.socket(), ssl_version=ssl.PROTOCOL_SSLv2)\n\n# Using SSLContext\ncontext = ssl.SSLContext(ssl_version=ssl.PROTOCOL_SSLv3)\n\n# Using pyOpenSSL\n\nfrom pyOpenSSL import SSL\n\ncontext = SSL.Context(SSL.TLSv1_METHOD)\n\n\n\n```\nAll cases should be updated to use a secure protocol, such as `PROTOCOL_TLSv1_2`.\n\nNote that `ssl.wrap_socket` has been deprecated in Python 3.7. The recommended alternatives are:\n\n* `ssl.SSLContext` - supported in Python 2.7.9, 3.2, and later versions\n* `ssl.create_default_context` - a convenience function, supported in Python 3.4 and later versions.\nEven when you use these alternatives, you should ensure that a safe protocol is used. The following code illustrates how to use flags (available since Python 3.2) or the \\`minimum_version\\` field (favored since Python 3.7) to restrict the protocols accepted when creating a connection.\n\n\n```python\nimport ssl\n\n# Using flags to restrict the protocol\ncontext = ssl.SSLContext()\ncontext.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1\n\n# Declaring a minimum version to restrict the protocol\ncontext = ssl.create_default_context()\ncontext.minimum_version = ssl.TLSVersion.TLSv1_2\n\n```\n\n## References\n* Wikipedia: [ Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security).\n* Python 3 documentation: [ class ssl.SSLContext](https://docs.python.org/3/library/ssl.html#ssl.SSLContext).\n* Python 3 documentation: [ ssl.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket).\n* Python 3 documentation: [ notes on context creation](https://docs.python.org/3/library/ssl.html#functions-constants-and-exceptions).\n* Python 3 documentation: [ notes on security considerations](https://docs.python.org/3/library/ssl.html#ssl-security).\n* pyOpenSSL documentation: [ An interface to the SSL-specific parts of OpenSSL](https://pyopenssl.org/en/stable/api/ssl.html).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n",
+                  "markdown": "# Use of insecure SSL/TLS version\nUsing a broken or weak cryptographic protocol may make a connection vulnerable to interference from an attacker.\n\n\n## Recommendation\nEnsure that a modern, strong protocol is used. All versions of SSL, and TLS versions 1.0 and 1.1 are known to be vulnerable to attacks. Using TLS 1.2 or above is strongly recommended.\n\n\n## Example\nThe following code shows a variety of ways of setting up a connection using SSL or TLS. They are all insecure because of the version specified.\n\n\n```python\nimport ssl\nimport socket\n\n# Using the deprecated ssl.wrap_socket method\nssl.wrap_socket(socket.socket(), ssl_version=ssl.PROTOCOL_SSLv2)\n\n# Using SSLContext\ncontext = ssl.SSLContext(ssl_version=ssl.PROTOCOL_SSLv3)\n\n# Using pyOpenSSL\n\nfrom pyOpenSSL import SSL\n\ncontext = SSL.Context(SSL.TLSv1_METHOD)\n\n\n\n```\nAll cases should be updated to use a secure protocol, such as `PROTOCOL_TLSv1_2`.\n\nNote that `ssl.wrap_socket` has been deprecated in Python 3.7. The recommended alternatives are:\n\n* `ssl.SSLContext` - supported in Python 2.7.9, 3.2, and later versions\n* `ssl.create_default_context` - a convenience function, supported in Python 3.4 and later versions.\nEven when you use these alternatives, you should ensure that a safe protocol is used. The following code illustrates how to use flags (available since Python 3.2) or the \\`minimum_version\\` field (favored since Python 3.7) to restrict the protocols accepted when creating a connection.\n\n\n```python\nimport ssl\n\n# Using flags to restrict the protocol\ncontext = ssl.SSLContext()\ncontext.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1\n\n# Declaring a minimum version to restrict the protocol\ncontext = ssl.create_default_context()\ncontext.minimum_version = ssl.TLSVersion.TLSv1_2\n\n```\n\n## References\n* Wikipedia: [ Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security).\n* Python 3 documentation: [ class ssl.SSLContext](https://docs.python.org/3/library/ssl.html#ssl.SSLContext).\n* Python 3 documentation: [ ssl.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket).\n* Python 3 documentation: [ notes on context creation](https://docs.python.org/3/library/ssl.html#functions-constants-and-exceptions).\n* Python 3 documentation: [ notes on security considerations](https://docs.python.org/3/library/ssl.html#ssl-security).\n* pyOpenSSL documentation: [ An interface to the SSL-specific parts of OpenSSL](https://pyopenssl.org/en/stable/api/ssl.html).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-327/InsecureProtocol.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-327",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/insecure-temporary-file",
+                "name": "py/insecure-temporary-file",
+                "short_description": {
+                  "text": "Insecure temporary file"
+                },
+                "full_description": {
+                  "text": "Creating a temporary file using this method may be insecure."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Insecure temporary file\nFunctions that create temporary file names (such as `tempfile.mktemp` and `os.tempnam`) are fundamentally insecure, as they do not ensure exclusive access to a file with the temporary name they return. The file name returned by these functions is guaranteed to be unique on creation but the file must be opened in a separate operation. There is no guarantee that the creation and open operations will happen atomically. This provides an opportunity for an attacker to interfere with the file before it is opened.\n\nNote that `mktemp` has been deprecated since Python 2.3.\n\n\n## Recommendation\nReplace the use of `mktemp` with some of the more secure functions in the `tempfile` module, such as `TemporaryFile`. If the file is intended to be accessed from other processes, consider using the `NamedTemporaryFile` function.\n\n\n## Example\nThe following piece of code opens a temporary file and writes a set of results to it. Because the file name is created using `mktemp`, another process may access this file before it is opened using `open`.\n\n\n```python\nfrom tempfile import mktemp\n\ndef write_results(results):\n    filename = mktemp()\n    with open(filename, \"w+\") as f:\n        f.write(results)\n    print(\"Results written to\", filename)\n\n```\nBy changing the code to use `NamedTemporaryFile` instead, the file is opened immediately.\n\n\n```python\nfrom tempfile import NamedTemporaryFile\n\ndef write_results(results):\n    with NamedTemporaryFile(mode=\"w+\", delete=False) as f:\n        f.write(results)\n    print(\"Results written to\", f.name)\n\n```\n\n## References\n* Python Standard Library: [tempfile.mktemp](https://docs.python.org/3/library/tempfile.html#tempfile.mktemp).\n* Common Weakness Enumeration: [CWE-377](https://cwe.mitre.org/data/definitions/377.html).\n",
+                  "markdown": "# Insecure temporary file\nFunctions that create temporary file names (such as `tempfile.mktemp` and `os.tempnam`) are fundamentally insecure, as they do not ensure exclusive access to a file with the temporary name they return. The file name returned by these functions is guaranteed to be unique on creation but the file must be opened in a separate operation. There is no guarantee that the creation and open operations will happen atomically. This provides an opportunity for an attacker to interfere with the file before it is opened.\n\nNote that `mktemp` has been deprecated since Python 2.3.\n\n\n## Recommendation\nReplace the use of `mktemp` with some of the more secure functions in the `tempfile` module, such as `TemporaryFile`. If the file is intended to be accessed from other processes, consider using the `NamedTemporaryFile` function.\n\n\n## Example\nThe following piece of code opens a temporary file and writes a set of results to it. Because the file name is created using `mktemp`, another process may access this file before it is opened using `open`.\n\n\n```python\nfrom tempfile import mktemp\n\ndef write_results(results):\n    filename = mktemp()\n    with open(filename, \"w+\") as f:\n        f.write(results)\n    print(\"Results written to\", filename)\n\n```\nBy changing the code to use `NamedTemporaryFile` instead, the file is opened immediately.\n\n\n```python\nfrom tempfile import NamedTemporaryFile\n\ndef write_results(results):\n    with NamedTemporaryFile(mode=\"w+\", delete=False) as f:\n        f.write(results)\n    print(\"Results written to\", f.name)\n\n```\n\n## References\n* Python Standard Library: [tempfile.mktemp](https://docs.python.org/3/library/tempfile.html#tempfile.mktemp).\n* Common Weakness Enumeration: [CWE-377](https://cwe.mitre.org/data/definitions/377.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-377/InsecureTemporaryFile.ql",
+                  "security-severity": "7",
+                  "tags": [
+                    "external/cwe/cwe-377",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/ldap-injection",
+                "name": "py/ldap-injection",
+                "short_description": {
+                  "text": "LDAP query built from user-controlled sources"
+                },
+                "full_description": {
+                  "text": "Building an LDAP query from user-controlled sources is vulnerable to insertion of malicious LDAP code by the user."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# LDAP query built from user-controlled sources\nIf an LDAP query or DN is built using string concatenation or string formatting, and the components of the concatenation include user input without any proper sanitization, a user is likely to be able to run malicious LDAP queries.\n\n\n## Recommendation\nIf user input must be included in an LDAP query or DN, it should be escaped to avoid a malicious user providing special characters that change the meaning of the query. In Python2, user input should be escaped with `ldap.dn.escape_dn_chars` or `ldap.filter.escape_filter_chars`, while in Python3, user input should be escaped with `ldap3.utils.dn.escape_rdn` or `ldap3.utils.conv.escape_filter_chars` depending on the component tainted by the user. A good practice is to escape filter characters that could change the meaning of the query (https://tools.ietf.org/search/rfc4515\\#section-3).\n\n\n## Example\nIn the following examples, the code accepts both `username` and `dc` from the user, which it then uses to build a LDAP query and DN.\n\nThe first and the second example uses the unsanitized user input directly in the search filter and DN for the LDAP query. A malicious user could provide special characters to change the meaning of these components, and search for a completely different set of values.\n\n\n```python\nfrom flask import request, Flask\nimport ldap\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    dn = \"dc={}\".format(unsafe_dc)\n    search_filter = \"(user={})\".format(unsafe_filter)\n\n    ldap_connection = ldap.initialize(\"ldap://127.0.0.1\")\n    user = ldap_connection.search_s(\n        dn, ldap.SCOPE_SUBTREE, search_filter)\n\n```\n\n```python\nfrom flask import request, Flask\nimport ldap3\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    dn = \"dc={}\".format(unsafe_dc)\n    search_filter = \"(user={})\".format(unsafe_filter)\n\n    srv = ldap3.Server('ldap://127.0.0.1')\n    conn = ldap3.Connection(srv, user=dn, auto_bind=True)\n    conn.search(dn, search_filter)\n\n```\nIn the third and fourth example, the input provided by the user is sanitized before it is included in the search filter or DN. This ensures the meaning of the query cannot be changed by a malicious user.\n\n\n```python\nfrom flask import request, Flask\nimport ldap\nimport ldap.filter\nimport ldap.dn\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    safe_dc = ldap.dn.escape_dn_chars(unsafe_dc)\n    safe_filter = ldap.filter.escape_filter_chars(unsafe_filter)\n\n    dn = \"dc={}\".format(safe_dc)\n    search_filter = \"(user={})\".format(safe_filter)\n\n    ldap_connection = ldap.initialize(\"ldap://127.0.0.1\")\n    user = ldap_connection.search_s(\n        dn, ldap.SCOPE_SUBTREE, search_filter)\n\n```\n\n```python\nfrom flask import request, Flask\nimport ldap3\nfrom ldap3.utils.dn import escape_rdn\nfrom ldap3.utils.conv import escape_filter_chars\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    safe_dc = escape_rdn(unsafe_dc)\n    safe_filter = escape_filter_chars(unsafe_filter)\n\n    dn = \"dc={}\".format(safe_dc)\n    search_filter = \"(user={})\".format(safe_filter)\n\n    srv = ldap3.Server('ldap://127.0.0.1')\n    conn = ldap3.Connection(srv, user=dn, auto_bind=True)\n    conn.search(dn, search_filter)\n\n```\n\n## References\n* OWASP: [LDAP Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html).\n* OWASP: [LDAP Injection](https://owasp.org/www-community/attacks/LDAP_Injection).\n* SonarSource: [RSPEC-2078](https://rules.sonarsource.com/python/RSPEC-2078).\n* Python2: [LDAP Documentation](https://www.python-ldap.org/en/python-ldap-3.3.0/reference/ldap.html).\n* Python3: [LDAP Documentation](https://ldap3.readthedocs.io/en/latest/).\n* Wikipedia: [LDAP injection](https://en.wikipedia.org/wiki/LDAP_injection).\n* BlackHat: [LDAP Injection and Blind LDAP Injection](https://www.blackhat.com/presentations/bh-europe-08/Alonso-Parada/Whitepaper/bh-eu-08-alonso-parada-WP.pdf).\n* LDAP: [Understanding and Defending Against LDAP Injection Attacks](https://ldap.com/2018/05/04/understanding-and-defending-against-ldap-injection-attacks/).\n* Common Weakness Enumeration: [CWE-90](https://cwe.mitre.org/data/definitions/90.html).\n",
+                  "markdown": "# LDAP query built from user-controlled sources\nIf an LDAP query or DN is built using string concatenation or string formatting, and the components of the concatenation include user input without any proper sanitization, a user is likely to be able to run malicious LDAP queries.\n\n\n## Recommendation\nIf user input must be included in an LDAP query or DN, it should be escaped to avoid a malicious user providing special characters that change the meaning of the query. In Python2, user input should be escaped with `ldap.dn.escape_dn_chars` or `ldap.filter.escape_filter_chars`, while in Python3, user input should be escaped with `ldap3.utils.dn.escape_rdn` or `ldap3.utils.conv.escape_filter_chars` depending on the component tainted by the user. A good practice is to escape filter characters that could change the meaning of the query (https://tools.ietf.org/search/rfc4515\\#section-3).\n\n\n## Example\nIn the following examples, the code accepts both `username` and `dc` from the user, which it then uses to build a LDAP query and DN.\n\nThe first and the second example uses the unsanitized user input directly in the search filter and DN for the LDAP query. A malicious user could provide special characters to change the meaning of these components, and search for a completely different set of values.\n\n\n```python\nfrom flask import request, Flask\nimport ldap\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    dn = \"dc={}\".format(unsafe_dc)\n    search_filter = \"(user={})\".format(unsafe_filter)\n\n    ldap_connection = ldap.initialize(\"ldap://127.0.0.1\")\n    user = ldap_connection.search_s(\n        dn, ldap.SCOPE_SUBTREE, search_filter)\n\n```\n\n```python\nfrom flask import request, Flask\nimport ldap3\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    dn = \"dc={}\".format(unsafe_dc)\n    search_filter = \"(user={})\".format(unsafe_filter)\n\n    srv = ldap3.Server('ldap://127.0.0.1')\n    conn = ldap3.Connection(srv, user=dn, auto_bind=True)\n    conn.search(dn, search_filter)\n\n```\nIn the third and fourth example, the input provided by the user is sanitized before it is included in the search filter or DN. This ensures the meaning of the query cannot be changed by a malicious user.\n\n\n```python\nfrom flask import request, Flask\nimport ldap\nimport ldap.filter\nimport ldap.dn\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    safe_dc = ldap.dn.escape_dn_chars(unsafe_dc)\n    safe_filter = ldap.filter.escape_filter_chars(unsafe_filter)\n\n    dn = \"dc={}\".format(safe_dc)\n    search_filter = \"(user={})\".format(safe_filter)\n\n    ldap_connection = ldap.initialize(\"ldap://127.0.0.1\")\n    user = ldap_connection.search_s(\n        dn, ldap.SCOPE_SUBTREE, search_filter)\n\n```\n\n```python\nfrom flask import request, Flask\nimport ldap3\nfrom ldap3.utils.dn import escape_rdn\nfrom ldap3.utils.conv import escape_filter_chars\n\n\n@app.route(\"/normal\")\ndef normal():\n    unsafe_dc = request.args['dc']\n    unsafe_filter = request.args['username']\n\n    safe_dc = escape_rdn(unsafe_dc)\n    safe_filter = escape_filter_chars(unsafe_filter)\n\n    dn = \"dc={}\".format(safe_dc)\n    search_filter = \"(user={})\".format(safe_filter)\n\n    srv = ldap3.Server('ldap://127.0.0.1')\n    conn = ldap3.Connection(srv, user=dn, auto_bind=True)\n    conn.search(dn, search_filter)\n\n```\n\n## References\n* OWASP: [LDAP Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html).\n* OWASP: [LDAP Injection](https://owasp.org/www-community/attacks/LDAP_Injection).\n* SonarSource: [RSPEC-2078](https://rules.sonarsource.com/python/RSPEC-2078).\n* Python2: [LDAP Documentation](https://www.python-ldap.org/en/python-ldap-3.3.0/reference/ldap.html).\n* Python3: [LDAP Documentation](https://ldap3.readthedocs.io/en/latest/).\n* Wikipedia: [LDAP injection](https://en.wikipedia.org/wiki/LDAP_injection).\n* BlackHat: [LDAP Injection and Blind LDAP Injection](https://www.blackhat.com/presentations/bh-europe-08/Alonso-Parada/Whitepaper/bh-eu-08-alonso-parada-WP.pdf).\n* LDAP: [Understanding and Defending Against LDAP Injection Attacks](https://ldap.com/2018/05/04/understanding-and-defending-against-ldap-injection-attacks/).\n* Common Weakness Enumeration: [CWE-90](https://cwe.mitre.org/data/definitions/90.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-090/LdapInjection.ql",
+                  "security-severity": "9.8",
+                  "tags": [
+                    "external/cwe/cwe-090",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/nosql-injection",
+                "name": "py/nosql-injection",
+                "short_description": {
+                  "text": "NoSQL Injection"
+                },
+                "full_description": {
+                  "text": "Building a NoSQL query from user-controlled sources is vulnerable to insertion of malicious NoSQL code by the user."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# NoSQL Injection\nPassing user-controlled sources into NoSQL queries can result in a NoSQL injection flaw. This tainted NoSQL query containing a user-controlled source can then execute a malicious query in a NoSQL database such as MongoDB. In order for the user-controlled source to taint the NoSQL query, the user-controller source must be converted into a Python object using something like `json.loads` or `xmltodict.parse`.\n\nBecause a user-controlled source is passed into the query, the malicious user can have complete control over the query itself. When the tainted query is executed, the malicious user can commit malicious actions such as bypassing role restrictions or accessing and modifying restricted data in the NoSQL database.\n\n\n## Recommendation\nNoSQL injections can be prevented by escaping user-input's special characters that are passed into the NoSQL query from the user-supplied source. Alternatively, using a sanitize library such as MongoSanitizer will ensure that user-supplied sources can not act as a malicious query.\n\n\n## Example\nIn the example below, the user-supplied source is passed to a MongoDB function that queries the MongoDB database.\n\n\n```python\nfrom flask import Flask, request\nfrom flask_pymongo import PyMongo\nimport json\n\nmongo = PyMongo(app)\n\n\n@app.route(\"/\")\ndef home_page():\n    unsanitized_search = request.args['search']\n    json_search = json.loads(unsanitized_search)\n\n    result = mongo.db.user.find({'name': json_search})\n\n```\nThis can be fixed by using a sanitizer library like MongoSanitizer as shown in this annotated code version below.\n\n\n```python\nfrom flask import Flask, request\nfrom flask_pymongo import PyMongo\nfrom mongosanitizer.sanitizer import sanitize\nimport json\n\nmongo = PyMongo(app)\n\n\n@app.route(\"/\")\ndef home_page():\n    unsafe_search = request.args['search']\n    json_search = json.loads(unsafe_search)\n    safe_search = sanitize(unsanitized_search)\n\n    result = client.db.collection.find_one({'data': safe_search})\n\n```\n\n## References\n* Mongoengine: [Documentation](http://mongoengine.org/).\n* Flask-Mongoengine: [Documentation](http://docs.mongoengine.org/projects/flask-mongoengine/en/latest/).\n* PyMongo: [Documentation](https://pypi.org/project/pymongo/).\n* Flask-PyMongo: [Documentation](https://flask-pymongo.readthedocs.io/en/latest/).\n* OWASP: [NoSQL Injection](https://owasp.org/www-pdf-archive/GOD16-NOSQL.pdf).\n* Security Stack Exchange Discussion: [Question 83231](https://security.stackexchange.com/questions/83231/mongodb-nosql-injection-in-python-code).\n* Common Weakness Enumeration: [CWE-943](https://cwe.mitre.org/data/definitions/943.html).\n",
+                  "markdown": "# NoSQL Injection\nPassing user-controlled sources into NoSQL queries can result in a NoSQL injection flaw. This tainted NoSQL query containing a user-controlled source can then execute a malicious query in a NoSQL database such as MongoDB. In order for the user-controlled source to taint the NoSQL query, the user-controller source must be converted into a Python object using something like `json.loads` or `xmltodict.parse`.\n\nBecause a user-controlled source is passed into the query, the malicious user can have complete control over the query itself. When the tainted query is executed, the malicious user can commit malicious actions such as bypassing role restrictions or accessing and modifying restricted data in the NoSQL database.\n\n\n## Recommendation\nNoSQL injections can be prevented by escaping user-input's special characters that are passed into the NoSQL query from the user-supplied source. Alternatively, using a sanitize library such as MongoSanitizer will ensure that user-supplied sources can not act as a malicious query.\n\n\n## Example\nIn the example below, the user-supplied source is passed to a MongoDB function that queries the MongoDB database.\n\n\n```python\nfrom flask import Flask, request\nfrom flask_pymongo import PyMongo\nimport json\n\nmongo = PyMongo(app)\n\n\n@app.route(\"/\")\ndef home_page():\n    unsanitized_search = request.args['search']\n    json_search = json.loads(unsanitized_search)\n\n    result = mongo.db.user.find({'name': json_search})\n\n```\nThis can be fixed by using a sanitizer library like MongoSanitizer as shown in this annotated code version below.\n\n\n```python\nfrom flask import Flask, request\nfrom flask_pymongo import PyMongo\nfrom mongosanitizer.sanitizer import sanitize\nimport json\n\nmongo = PyMongo(app)\n\n\n@app.route(\"/\")\ndef home_page():\n    unsafe_search = request.args['search']\n    json_search = json.loads(unsafe_search)\n    safe_search = sanitize(unsanitized_search)\n\n    result = client.db.collection.find_one({'data': safe_search})\n\n```\n\n## References\n* Mongoengine: [Documentation](http://mongoengine.org/).\n* Flask-Mongoengine: [Documentation](http://docs.mongoengine.org/projects/flask-mongoengine/en/latest/).\n* PyMongo: [Documentation](https://pypi.org/project/pymongo/).\n* Flask-PyMongo: [Documentation](https://flask-pymongo.readthedocs.io/en/latest/).\n* OWASP: [NoSQL Injection](https://owasp.org/www-pdf-archive/GOD16-NOSQL.pdf).\n* Security Stack Exchange Discussion: [Question 83231](https://security.stackexchange.com/questions/83231/mongodb-nosql-injection-in-python-code).\n* Common Weakness Enumeration: [CWE-943](https://cwe.mitre.org/data/definitions/943.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-943/NoSqlInjection.ql",
+                  "security-severity": "8.8",
+                  "tags": [
+                    "external/cwe/cwe-943",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/overly-large-range",
+                "name": "py/overly-large-range",
+                "short_description": {
+                  "text": "Overly permissive regular expression range"
+                },
+                "full_description": {
+                  "text": "Overly permissive regular expression ranges match a wider range of characters than intended. This may allow an attacker to bypass a filter or sanitizer."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Overly permissive regular expression range\nIt's easy to write a regular expression range that matches a wider range of characters than you intended. For example, `/[a-zA-z]/` matches all lowercase and all uppercase letters, as you would expect, but it also matches the characters: `` [ \\ ] ^ _ ` ``.\n\nAnother common problem is failing to escape the dash character in a regular expression. An unescaped dash is interpreted as part of a range. For example, in the character class `[a-zA-Z0-9%=.,-_]` the last character range matches the 55 characters between `,` and `_` (both included), which overlaps with the range `[0-9]` and is clearly not intended by the writer.\n\n\n## Recommendation\nAvoid any confusion about which characters are included in the range by writing unambiguous regular expressions. Always check that character ranges match only the expected characters.\n\n\n## Example\nThe following example code is intended to check whether a string is a valid 6 digit hex color.\n\n```python\n\nimport re\ndef is_valid_hex_color(color):\n    return re.match(r'^#[0-9a-fA-f]{6}$', color) is not None\n\n```\nHowever, the `A-f` range is overly large and matches every uppercase character. It would parse a \"color\" like `#XXYYZZ` as valid.\n\nThe fix is to use an uppercase `A-F` range instead.\n\n```python\n\nimport re\ndef is_valid_hex_color(color):\n    return re.match(r'^#[0-9a-fA-F]{6}$', color) is not None\n\n```\n\n## References\n* GitHub Advisory Database: [CVE-2021-42740: Improper Neutralization of Special Elements used in a Command in Shell-quote](https://github.com/advisories/GHSA-g4rg-993r-mgx7)\n* wh0.github.io: [Exploiting CVE-2021-42740](https://wh0.github.io/2021/10/28/shell-quote-rce-exploiting.html)\n* Yosuke Ota: [no-obscure-range](https://ota-meshi.github.io/eslint-plugin-regexp/rules/no-obscure-range.html)\n* Paul Boyd: [The regex \\[,-.\\]](https://pboyd.io/posts/comma-dash-dot/)\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n",
+                  "markdown": "# Overly permissive regular expression range\nIt's easy to write a regular expression range that matches a wider range of characters than you intended. For example, `/[a-zA-z]/` matches all lowercase and all uppercase letters, as you would expect, but it also matches the characters: `` [ \\ ] ^ _ ` ``.\n\nAnother common problem is failing to escape the dash character in a regular expression. An unescaped dash is interpreted as part of a range. For example, in the character class `[a-zA-Z0-9%=.,-_]` the last character range matches the 55 characters between `,` and `_` (both included), which overlaps with the range `[0-9]` and is clearly not intended by the writer.\n\n\n## Recommendation\nAvoid any confusion about which characters are included in the range by writing unambiguous regular expressions. Always check that character ranges match only the expected characters.\n\n\n## Example\nThe following example code is intended to check whether a string is a valid 6 digit hex color.\n\n```python\n\nimport re\ndef is_valid_hex_color(color):\n    return re.match(r'^#[0-9a-fA-f]{6}$', color) is not None\n\n```\nHowever, the `A-f` range is overly large and matches every uppercase character. It would parse a \"color\" like `#XXYYZZ` as valid.\n\nThe fix is to use an uppercase `A-F` range instead.\n\n```python\n\nimport re\ndef is_valid_hex_color(color):\n    return re.match(r'^#[0-9a-fA-F]{6}$', color) is not None\n\n```\n\n## References\n* GitHub Advisory Database: [CVE-2021-42740: Improper Neutralization of Special Elements used in a Command in Shell-quote](https://github.com/advisories/GHSA-g4rg-993r-mgx7)\n* wh0.github.io: [Exploiting CVE-2021-42740](https://wh0.github.io/2021/10/28/shell-quote-rce-exploiting.html)\n* Yosuke Ota: [no-obscure-range](https://ota-meshi.github.io/eslint-plugin-regexp/rules/no-obscure-range.html)\n* Paul Boyd: [The regex \\[,-.\\]](https://pboyd.io/posts/comma-dash-dot/)\n* Common Weakness Enumeration: [CWE-20](https://cwe.mitre.org/data/definitions/20.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-020/OverlyLargeRange.ql",
+                  "security-severity": "5",
+                  "tags": [
+                    "correctness",
+                    "external/cwe/cwe-020",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/pam-auth-bypass",
+                "name": "py/pam-auth-bypass",
+                "short_description": {
+                  "text": "PAM authorization bypass due to incorrect usage"
+                },
+                "full_description": {
+                  "text": "Not using `pam_acct_mgmt` after `pam_authenticate` to check the validity of a login can lead to authorization bypass."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# PAM authorization bypass due to incorrect usage\nUsing only a call to `pam_authenticate` to check the validity of a login can lead to authorization bypass vulnerabilities.\n\nA `pam_authenticate` only verifies the credentials of a user. It does not check if a user has an appropriate authorization to actually login. This means a user with an expired login or a password can still access the system.\n\n\n## Recommendation\nA call to `pam_authenticate` should be followed by a call to `pam_acct_mgmt` to check if a user is allowed to login.\n\n\n## Example\nIn the following example, the code only checks the credentials of a user. Hence, in this case, a user with expired credentials can still login. This can be verified by creating a new user account, expiring it with ``` chage -E0 `username`  ``` and then trying to log in.\n\n\n```python\nlibpam                    = CDLL(find_library(\"pam\"))\n\npam_authenticate          = libpam.pam_authenticate\npam_authenticate.restype  = c_int\npam_authenticate.argtypes = [PamHandle, c_int]\n\ndef authenticate(username, password, service='login'):\n    def my_conv(n_messages, messages, p_response, app_data):\n        \"\"\"\n        Simple conversation function that responds to any prompt where the echo is off with the supplied password\n        \"\"\"\n        ...\n\n    handle = PamHandle()\n    conv   = PamConv(my_conv, 0)\n    retval = pam_start(service, username, byref(conv), byref(handle))\n\n    retval = pam_authenticate(handle, 0)\n    return retval == 0\n\n```\nThis can be avoided by calling `pam_acct_mgmt` call to verify access as has been done in the snippet shown below.\n\n\n```python\nlibpam                    = CDLL(find_library(\"pam\"))\n\npam_authenticate          = libpam.pam_authenticate\npam_authenticate.restype  = c_int\npam_authenticate.argtypes = [PamHandle, c_int]\n\npam_acct_mgmt          = libpam.pam_acct_mgmt\npam_acct_mgmt.restype  = c_int\npam_acct_mgmt.argtypes = [PamHandle, c_int]\n\ndef authenticate(username, password, service='login'):\n    def my_conv(n_messages, messages, p_response, app_data):\n        \"\"\"\n        Simple conversation function that responds to any prompt where the echo is off with the supplied password\n        \"\"\"\n        ...\n\n    handle = PamHandle()\n    conv   = PamConv(my_conv, 0)\n    retval = pam_start(service, username, byref(conv), byref(handle))\n\n    retval = pam_authenticate(handle, 0)\n    if retval == 0:\n        retval = pam_acct_mgmt(handle, 0)\n    return retval == 0\n\n```\n\n## References\n* Man-Page: [pam_acct_mgmt](https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html)\n* Common Weakness Enumeration: [CWE-285](https://cwe.mitre.org/data/definitions/285.html).\n",
+                  "markdown": "# PAM authorization bypass due to incorrect usage\nUsing only a call to `pam_authenticate` to check the validity of a login can lead to authorization bypass vulnerabilities.\n\nA `pam_authenticate` only verifies the credentials of a user. It does not check if a user has an appropriate authorization to actually login. This means a user with an expired login or a password can still access the system.\n\n\n## Recommendation\nA call to `pam_authenticate` should be followed by a call to `pam_acct_mgmt` to check if a user is allowed to login.\n\n\n## Example\nIn the following example, the code only checks the credentials of a user. Hence, in this case, a user with expired credentials can still login. This can be verified by creating a new user account, expiring it with ``` chage -E0 `username`  ``` and then trying to log in.\n\n\n```python\nlibpam                    = CDLL(find_library(\"pam\"))\n\npam_authenticate          = libpam.pam_authenticate\npam_authenticate.restype  = c_int\npam_authenticate.argtypes = [PamHandle, c_int]\n\ndef authenticate(username, password, service='login'):\n    def my_conv(n_messages, messages, p_response, app_data):\n        \"\"\"\n        Simple conversation function that responds to any prompt where the echo is off with the supplied password\n        \"\"\"\n        ...\n\n    handle = PamHandle()\n    conv   = PamConv(my_conv, 0)\n    retval = pam_start(service, username, byref(conv), byref(handle))\n\n    retval = pam_authenticate(handle, 0)\n    return retval == 0\n\n```\nThis can be avoided by calling `pam_acct_mgmt` call to verify access as has been done in the snippet shown below.\n\n\n```python\nlibpam                    = CDLL(find_library(\"pam\"))\n\npam_authenticate          = libpam.pam_authenticate\npam_authenticate.restype  = c_int\npam_authenticate.argtypes = [PamHandle, c_int]\n\npam_acct_mgmt          = libpam.pam_acct_mgmt\npam_acct_mgmt.restype  = c_int\npam_acct_mgmt.argtypes = [PamHandle, c_int]\n\ndef authenticate(username, password, service='login'):\n    def my_conv(n_messages, messages, p_response, app_data):\n        \"\"\"\n        Simple conversation function that responds to any prompt where the echo is off with the supplied password\n        \"\"\"\n        ...\n\n    handle = PamHandle()\n    conv   = PamConv(my_conv, 0)\n    retval = pam_start(service, username, byref(conv), byref(handle))\n\n    retval = pam_authenticate(handle, 0)\n    if retval == 0:\n        retval = pam_acct_mgmt(handle, 0)\n    return retval == 0\n\n```\n\n## References\n* Man-Page: [pam_acct_mgmt](https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html)\n* Common Weakness Enumeration: [CWE-285](https://cwe.mitre.org/data/definitions/285.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-285/PamAuthorization.ql",
+                  "security-severity": "8.1",
+                  "tags": [
+                    "external/cwe/cwe-285",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/paramiko-missing-host-key-validation",
+                "name": "py/paramiko-missing-host-key-validation",
+                "short_description": {
+                  "text": "Accepting unknown SSH host keys when using Paramiko"
+                },
+                "full_description": {
+                  "text": "Accepting unknown host keys can allow man-in-the-middle attacks."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Accepting unknown SSH host keys when using Paramiko\nIn the Secure Shell (SSH) protocol, host keys are used to verify the identity of remote hosts. Accepting unknown host keys may leave the connection open to man-in-the-middle attacks.\n\n\n## Recommendation\nDo not accept unknown host keys. In particular, do not set the default missing host key policy for the Paramiko library to either `AutoAddPolicy` or `WarningPolicy`. Both of these policies continue even when the host key is unknown. The default setting of `RejectPolicy` is secure because it throws an exception when it encounters an unknown host key.\n\n\n## Example\nThe following example shows two ways of opening an SSH connection to `example.com`. The first function sets the missing host key policy to `AutoAddPolicy`. If the host key verification fails, the client will continue to interact with the server, even though the connection may be compromised. The second function sets the host key policy to `RejectPolicy`, and will throw an exception if the host key verification fails.\n\n\n```python\nfrom paramiko.client import SSHClient, AutoAddPolicy, RejectPolicy\n\ndef unsafe_connect():\n    client = SSHClient()\n    client.set_missing_host_key_policy(AutoAddPolicy)\n    client.connect(\"example.com\")\n\n    # ... interaction with server\n\n    client.close()\n\ndef safe_connect():\n    client = SSHClient()\n    client.set_missing_host_key_policy(RejectPolicy)\n    client.connect(\"example.com\")\n\n    # ... interaction with server\n\n    client.close()\n\n```\n\n## References\n* Paramiko documentation: [set_missing_host_key_policy](http://docs.paramiko.org/en/2.4/api/client.html?highlight=set_missing_host_key_policy#paramiko.client.SSHClient.set_missing_host_key_policy).\n* Common Weakness Enumeration: [CWE-295](https://cwe.mitre.org/data/definitions/295.html).\n",
+                  "markdown": "# Accepting unknown SSH host keys when using Paramiko\nIn the Secure Shell (SSH) protocol, host keys are used to verify the identity of remote hosts. Accepting unknown host keys may leave the connection open to man-in-the-middle attacks.\n\n\n## Recommendation\nDo not accept unknown host keys. In particular, do not set the default missing host key policy for the Paramiko library to either `AutoAddPolicy` or `WarningPolicy`. Both of these policies continue even when the host key is unknown. The default setting of `RejectPolicy` is secure because it throws an exception when it encounters an unknown host key.\n\n\n## Example\nThe following example shows two ways of opening an SSH connection to `example.com`. The first function sets the missing host key policy to `AutoAddPolicy`. If the host key verification fails, the client will continue to interact with the server, even though the connection may be compromised. The second function sets the host key policy to `RejectPolicy`, and will throw an exception if the host key verification fails.\n\n\n```python\nfrom paramiko.client import SSHClient, AutoAddPolicy, RejectPolicy\n\ndef unsafe_connect():\n    client = SSHClient()\n    client.set_missing_host_key_policy(AutoAddPolicy)\n    client.connect(\"example.com\")\n\n    # ... interaction with server\n\n    client.close()\n\ndef safe_connect():\n    client = SSHClient()\n    client.set_missing_host_key_policy(RejectPolicy)\n    client.connect(\"example.com\")\n\n    # ... interaction with server\n\n    client.close()\n\n```\n\n## References\n* Paramiko documentation: [set_missing_host_key_policy](http://docs.paramiko.org/en/2.4/api/client.html?highlight=set_missing_host_key_policy#paramiko.client.SSHClient.set_missing_host_key_policy).\n* Common Weakness Enumeration: [CWE-295](https://cwe.mitre.org/data/definitions/295.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-295/MissingHostKeyValidation.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-295",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/path-injection",
+                "name": "py/path-injection",
+                "short_description": {
+                  "text": "Uncontrolled data used in path expression"
+                },
+                "full_description": {
+                  "text": "Accessing paths influenced by users can allow an attacker to access unexpected resources."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Uncontrolled data used in path expression\nAccessing files using paths constructed from user-controlled data can allow an attacker to access unexpected resources. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\n\n## Recommendation\nValidate user input before using it to construct a file path, either using an off-the-shelf library function like `werkzeug.utils.secure_filename`, or by performing custom validation.\n\nIdeally, follow these rules:\n\n* Do not allow more than a single \".\" character.\n* Do not allow directory separators such as \"/\" or \"\\\\\" (depending on the file system).\n* Do not rely on simply replacing problematic sequences such as \"../\". For example, after applying this filter to \".../...//\", the resulting string would still be \"../\".\n* Use an allowlist of known good patterns.\n\n## Example\nIn the first example, a file name is read from an HTTP request and then used to access a file. However, a malicious user could enter a file name that is an absolute path, such as `\"/etc/passwd\"`.\n\nIn the second example, it appears that the user is restricted to opening a file within the `\"user\"` home directory. However, a malicious user could enter a file name containing special characters. For example, the string `\"../../../etc/passwd\"` will result in the code reading the file located at `\"/server/static/images/../../../etc/passwd\"`, which is the system's password file. This file would then be sent back to the user, giving them access to all the system's passwords. Note that a user could also use an absolute path here, since the result of `os.path.join(\"/server/static/images/\", \"/etc/passwd\")` is `\"/etc/passwd\"`.\n\nIn the third example, the path used to access the file system is normalized *before* being checked against a known prefix. This ensures that regardless of the user input, the resulting path is safe.\n\n\n```python\nimport os.path\nfrom flask import Flask, request, abort\n\napp = Flask(__name__)\n\n@app.route(\"/user_picture1\")\ndef user_picture1():\n    filename = request.args.get('p')\n    # BAD: This could read any file on the file system\n    data = open(filename, 'rb').read()\n    return data\n\n@app.route(\"/user_picture2\")\ndef user_picture2():\n    base_path = '/server/static/images'\n    filename = request.args.get('p')\n    # BAD: This could still read any file on the file system\n    data = open(os.path.join(base_path, filename), 'rb').read()\n    return data\n\n@app.route(\"/user_picture3\")\ndef user_picture3():\n    base_path = '/server/static/images'\n    filename = request.args.get('p')\n    #GOOD -- Verify with normalised version of path\n    fullpath = os.path.normpath(os.path.join(base_path, filename))\n    if not fullpath.startswith(base_path):\n        raise Exception(\"not allowed\")\n    data = open(fullpath, 'rb').read()\n    return data\n\n```\n\n## References\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* npm: [werkzeug.utils.secure_filename](http://werkzeug.pocoo.org/docs/utils/#werkzeug.utils.secure_filename).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n* Common Weakness Enumeration: [CWE-23](https://cwe.mitre.org/data/definitions/23.html).\n* Common Weakness Enumeration: [CWE-36](https://cwe.mitre.org/data/definitions/36.html).\n* Common Weakness Enumeration: [CWE-73](https://cwe.mitre.org/data/definitions/73.html).\n* Common Weakness Enumeration: [CWE-99](https://cwe.mitre.org/data/definitions/99.html).\n",
+                  "markdown": "# Uncontrolled data used in path expression\nAccessing files using paths constructed from user-controlled data can allow an attacker to access unexpected resources. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\n\n## Recommendation\nValidate user input before using it to construct a file path, either using an off-the-shelf library function like `werkzeug.utils.secure_filename`, or by performing custom validation.\n\nIdeally, follow these rules:\n\n* Do not allow more than a single \".\" character.\n* Do not allow directory separators such as \"/\" or \"\\\\\" (depending on the file system).\n* Do not rely on simply replacing problematic sequences such as \"../\". For example, after applying this filter to \".../...//\", the resulting string would still be \"../\".\n* Use an allowlist of known good patterns.\n\n## Example\nIn the first example, a file name is read from an HTTP request and then used to access a file. However, a malicious user could enter a file name that is an absolute path, such as `\"/etc/passwd\"`.\n\nIn the second example, it appears that the user is restricted to opening a file within the `\"user\"` home directory. However, a malicious user could enter a file name containing special characters. For example, the string `\"../../../etc/passwd\"` will result in the code reading the file located at `\"/server/static/images/../../../etc/passwd\"`, which is the system's password file. This file would then be sent back to the user, giving them access to all the system's passwords. Note that a user could also use an absolute path here, since the result of `os.path.join(\"/server/static/images/\", \"/etc/passwd\")` is `\"/etc/passwd\"`.\n\nIn the third example, the path used to access the file system is normalized *before* being checked against a known prefix. This ensures that regardless of the user input, the resulting path is safe.\n\n\n```python\nimport os.path\nfrom flask import Flask, request, abort\n\napp = Flask(__name__)\n\n@app.route(\"/user_picture1\")\ndef user_picture1():\n    filename = request.args.get('p')\n    # BAD: This could read any file on the file system\n    data = open(filename, 'rb').read()\n    return data\n\n@app.route(\"/user_picture2\")\ndef user_picture2():\n    base_path = '/server/static/images'\n    filename = request.args.get('p')\n    # BAD: This could still read any file on the file system\n    data = open(os.path.join(base_path, filename), 'rb').read()\n    return data\n\n@app.route(\"/user_picture3\")\ndef user_picture3():\n    base_path = '/server/static/images'\n    filename = request.args.get('p')\n    #GOOD -- Verify with normalised version of path\n    fullpath = os.path.normpath(os.path.join(base_path, filename))\n    if not fullpath.startswith(base_path):\n        raise Exception(\"not allowed\")\n    data = open(fullpath, 'rb').read()\n    return data\n\n```\n\n## References\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* npm: [werkzeug.utils.secure_filename](http://werkzeug.pocoo.org/docs/utils/#werkzeug.utils.secure_filename).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n* Common Weakness Enumeration: [CWE-23](https://cwe.mitre.org/data/definitions/23.html).\n* Common Weakness Enumeration: [CWE-36](https://cwe.mitre.org/data/definitions/36.html).\n* Common Weakness Enumeration: [CWE-73](https://cwe.mitre.org/data/definitions/73.html).\n* Common Weakness Enumeration: [CWE-99](https://cwe.mitre.org/data/definitions/99.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-022/PathInjection.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "correctness",
+                    "external/cwe/cwe-022",
+                    "external/cwe/cwe-023",
+                    "external/cwe/cwe-036",
+                    "external/cwe/cwe-073",
+                    "external/cwe/cwe-099",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/polynomial-redos",
+                "name": "py/polynomial-redos",
+                "short_description": {
+                  "text": "Polynomial regular expression used on uncontrolled data"
+                },
+                "full_description": {
+                  "text": "A regular expression that can require polynomial time to match may be vulnerable to denial-of-service attacks."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Polynomial regular expression used on uncontrolled data\nSome regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length *n* is proportional to *n<sup>k</sup>* or even *2<sup>n</sup>*. Such regular expressions can negatively affect performance, or even allow a malicious user to perform a Denial of Service (\"DoS\") attack by crafting an expensive input string for the regular expression to match.\n\nThe regular expression engine provided by Python uses a backtracking non-deterministic finite automata to implement regular expression matching. While this approach is space-efficient and allows supporting advanced features like capture groups, it is not time-efficient in general. The worst-case time complexity of such an automaton can be polynomial or even exponential, meaning that for strings of a certain shape, increasing the input length by ten characters may make the automaton about 1000 times slower.\n\nTypically, a regular expression is affected by this problem if it contains a repetition of the form `r*` or `r+` where the sub-expression `r` is ambiguous in the sense that it can match some string in multiple ways. More information about the precise circumstances can be found in the references.\n\n\n## Recommendation\nModify the regular expression to remove the ambiguity, or ensure that the strings matched with the regular expression are short enough that the time-complexity does not matter.\n\n\n## Example\nConsider this use of a regular expression, which removes all leading and trailing whitespace in a string:\n\n```python\n\nre.sub(r\"^\\s+|\\s+$\", \"\", text) # BAD\n```\nThe sub-expression `\"\\s+$\"` will match the whitespace characters in `text` from left to right, but it can start matching anywhere within a whitespace sequence. This is problematic for strings that do **not** end with a whitespace character. Such a string will force the regular expression engine to process each whitespace sequence once per whitespace character in the sequence.\n\nThis ultimately means that the time cost of trimming a string is quadratic in the length of the string. So a string like `\"a b\"` will take milliseconds to process, but a similar string with a million spaces instead of just one will take several minutes.\n\nAvoid this problem by rewriting the regular expression to not contain the ambiguity about when to start matching whitespace sequences. For instance, by using a negative look-behind (`^\\s+|(?<!\\s)\\s+$`), or just by using the built-in strip method (`text.strip()`).\n\nNote that the sub-expression `\"^\\s+\"` is **not** problematic as the `^` anchor restricts when that sub-expression can start matching, and as the regular expression engine matches from left to right.\n\n\n## Example\nAs a similar, but slightly subtler problem, consider the regular expression that matches lines with numbers, possibly written using scientific notation:\n\n```python\n\n^0\\.\\d+E?\\d+$ # BAD\n```\nThe problem with this regular expression is in the sub-expression `\\d+E?\\d+` because the second `\\d+` can start matching digits anywhere after the first match of the first `\\d+` if there is no `E` in the input string.\n\nThis is problematic for strings that do **not** end with a digit. Such a string will force the regular expression engine to process each digit sequence once per digit in the sequence, again leading to a quadratic time complexity.\n\nTo make the processing faster, the regular expression should be rewritten such that the two `\\d+` sub-expressions do not have overlapping matches: `^0\\.\\d+(E\\d+)?$`.\n\n\n## Example\nSometimes it is unclear how a regular expression can be rewritten to avoid the problem. In such cases, it often suffices to limit the length of the input string. For instance, the following regular expression is used to match numbers, and on some non-number inputs it can have quadratic time complexity:\n\n```python\n\nmatch = re.search(r'^(\\+|-)?(\\d+|(\\d*\\.\\d*))?(E|e)?([-+])?(\\d+)?$', str) \n```\nIt is not immediately obvious how to rewrite this regular expression to avoid the problem. However, you can mitigate performance issues by limiting the length to 1000 characters, which will always finish in a reasonable amount of time.\n\n```python\n\nif len(str) > 1000:\n    raise ValueError(\"Input too long\")\n\nmatch = re.search(r'^(\\+|-)?(\\d+|(\\d*\\.\\d*))?(E|e)?([-+])?(\\d+)?$', str) \n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Wikipedia: [Time complexity](https://en.wikipedia.org/wiki/Time_complexity).\n* James Kirrage, Asiri Rathnayake, Hayo Thielecke: [Static Analysis for Regular Expression Denial-of-Service Attack](https://arxiv.org/abs/1301.0849).\n* Common Weakness Enumeration: [CWE-1333](https://cwe.mitre.org/data/definitions/1333.html).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n",
+                  "markdown": "# Polynomial regular expression used on uncontrolled data\nSome regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length *n* is proportional to *n<sup>k</sup>* or even *2<sup>n</sup>*. Such regular expressions can negatively affect performance, or even allow a malicious user to perform a Denial of Service (\"DoS\") attack by crafting an expensive input string for the regular expression to match.\n\nThe regular expression engine provided by Python uses a backtracking non-deterministic finite automata to implement regular expression matching. While this approach is space-efficient and allows supporting advanced features like capture groups, it is not time-efficient in general. The worst-case time complexity of such an automaton can be polynomial or even exponential, meaning that for strings of a certain shape, increasing the input length by ten characters may make the automaton about 1000 times slower.\n\nTypically, a regular expression is affected by this problem if it contains a repetition of the form `r*` or `r+` where the sub-expression `r` is ambiguous in the sense that it can match some string in multiple ways. More information about the precise circumstances can be found in the references.\n\n\n## Recommendation\nModify the regular expression to remove the ambiguity, or ensure that the strings matched with the regular expression are short enough that the time-complexity does not matter.\n\n\n## Example\nConsider this use of a regular expression, which removes all leading and trailing whitespace in a string:\n\n```python\n\nre.sub(r\"^\\s+|\\s+$\", \"\", text) # BAD\n```\nThe sub-expression `\"\\s+$\"` will match the whitespace characters in `text` from left to right, but it can start matching anywhere within a whitespace sequence. This is problematic for strings that do **not** end with a whitespace character. Such a string will force the regular expression engine to process each whitespace sequence once per whitespace character in the sequence.\n\nThis ultimately means that the time cost of trimming a string is quadratic in the length of the string. So a string like `\"a b\"` will take milliseconds to process, but a similar string with a million spaces instead of just one will take several minutes.\n\nAvoid this problem by rewriting the regular expression to not contain the ambiguity about when to start matching whitespace sequences. For instance, by using a negative look-behind (`^\\s+|(?<!\\s)\\s+$`), or just by using the built-in strip method (`text.strip()`).\n\nNote that the sub-expression `\"^\\s+\"` is **not** problematic as the `^` anchor restricts when that sub-expression can start matching, and as the regular expression engine matches from left to right.\n\n\n## Example\nAs a similar, but slightly subtler problem, consider the regular expression that matches lines with numbers, possibly written using scientific notation:\n\n```python\n\n^0\\.\\d+E?\\d+$ # BAD\n```\nThe problem with this regular expression is in the sub-expression `\\d+E?\\d+` because the second `\\d+` can start matching digits anywhere after the first match of the first `\\d+` if there is no `E` in the input string.\n\nThis is problematic for strings that do **not** end with a digit. Such a string will force the regular expression engine to process each digit sequence once per digit in the sequence, again leading to a quadratic time complexity.\n\nTo make the processing faster, the regular expression should be rewritten such that the two `\\d+` sub-expressions do not have overlapping matches: `^0\\.\\d+(E\\d+)?$`.\n\n\n## Example\nSometimes it is unclear how a regular expression can be rewritten to avoid the problem. In such cases, it often suffices to limit the length of the input string. For instance, the following regular expression is used to match numbers, and on some non-number inputs it can have quadratic time complexity:\n\n```python\n\nmatch = re.search(r'^(\\+|-)?(\\d+|(\\d*\\.\\d*))?(E|e)?([-+])?(\\d+)?$', str) \n```\nIt is not immediately obvious how to rewrite this regular expression to avoid the problem. However, you can mitigate performance issues by limiting the length to 1000 characters, which will always finish in a reasonable amount of time.\n\n```python\n\nif len(str) > 1000:\n    raise ValueError(\"Input too long\")\n\nmatch = re.search(r'^(\\+|-)?(\\d+|(\\d*\\.\\d*))?(E|e)?([-+])?(\\d+)?$', str) \n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Wikipedia: [Time complexity](https://en.wikipedia.org/wiki/Time_complexity).\n* James Kirrage, Asiri Rathnayake, Hayo Thielecke: [Static Analysis for Regular Expression Denial-of-Service Attack](https://arxiv.org/abs/1301.0849).\n* Common Weakness Enumeration: [CWE-1333](https://cwe.mitre.org/data/definitions/1333.html).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-730/PolynomialReDoS.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-1333",
+                    "external/cwe/cwe-400",
+                    "external/cwe/cwe-730",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/redos",
+                "name": "py/redos",
+                "short_description": {
+                  "text": "Inefficient regular expression"
+                },
+                "full_description": {
+                  "text": "A regular expression that requires exponential time to match certain inputs can be a performance bottleneck, and may be vulnerable to denial-of-service attacks."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Inefficient regular expression\nSome regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length *n* is proportional to *n<sup>k</sup>* or even *2<sup>n</sup>*. Such regular expressions can negatively affect performance, or even allow a malicious user to perform a Denial of Service (\"DoS\") attack by crafting an expensive input string for the regular expression to match.\n\nThe regular expression engine provided by Python uses a backtracking non-deterministic finite automata to implement regular expression matching. While this approach is space-efficient and allows supporting advanced features like capture groups, it is not time-efficient in general. The worst-case time complexity of such an automaton can be polynomial or even exponential, meaning that for strings of a certain shape, increasing the input length by ten characters may make the automaton about 1000 times slower.\n\nTypically, a regular expression is affected by this problem if it contains a repetition of the form `r*` or `r+` where the sub-expression `r` is ambiguous in the sense that it can match some string in multiple ways. More information about the precise circumstances can be found in the references.\n\n\n## Recommendation\nModify the regular expression to remove the ambiguity, or ensure that the strings matched with the regular expression are short enough that the time-complexity does not matter.\n\n\n## Example\nConsider this regular expression:\n\n```python\n\n^_(__|.)+_$\n```\nIts sub-expression `\"(__|.)+?\"` can match the string `\"__\"` either by the first alternative `\"__\"` to the left of the `\"|\"` operator, or by two repetitions of the second alternative `\".\"` to the right. Thus, a string consisting of an odd number of underscores followed by some other character will cause the regular expression engine to run for an exponential amount of time before rejecting the input.\n\nThis problem can be avoided by rewriting the regular expression to remove the ambiguity between the two branches of the alternative inside the repetition:\n\n```python\n\n^_(__|[^_])+_$\n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Wikipedia: [Time complexity](https://en.wikipedia.org/wiki/Time_complexity).\n* James Kirrage, Asiri Rathnayake, Hayo Thielecke: [Static Analysis for Regular Expression Denial-of-Service Attack](https://arxiv.org/abs/1301.0849).\n* Common Weakness Enumeration: [CWE-1333](https://cwe.mitre.org/data/definitions/1333.html).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n",
+                  "markdown": "# Inefficient regular expression\nSome regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length *n* is proportional to *n<sup>k</sup>* or even *2<sup>n</sup>*. Such regular expressions can negatively affect performance, or even allow a malicious user to perform a Denial of Service (\"DoS\") attack by crafting an expensive input string for the regular expression to match.\n\nThe regular expression engine provided by Python uses a backtracking non-deterministic finite automata to implement regular expression matching. While this approach is space-efficient and allows supporting advanced features like capture groups, it is not time-efficient in general. The worst-case time complexity of such an automaton can be polynomial or even exponential, meaning that for strings of a certain shape, increasing the input length by ten characters may make the automaton about 1000 times slower.\n\nTypically, a regular expression is affected by this problem if it contains a repetition of the form `r*` or `r+` where the sub-expression `r` is ambiguous in the sense that it can match some string in multiple ways. More information about the precise circumstances can be found in the references.\n\n\n## Recommendation\nModify the regular expression to remove the ambiguity, or ensure that the strings matched with the regular expression are short enough that the time-complexity does not matter.\n\n\n## Example\nConsider this regular expression:\n\n```python\n\n^_(__|.)+_$\n```\nIts sub-expression `\"(__|.)+?\"` can match the string `\"__\"` either by the first alternative `\"__\"` to the left of the `\"|\"` operator, or by two repetitions of the second alternative `\".\"` to the right. Thus, a string consisting of an odd number of underscores followed by some other character will cause the regular expression engine to run for an exponential amount of time before rejecting the input.\n\nThis problem can be avoided by rewriting the regular expression to remove the ambiguity between the two branches of the alternative inside the repetition:\n\n```python\n\n^_(__|[^_])+_$\n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Wikipedia: [Time complexity](https://en.wikipedia.org/wiki/Time_complexity).\n* James Kirrage, Asiri Rathnayake, Hayo Thielecke: [Static Analysis for Regular Expression Denial-of-Service Attack](https://arxiv.org/abs/1301.0849).\n* Common Weakness Enumeration: [CWE-1333](https://cwe.mitre.org/data/definitions/1333.html).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-730/ReDoS.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-1333",
+                    "external/cwe/cwe-400",
+                    "external/cwe/cwe-730",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/reflective-xss",
+                "name": "py/reflective-xss",
+                "short_description": {
+                  "text": "Reflected server-side cross-site scripting"
+                },
+                "full_description": {
+                  "text": "Writing user input directly to a web page allows for a cross-site scripting vulnerability."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Reflected server-side cross-site scripting\nDirectly writing user input (for example, an HTTP request parameter) to a webpage without properly sanitizing the input first, allows for a cross-site scripting vulnerability.\n\n\n## Recommendation\nTo guard against cross-site scripting, consider escaping the input before writing user input to the page. The standard library provides escaping functions: `html.escape()` for Python 3.2 upwards or `cgi.escape()` older versions of Python. Most frameworks also provide their own escaping functions, for example `flask.escape()`.\n\n\n## Example\nThe following example is a minimal flask app which shows a safe and unsafe way to render the given name back to the page. The first view is unsafe as `first_name` is not escaped, leaving the page vulnerable to cross-site scripting attacks. The second view is safe as `first_name` is escaped, so it is not vulnerable to cross-site scripting attacks.\n\n\n```python\nfrom flask import Flask, request, make_response, escape\n\napp = Flask(__name__)\n\n@app.route('/unsafe')\ndef unsafe():\n    first_name = request.args.get('name', '')\n    return make_response(\"Your name is \" + first_name)\n\n@app.route('/safe')\ndef safe():\n    first_name = request.args.get('name', '')\n    return make_response(\"Your name is \" + escape(first_name))\n\n```\n\n## References\n* OWASP: [XSS (Cross Site Scripting) Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html).\n* Wikipedia: [Cross-site scripting](http://en.wikipedia.org/wiki/Cross-site_scripting).\n* Python Library Reference: [html.escape()](https://docs.python.org/3/library/html.html#html.escape).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n",
+                  "markdown": "# Reflected server-side cross-site scripting\nDirectly writing user input (for example, an HTTP request parameter) to a webpage without properly sanitizing the input first, allows for a cross-site scripting vulnerability.\n\n\n## Recommendation\nTo guard against cross-site scripting, consider escaping the input before writing user input to the page. The standard library provides escaping functions: `html.escape()` for Python 3.2 upwards or `cgi.escape()` older versions of Python. Most frameworks also provide their own escaping functions, for example `flask.escape()`.\n\n\n## Example\nThe following example is a minimal flask app which shows a safe and unsafe way to render the given name back to the page. The first view is unsafe as `first_name` is not escaped, leaving the page vulnerable to cross-site scripting attacks. The second view is safe as `first_name` is escaped, so it is not vulnerable to cross-site scripting attacks.\n\n\n```python\nfrom flask import Flask, request, make_response, escape\n\napp = Flask(__name__)\n\n@app.route('/unsafe')\ndef unsafe():\n    first_name = request.args.get('name', '')\n    return make_response(\"Your name is \" + first_name)\n\n@app.route('/safe')\ndef safe():\n    first_name = request.args.get('name', '')\n    return make_response(\"Your name is \" + escape(first_name))\n\n```\n\n## References\n* OWASP: [XSS (Cross Site Scripting) Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html).\n* Wikipedia: [Cross-site scripting](http://en.wikipedia.org/wiki/Cross-site_scripting).\n* Python Library Reference: [html.escape()](https://docs.python.org/3/library/html.html#html.escape).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n* Common Weakness Enumeration: [CWE-116](https://cwe.mitre.org/data/definitions/116.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-079/ReflectedXss.ql",
+                  "security-severity": "6.1",
+                  "tags": [
+                    "external/cwe/cwe-079",
+                    "external/cwe/cwe-116",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/regex-injection",
+                "name": "py/regex-injection",
+                "short_description": {
+                  "text": "Regular expression injection"
+                },
+                "full_description": {
+                  "text": "User input should not be used in regular expressions without first being escaped, otherwise a malicious user may be able to inject an expression that could require exponential time on certain inputs."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Regular expression injection\nConstructing a regular expression with unsanitized user input is dangerous as a malicious user may be able to modify the meaning of the expression. In particular, such a user may be able to provide a regular expression fragment that takes exponential time in the worst case, and use that to perform a Denial of Service attack.\n\n\n## Recommendation\nBefore embedding user input into a regular expression, use a sanitization function such as `re.escape` to escape meta-characters that have a special meaning regarding regular expressions' syntax.\n\n\n## Example\nThe following examples are based on a simple Flask web server environment.\n\nThe following example shows a HTTP request parameter that is used to construct a regular expression without sanitizing it first:\n\n\n```python\nfrom flask import request, Flask\nimport re\n\n\n@app.route(\"/direct\")\ndef direct():\n    unsafe_pattern = request.args[\"pattern\"]\n    re.search(unsafe_pattern, \"\")\n\n\n@app.route(\"/compile\")\ndef compile():\n    unsafe_pattern = request.args[\"pattern\"]\n    compiled_pattern = re.compile(unsafe_pattern)\n    compiled_pattern.search(\"\")\n\n```\nInstead, the request parameter should be sanitized first, for example using the function `re.escape`. This ensures that the user cannot insert characters which have a special meaning in regular expressions.\n\n\n```python\nfrom flask import request, Flask\nimport re\n\n\n@app.route(\"/direct\")\ndef direct():\n    unsafe_pattern = request.args['pattern']\n    safe_pattern = re.escape(unsafe_pattern)\n    re.search(safe_pattern, \"\")\n\n\n@app.route(\"/compile\")\ndef compile():\n    unsafe_pattern = request.args['pattern']\n    safe_pattern = re.escape(unsafe_pattern)\n    compiled_pattern = re.compile(safe_pattern)\n    compiled_pattern.search(\"\")\n\n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Python docs: [re](https://docs.python.org/3/library/re.html).\n* SonarSource: [RSPEC-2631](https://rules.sonarsource.com/python/type/Vulnerability/RSPEC-2631).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n",
+                  "markdown": "# Regular expression injection\nConstructing a regular expression with unsanitized user input is dangerous as a malicious user may be able to modify the meaning of the expression. In particular, such a user may be able to provide a regular expression fragment that takes exponential time in the worst case, and use that to perform a Denial of Service attack.\n\n\n## Recommendation\nBefore embedding user input into a regular expression, use a sanitization function such as `re.escape` to escape meta-characters that have a special meaning regarding regular expressions' syntax.\n\n\n## Example\nThe following examples are based on a simple Flask web server environment.\n\nThe following example shows a HTTP request parameter that is used to construct a regular expression without sanitizing it first:\n\n\n```python\nfrom flask import request, Flask\nimport re\n\n\n@app.route(\"/direct\")\ndef direct():\n    unsafe_pattern = request.args[\"pattern\"]\n    re.search(unsafe_pattern, \"\")\n\n\n@app.route(\"/compile\")\ndef compile():\n    unsafe_pattern = request.args[\"pattern\"]\n    compiled_pattern = re.compile(unsafe_pattern)\n    compiled_pattern.search(\"\")\n\n```\nInstead, the request parameter should be sanitized first, for example using the function `re.escape`. This ensures that the user cannot insert characters which have a special meaning in regular expressions.\n\n\n```python\nfrom flask import request, Flask\nimport re\n\n\n@app.route(\"/direct\")\ndef direct():\n    unsafe_pattern = request.args['pattern']\n    safe_pattern = re.escape(unsafe_pattern)\n    re.search(safe_pattern, \"\")\n\n\n@app.route(\"/compile\")\ndef compile():\n    unsafe_pattern = request.args['pattern']\n    safe_pattern = re.escape(unsafe_pattern)\n    compiled_pattern = re.compile(safe_pattern)\n    compiled_pattern.search(\"\")\n\n```\n\n## References\n* OWASP: [Regular expression Denial of Service - ReDoS](https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS).\n* Wikipedia: [ReDoS](https://en.wikipedia.org/wiki/ReDoS).\n* Python docs: [re](https://docs.python.org/3/library/re.html).\n* SonarSource: [RSPEC-2631](https://rules.sonarsource.com/python/type/Vulnerability/RSPEC-2631).\n* Common Weakness Enumeration: [CWE-730](https://cwe.mitre.org/data/definitions/730.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-730/RegexInjection.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-400",
+                    "external/cwe/cwe-730",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/sql-injection",
+                "name": "py/sql-injection",
+                "short_description": {
+                  "text": "SQL query built from user-controlled sources"
+                },
+                "full_description": {
+                  "text": "Building a SQL query from user-controlled sources is vulnerable to insertion of malicious SQL code by the user."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# SQL query built from user-controlled sources\nIf a database query (such as a SQL or NoSQL query) is built from user-provided data without sufficient sanitization, a user may be able to run malicious database queries.\n\nThis also includes using the `TextClause` class in the `[SQLAlchemy](https://pypi.org/project/SQLAlchemy/)` PyPI package, which is used to represent a literal SQL fragment and is inserted directly into the final SQL when used in a query built using the ORM.\n\n\n## Recommendation\nMost database connector libraries offer a way of safely embedding untrusted data into a query by means of query parameters or prepared statements.\n\n\n## Example\nIn the following snippet, a user is fetched from the database using three different queries.\n\nIn the first case, the query string is built by directly using string formatting from a user-supplied request parameter. The parameter may include quote characters, so this code is vulnerable to a SQL injection attack.\n\nIn the second case, the user-supplied request attribute is passed to the database using query parameters. The database connector library will take care of escaping and inserting quotes as needed.\n\nIn the third case, the placeholder in the SQL string has been manually quoted. Since most databaseconnector libraries will insert their own quotes, doing so yourself will make the code vulnerable to SQL injection attacks. In this example, if `username` was `; DROP ALL TABLES -- `, the final SQL query would be `SELECT * FROM users WHERE username = ''; DROP ALL TABLES -- ''`\n\n\n```python\nfrom django.conf.urls import url\nfrom django.db import connection\n\n\ndef show_user(request, username):\n    with connection.cursor() as cursor:\n        # BAD -- Using string formatting\n        cursor.execute(\"SELECT * FROM users WHERE username = '%s'\" % username)\n        user = cursor.fetchone()\n\n        # GOOD -- Using parameters\n        cursor.execute(\"SELECT * FROM users WHERE username = %s\", username)\n        user = cursor.fetchone()\n\n        # BAD -- Manually quoting placeholder (%s)\n        cursor.execute(\"SELECT * FROM users WHERE username = '%s'\", username)\n        user = cursor.fetchone()\n\nurlpatterns = [url(r'^users/(?P<username>[^/]+)$', show_user)]\n\n```\n\n## References\n* Wikipedia: [SQL injection](https://en.wikipedia.org/wiki/SQL_injection).\n* OWASP: [SQL Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html).\n* [SQLAlchemy documentation for TextClause](https://docs.sqlalchemy.org/en/14/core/sqlelement.html#sqlalchemy.sql.expression.text.params.text).\n* Common Weakness Enumeration: [CWE-89](https://cwe.mitre.org/data/definitions/89.html).\n",
+                  "markdown": "# SQL query built from user-controlled sources\nIf a database query (such as a SQL or NoSQL query) is built from user-provided data without sufficient sanitization, a user may be able to run malicious database queries.\n\nThis also includes using the `TextClause` class in the `[SQLAlchemy](https://pypi.org/project/SQLAlchemy/)` PyPI package, which is used to represent a literal SQL fragment and is inserted directly into the final SQL when used in a query built using the ORM.\n\n\n## Recommendation\nMost database connector libraries offer a way of safely embedding untrusted data into a query by means of query parameters or prepared statements.\n\n\n## Example\nIn the following snippet, a user is fetched from the database using three different queries.\n\nIn the first case, the query string is built by directly using string formatting from a user-supplied request parameter. The parameter may include quote characters, so this code is vulnerable to a SQL injection attack.\n\nIn the second case, the user-supplied request attribute is passed to the database using query parameters. The database connector library will take care of escaping and inserting quotes as needed.\n\nIn the third case, the placeholder in the SQL string has been manually quoted. Since most databaseconnector libraries will insert their own quotes, doing so yourself will make the code vulnerable to SQL injection attacks. In this example, if `username` was `; DROP ALL TABLES -- `, the final SQL query would be `SELECT * FROM users WHERE username = ''; DROP ALL TABLES -- ''`\n\n\n```python\nfrom django.conf.urls import url\nfrom django.db import connection\n\n\ndef show_user(request, username):\n    with connection.cursor() as cursor:\n        # BAD -- Using string formatting\n        cursor.execute(\"SELECT * FROM users WHERE username = '%s'\" % username)\n        user = cursor.fetchone()\n\n        # GOOD -- Using parameters\n        cursor.execute(\"SELECT * FROM users WHERE username = %s\", username)\n        user = cursor.fetchone()\n\n        # BAD -- Manually quoting placeholder (%s)\n        cursor.execute(\"SELECT * FROM users WHERE username = '%s'\", username)\n        user = cursor.fetchone()\n\nurlpatterns = [url(r'^users/(?P<username>[^/]+)$', show_user)]\n\n```\n\n## References\n* Wikipedia: [SQL injection](https://en.wikipedia.org/wiki/SQL_injection).\n* OWASP: [SQL Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html).\n* [SQLAlchemy documentation for TextClause](https://docs.sqlalchemy.org/en/14/core/sqlelement.html#sqlalchemy.sql.expression.text.params.text).\n* Common Weakness Enumeration: [CWE-89](https://cwe.mitre.org/data/definitions/89.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-089/SqlInjection.ql",
+                  "security-severity": "8.8",
+                  "tags": [
+                    "external/cwe/cwe-089",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/stack-trace-exposure",
+                "name": "py/stack-trace-exposure",
+                "short_description": {
+                  "text": "Information exposure through an exception"
+                },
+                "full_description": {
+                  "text": "Leaking information about an exception, such as messages and stack traces, to an external user can expose implementation details that are useful to an attacker for developing a subsequent exploit."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Information exposure through an exception\nSoftware developers often add stack traces to error messages, as a debugging aid. Whenever that error message occurs for an end user, the developer can use the stack trace to help identify how to fix the problem. In particular, stack traces can tell the developer more about the sequence of events that led to a failure, as opposed to merely the final state of the software when the error occurred.\n\nUnfortunately, the same information can be useful to an attacker. The sequence of class names in a stack trace can reveal the structure of the application as well as any internal components it relies on. Furthermore, the error message at the top of a stack trace can include information such as server-side file names and SQL code that the application relies on, allowing an attacker to fine-tune a subsequent injection attack.\n\n\n## Recommendation\nSend the user a more generic error message that reveals less information. Either suppress the stack trace entirely, or log it only on the server.\n\n\n## Example\nIn the following example, an exception is handled in two different ways. In the first version, labeled BAD, the exception is sent back to the remote user by returning it from the function. As such, the user is able to see a detailed stack trace, which may contain sensitive information. In the second version, the error message is logged only on the server, and a generic error message is displayed to the user. That way, the developers can still access and use the error log, but remote users will not see the information.\n\n\n```python\nfrom flask import Flask\napp = Flask(__name__)\n\n\nimport traceback\n\ndef do_computation():\n    raise Exception(\"Secret info\")\n\n# BAD\n@app.route('/bad')\ndef server_bad():\n    try:\n        do_computation()\n    except Exception as e:\n        return traceback.format_exc()\n\n# GOOD\n@app.route('/good')\ndef server_good():\n    try:\n        do_computation()\n    except Exception as e:\n        log(traceback.format_exc())\n        return \"An internal error has occurred!\"\n\n```\n\n## References\n* OWASP: [Improper Error Handling](https://owasp.org/www-community/Improper_Error_Handling).\n* Common Weakness Enumeration: [CWE-209](https://cwe.mitre.org/data/definitions/209.html).\n* Common Weakness Enumeration: [CWE-497](https://cwe.mitre.org/data/definitions/497.html).\n",
+                  "markdown": "# Information exposure through an exception\nSoftware developers often add stack traces to error messages, as a debugging aid. Whenever that error message occurs for an end user, the developer can use the stack trace to help identify how to fix the problem. In particular, stack traces can tell the developer more about the sequence of events that led to a failure, as opposed to merely the final state of the software when the error occurred.\n\nUnfortunately, the same information can be useful to an attacker. The sequence of class names in a stack trace can reveal the structure of the application as well as any internal components it relies on. Furthermore, the error message at the top of a stack trace can include information such as server-side file names and SQL code that the application relies on, allowing an attacker to fine-tune a subsequent injection attack.\n\n\n## Recommendation\nSend the user a more generic error message that reveals less information. Either suppress the stack trace entirely, or log it only on the server.\n\n\n## Example\nIn the following example, an exception is handled in two different ways. In the first version, labeled BAD, the exception is sent back to the remote user by returning it from the function. As such, the user is able to see a detailed stack trace, which may contain sensitive information. In the second version, the error message is logged only on the server, and a generic error message is displayed to the user. That way, the developers can still access and use the error log, but remote users will not see the information.\n\n\n```python\nfrom flask import Flask\napp = Flask(__name__)\n\n\nimport traceback\n\ndef do_computation():\n    raise Exception(\"Secret info\")\n\n# BAD\n@app.route('/bad')\ndef server_bad():\n    try:\n        do_computation()\n    except Exception as e:\n        return traceback.format_exc()\n\n# GOOD\n@app.route('/good')\ndef server_good():\n    try:\n        do_computation()\n    except Exception as e:\n        log(traceback.format_exc())\n        return \"An internal error has occurred!\"\n\n```\n\n## References\n* OWASP: [Improper Error Handling](https://owasp.org/www-community/Improper_Error_Handling).\n* Common Weakness Enumeration: [CWE-209](https://cwe.mitre.org/data/definitions/209.html).\n* Common Weakness Enumeration: [CWE-497](https://cwe.mitre.org/data/definitions/497.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-209/StackTraceExposure.ql",
+                  "security-severity": "5.4",
+                  "tags": [
+                    "external/cwe/cwe-209",
+                    "external/cwe/cwe-497",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/summary/lines-of-code",
+                "name": "py/summary/lines-of-code",
+                "short_description": {
+                  "text": "Total lines of Python code in the database"
+                },
+                "full_description": {
+                  "text": "The total number of lines of Python code across all files, including external libraries and auto-generated files. This is a useful metric of the size of a database. This query counts the lines of code, excluding whitespace or comments."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "properties": {
+                  "tags": [
+                    "summary",
+                    "telemetry"
+                  ]
+                }
+              },
+              {
+                "id": "py/summary/lines-of-user-code",
+                "name": "py/summary/lines-of-user-code",
+                "short_description": {
+                  "text": "Total lines of user written Python code in the database"
+                },
+                "full_description": {
+                  "text": "The total number of lines of Python code from the source code directory, excluding auto-generated files. This query counts the lines of code, excluding whitespace or comments. Note: If external libraries are included in the codebase either in a checked-in virtual environment or as vendored code, that will currently be counted as user written code."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "properties": {
+                  "tags": [
+                    "debug",
+                    "lines-of-code",
+                    "summary"
+                  ]
+                }
+              },
+              {
+                "id": "py/unsafe-deserialization",
+                "name": "py/unsafe-deserialization",
+                "short_description": {
+                  "text": "Deserialization of user-controlled data"
+                },
+                "full_description": {
+                  "text": "Deserializing user-controlled data may allow attackers to execute arbitrary code."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Deserialization of user-controlled data\nDeserializing untrusted data using any deserialization framework that allows the construction of arbitrary serializable objects is easily exploitable and in many cases allows an attacker to execute arbitrary code. Even before a deserialized object is returned to the caller of a deserialization method a lot of code may have been executed, including static initializers, constructors, and finalizers. Automatic deserialization of fields means that an attacker may craft a nested combination of objects on which the executed initialization code may have unforeseen effects, such as the execution of arbitrary code.\n\nThere are many different serialization frameworks. This query currently supports Pickle, Marshal and Yaml.\n\n\n## Recommendation\nAvoid deserialization of untrusted data if at all possible. If the architecture permits it then use other formats instead of serialized objects, for example JSON.\n\nIf you need to use YAML, use the `yaml.safe_load` function.\n\n\n## Example\nThe following example calls `pickle.loads` directly on a value provided by an incoming HTTP request. Pickle then creates a new value from untrusted data, and is therefore inherently unsafe.\n\n\n```python\n\nfrom django.conf.urls import url\nimport pickle\n\ndef unsafe(pickled):\n    return pickle.loads(pickled)\n\nurlpatterns = [\n    url(r'^(?P<object>.*)$', unsafe)\n]\n```\nChanging the code to use `json.loads` instead of `pickle.loads` removes the vulnerability.\n\n\n```python\n\nfrom django.conf.urls import url\nimport json\n\ndef safe(pickled):\n    return json.loads(pickled)\n\nurlpatterns = [\n    url(r'^(?P<object>.*)$', safe)\n]\n\n```\n\n## References\n* OWASP vulnerability description: [Deserialization of untrusted data](https://www.owasp.org/index.php/Deserialization_of_untrusted_data).\n* OWASP guidance on deserializing objects: [Deserialization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html).\n* Talks by Chris Frohoff &amp; Gabriel Lawrence: [ AppSecCali 2015: Marshalling Pickles - how deserializing objects will ruin your day](http://frohoff.github.io/appseccali-marshalling-pickles/)\n* Common Weakness Enumeration: [CWE-502](https://cwe.mitre.org/data/definitions/502.html).\n",
+                  "markdown": "# Deserialization of user-controlled data\nDeserializing untrusted data using any deserialization framework that allows the construction of arbitrary serializable objects is easily exploitable and in many cases allows an attacker to execute arbitrary code. Even before a deserialized object is returned to the caller of a deserialization method a lot of code may have been executed, including static initializers, constructors, and finalizers. Automatic deserialization of fields means that an attacker may craft a nested combination of objects on which the executed initialization code may have unforeseen effects, such as the execution of arbitrary code.\n\nThere are many different serialization frameworks. This query currently supports Pickle, Marshal and Yaml.\n\n\n## Recommendation\nAvoid deserialization of untrusted data if at all possible. If the architecture permits it then use other formats instead of serialized objects, for example JSON.\n\nIf you need to use YAML, use the `yaml.safe_load` function.\n\n\n## Example\nThe following example calls `pickle.loads` directly on a value provided by an incoming HTTP request. Pickle then creates a new value from untrusted data, and is therefore inherently unsafe.\n\n\n```python\n\nfrom django.conf.urls import url\nimport pickle\n\ndef unsafe(pickled):\n    return pickle.loads(pickled)\n\nurlpatterns = [\n    url(r'^(?P<object>.*)$', unsafe)\n]\n```\nChanging the code to use `json.loads` instead of `pickle.loads` removes the vulnerability.\n\n\n```python\n\nfrom django.conf.urls import url\nimport json\n\ndef safe(pickled):\n    return json.loads(pickled)\n\nurlpatterns = [\n    url(r'^(?P<object>.*)$', safe)\n]\n\n```\n\n## References\n* OWASP vulnerability description: [Deserialization of untrusted data](https://www.owasp.org/index.php/Deserialization_of_untrusted_data).\n* OWASP guidance on deserializing objects: [Deserialization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html).\n* Talks by Chris Frohoff &amp; Gabriel Lawrence: [ AppSecCali 2015: Marshalling Pickles - how deserializing objects will ruin your day](http://frohoff.github.io/appseccali-marshalling-pickles/)\n* Common Weakness Enumeration: [CWE-502](https://cwe.mitre.org/data/definitions/502.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-502/UnsafeDeserialization.ql",
+                  "security-severity": "9.8",
+                  "tags": [
+                    "external/cwe/cwe-502",
+                    "security",
+                    "serialization"
+                  ]
+                }
+              },
+              {
+                "id": "py/url-redirection",
+                "name": "py/url-redirection",
+                "short_description": {
+                  "text": "URL redirection from remote source"
+                },
+                "full_description": {
+                  "text": "URL redirection based on unvalidated user input may cause redirection to malicious web sites."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# URL redirection from remote source\nDirectly incorporating user input into a URL redirect request without validating the input can facilitate phishing attacks. In these attacks, unsuspecting users can be redirected to a malicious site that looks very similar to the real site they intend to visit, but which is controlled by the attacker.\n\n\n## Recommendation\nTo guard against untrusted URL redirection, it is advisable to avoid putting user input directly into a redirect URL. Instead, maintain a list of authorized redirects on the server; then choose from that list based on the user input provided.\n\nIf this is not possible, then the user input should be validated in some other way, for example, by verifying that the target URL does not include an explicit host name.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly in a URL redirect without validating the input, which facilitates phishing attacks:\n\n\n```python\nfrom flask import Flask, request, redirect\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    return redirect(target, code=302)\n\n```\nIf you know the set of valid redirect targets, you can maintain a list of them on the server and check that the user input is in that list:\n\n\n```python\nfrom flask import Flask, request, redirect\n\nVALID_REDIRECT = \"http://cwe.mitre.org/data/definitions/601.html\"\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    if target == VALID_REDIRECT:\n        return redirect(target, code=302)\n    else:\n        # ignore the target and redirect to the home page\n        return redirect('/', code=302)\n\n```\nOften this is not possible, so an alternative is to check that the target URL does not specify an explicit host name. For example, you can use the `urlparse` function from the Python standard library to parse the URL and check that the `netloc` attribute is empty.\n\nNote, however, that some cases are not handled as we desire out-of-the-box by `urlparse`, so we need to adjust two things, as shown in the example below:\n\n* Many browsers accept backslash characters (`\\`) as equivalent to forward slash characters (`/`) in URLs, but the `urlparse` function does not.\n* Mistyped URLs such as `https:/example.com` or `https:///example.com` are parsed as having an empty `netloc` attribute, while browsers will still redirect to the correct site.\n\n```python\nfrom flask import Flask, request, redirect\nfrom urllib.parse import urlparse\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    target = target.replace('\\\\', '')\n    if not urlparse(target).netloc and not urlparse(target).scheme:\n        # relative path, safe to redirect\n        return redirect(target, code=302)\n    # ignore the target and redirect to the home page\n    return redirect('/', code=302)\n\n```\nFor Django application, you can use the function `url_has_allowed_host_and_scheme` to check that a URL is safe to redirect to, as shown in the following example:\n\n\n```python\nfrom django.http import HttpResponseRedirect\nfrom django.shortcuts import redirect\nfrom django.utils.http import url_has_allowed_host_and_scheme\nfrom django.views import View\n\nclass RedirectView(View):\n    def get(self, request, *args, **kwargs):\n        target = request.GET.get('target', '')\n        if url_has_allowed_host_and_scheme(target, allowed_hosts=None):\n            return HttpResponseRedirect(target)\n        else:\n            # ignore the target and redirect to the home page\n            return redirect('/')\n```\nNote that `url_has_allowed_host_and_scheme` handles backslashes correctly, so no additional processing is required.\n\n\n## References\n* OWASP: [ XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Python standard library: [ urllib.parse](https://docs.python.org/3/library/urllib.parse.html).\n* Common Weakness Enumeration: [CWE-601](https://cwe.mitre.org/data/definitions/601.html).\n",
+                  "markdown": "# URL redirection from remote source\nDirectly incorporating user input into a URL redirect request without validating the input can facilitate phishing attacks. In these attacks, unsuspecting users can be redirected to a malicious site that looks very similar to the real site they intend to visit, but which is controlled by the attacker.\n\n\n## Recommendation\nTo guard against untrusted URL redirection, it is advisable to avoid putting user input directly into a redirect URL. Instead, maintain a list of authorized redirects on the server; then choose from that list based on the user input provided.\n\nIf this is not possible, then the user input should be validated in some other way, for example, by verifying that the target URL does not include an explicit host name.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly in a URL redirect without validating the input, which facilitates phishing attacks:\n\n\n```python\nfrom flask import Flask, request, redirect\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    return redirect(target, code=302)\n\n```\nIf you know the set of valid redirect targets, you can maintain a list of them on the server and check that the user input is in that list:\n\n\n```python\nfrom flask import Flask, request, redirect\n\nVALID_REDIRECT = \"http://cwe.mitre.org/data/definitions/601.html\"\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    if target == VALID_REDIRECT:\n        return redirect(target, code=302)\n    else:\n        # ignore the target and redirect to the home page\n        return redirect('/', code=302)\n\n```\nOften this is not possible, so an alternative is to check that the target URL does not specify an explicit host name. For example, you can use the `urlparse` function from the Python standard library to parse the URL and check that the `netloc` attribute is empty.\n\nNote, however, that some cases are not handled as we desire out-of-the-box by `urlparse`, so we need to adjust two things, as shown in the example below:\n\n* Many browsers accept backslash characters (`\\`) as equivalent to forward slash characters (`/`) in URLs, but the `urlparse` function does not.\n* Mistyped URLs such as `https:/example.com` or `https:///example.com` are parsed as having an empty `netloc` attribute, while browsers will still redirect to the correct site.\n\n```python\nfrom flask import Flask, request, redirect\nfrom urllib.parse import urlparse\n\napp = Flask(__name__)\n\n@app.route('/')\ndef hello():\n    target = request.args.get('target', '')\n    target = target.replace('\\\\', '')\n    if not urlparse(target).netloc and not urlparse(target).scheme:\n        # relative path, safe to redirect\n        return redirect(target, code=302)\n    # ignore the target and redirect to the home page\n    return redirect('/', code=302)\n\n```\nFor Django application, you can use the function `url_has_allowed_host_and_scheme` to check that a URL is safe to redirect to, as shown in the following example:\n\n\n```python\nfrom django.http import HttpResponseRedirect\nfrom django.shortcuts import redirect\nfrom django.utils.http import url_has_allowed_host_and_scheme\nfrom django.views import View\n\nclass RedirectView(View):\n    def get(self, request, *args, **kwargs):\n        target = request.GET.get('target', '')\n        if url_has_allowed_host_and_scheme(target, allowed_hosts=None):\n            return HttpResponseRedirect(target)\n        else:\n            # ignore the target and redirect to the home page\n            return redirect('/')\n```\nNote that `url_has_allowed_host_and_scheme` handles backslashes correctly, so no additional processing is required.\n\n\n## References\n* OWASP: [ XSS Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html).\n* Python standard library: [ urllib.parse](https://docs.python.org/3/library/urllib.parse.html).\n* Common Weakness Enumeration: [CWE-601](https://cwe.mitre.org/data/definitions/601.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-601/UrlRedirect.ql",
+                  "security-severity": "6.1",
+                  "tags": [
+                    "external/cwe/cwe-601",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/use-of-input",
+                "name": "py/use-of-input",
+                "short_description": {
+                  "text": "'input' function used in Python 2"
+                },
+                "full_description": {
+                  "text": "The built-in function 'input' is used which, in Python 2, can allow arbitrary code to be run."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# 'input' function used in Python 2\nIn Python 2, a call to the `input()` function, `input(prompt)` is equivalent to `eval(raw_input(prompt))`. Evaluating user input without any checking can be a serious security flaw.\n\n\n## Recommendation\nGet user input with `raw_input(prompt)` and then validate that input before evaluating. If the expected input is a number or string, then `ast.literal_eval()` can always be used safely.\n\n\n## References\n* Python Standard Library: [input](http://docs.python.org/2/library/functions.html#input), [ast.literal_eval](http://docs.python.org/2/library/ast.html#ast.literal_eval).\n* Wikipedia: [Data validation](http://en.wikipedia.org/wiki/Data_validation).\n",
+                  "markdown": "# 'input' function used in Python 2\nIn Python 2, a call to the `input()` function, `input(prompt)` is equivalent to `eval(raw_input(prompt))`. Evaluating user input without any checking can be a serious security flaw.\n\n\n## Recommendation\nGet user input with `raw_input(prompt)` and then validate that input before evaluating. If the expected input is a number or string, then `ast.literal_eval()` can always be used safely.\n\n\n## References\n* Python Standard Library: [input](http://docs.python.org/2/library/functions.html#input), [ast.literal_eval](http://docs.python.org/2/library/ast.html#ast.literal_eval).\n* Wikipedia: [Data validation](http://en.wikipedia.org/wiki/Data_validation).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Expressions/UseofInput.ql",
+                  "security-severity": "9.8",
+                  "tags": [
+                    "correctness",
+                    "security",
+                    "security/cwe/cwe-94",
+                    "security/cwe/cwe-95"
+                  ]
+                }
+              },
+              {
+                "id": "py/weak-crypto-key",
+                "name": "py/weak-crypto-key",
+                "short_description": {
+                  "text": "Use of weak cryptographic key"
+                },
+                "full_description": {
+                  "text": "Use of a cryptographic key that is too small may allow the encryption to be broken."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Use of weak cryptographic key\nModern encryption relies on it being computationally infeasible to break the cipher and decode a message without the key. As computational power increases, the ability to break ciphers grows and keys need to become larger.\n\nThe three main asymmetric key algorithms currently in use are Rivest–Shamir–Adleman (RSA) cryptography, Digital Signature Algorithm (DSA), and Elliptic-curve cryptography (ECC). With current technology, key sizes of 2048 bits for RSA and DSA, or 256 bits for ECC, are regarded as unbreakable.\n\n\n## Recommendation\nIncrease the key size to the recommended amount or larger. For RSA or DSA this is at least 2048 bits, for ECC this is at least 256 bits.\n\n\n## References\n* Wikipedia: [Digital Signature Algorithm](https://en.wikipedia.org/wiki/Digital_Signature_Algorithm).\n* Wikipedia: [RSA cryptosystem](https://en.wikipedia.org/wiki/RSA_(cryptosystem)).\n* Wikipedia: [Elliptic-curve cryptography](https://en.wikipedia.org/wiki/Elliptic-curve_cryptography).\n* Python cryptography module: [cryptography.io](https://cryptography.io/en/latest/).\n* NIST: [ Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* Common Weakness Enumeration: [CWE-326](https://cwe.mitre.org/data/definitions/326.html).\n",
+                  "markdown": "# Use of weak cryptographic key\nModern encryption relies on it being computationally infeasible to break the cipher and decode a message without the key. As computational power increases, the ability to break ciphers grows and keys need to become larger.\n\nThe three main asymmetric key algorithms currently in use are Rivest–Shamir–Adleman (RSA) cryptography, Digital Signature Algorithm (DSA), and Elliptic-curve cryptography (ECC). With current technology, key sizes of 2048 bits for RSA and DSA, or 256 bits for ECC, are regarded as unbreakable.\n\n\n## Recommendation\nIncrease the key size to the recommended amount or larger. For RSA or DSA this is at least 2048 bits, for ECC this is at least 256 bits.\n\n\n## References\n* Wikipedia: [Digital Signature Algorithm](https://en.wikipedia.org/wiki/Digital_Signature_Algorithm).\n* Wikipedia: [RSA cryptosystem](https://en.wikipedia.org/wiki/RSA_(cryptosystem)).\n* Wikipedia: [Elliptic-curve cryptography](https://en.wikipedia.org/wiki/Elliptic-curve_cryptography).\n* Python cryptography module: [cryptography.io](https://cryptography.io/en/latest/).\n* NIST: [ Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* Common Weakness Enumeration: [CWE-326](https://cwe.mitre.org/data/definitions/326.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-326/WeakCryptoKey.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-326",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/weak-cryptographic-algorithm",
+                "name": "py/weak-cryptographic-algorithm",
+                "short_description": {
+                  "text": "Use of a broken or weak cryptographic algorithm"
+                },
+                "full_description": {
+                  "text": "Using broken or weak cryptographic algorithms can compromise security."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Use of a broken or weak cryptographic algorithm\nUsing broken or weak cryptographic algorithms can leave data vulnerable to being decrypted or forged by an attacker.\n\nMany cryptographic algorithms provided by cryptography libraries are known to be weak, or flawed. Using such an algorithm means that encrypted or hashed data is less secure than it appears to be.\n\nThis query alerts on any use of a weak cryptographic algorithm, that is not a hashing algorithm. Use of broken or weak cryptographic hash functions are handled by the `py/weak-sensitive-data-hashing` query.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic algorithm, such as AES-128 or RSA-2048.\n\n\n## Example\nThe following code uses the `pycryptodome` library to encrypt some secret data. When you create a cipher using `pycryptodome` you must specify the encryption algorithm to use. The first example uses DES, which is an older algorithm that is now considered weak. The second example uses AES, which is a stronger modern algorithm.\n\n\n```python\nfrom Crypto.Cipher import DES, AES\n\ncipher = DES.new(SECRET_KEY)\n\ndef send_encrypted(channel, message):\n    channel.send(cipher.encrypt(message)) # BAD: weak encryption\n\n\ncipher = AES.new(SECRET_KEY)\n\ndef send_encrypted(channel, message):\n    channel.send(cipher.encrypt(message)) # GOOD: strong encryption\n\n\n```\nNOTICE: the original `[pycrypto](https://pypi.org/project/pycrypto/)` PyPI package that provided the `Crypto` module is not longer actively maintained, so you should use the `[pycryptodome](https://pypi.org/project/pycryptodome/)` PyPI package instead (which has a compatible API).\n\n\n## References\n* NIST, FIPS 140 Annex a: [ Approved Security Functions](http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf).\n* NIST, SP 800-131A: [ Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* OWASP: [Rule - Use strong approved cryptographic algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#rule---use-strong-approved-authenticated-encryption).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n",
+                  "markdown": "# Use of a broken or weak cryptographic algorithm\nUsing broken or weak cryptographic algorithms can leave data vulnerable to being decrypted or forged by an attacker.\n\nMany cryptographic algorithms provided by cryptography libraries are known to be weak, or flawed. Using such an algorithm means that encrypted or hashed data is less secure than it appears to be.\n\nThis query alerts on any use of a weak cryptographic algorithm, that is not a hashing algorithm. Use of broken or weak cryptographic hash functions are handled by the `py/weak-sensitive-data-hashing` query.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic algorithm, such as AES-128 or RSA-2048.\n\n\n## Example\nThe following code uses the `pycryptodome` library to encrypt some secret data. When you create a cipher using `pycryptodome` you must specify the encryption algorithm to use. The first example uses DES, which is an older algorithm that is now considered weak. The second example uses AES, which is a stronger modern algorithm.\n\n\n```python\nfrom Crypto.Cipher import DES, AES\n\ncipher = DES.new(SECRET_KEY)\n\ndef send_encrypted(channel, message):\n    channel.send(cipher.encrypt(message)) # BAD: weak encryption\n\n\ncipher = AES.new(SECRET_KEY)\n\ndef send_encrypted(channel, message):\n    channel.send(cipher.encrypt(message)) # GOOD: strong encryption\n\n\n```\nNOTICE: the original `[pycrypto](https://pypi.org/project/pycrypto/)` PyPI package that provided the `Crypto` module is not longer actively maintained, so you should use the `[pycryptodome](https://pypi.org/project/pycryptodome/)` PyPI package instead (which has a compatible API).\n\n\n## References\n* NIST, FIPS 140 Annex a: [ Approved Security Functions](http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf).\n* NIST, SP 800-131A: [ Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* OWASP: [Rule - Use strong approved cryptographic algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#rule---use-strong-approved-authenticated-encryption).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-327",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/weak-sensitive-data-hashing",
+                "name": "py/weak-sensitive-data-hashing",
+                "short_description": {
+                  "text": "Use of a broken or weak cryptographic hashing algorithm on sensitive data"
+                },
+                "full_description": {
+                  "text": "Using broken or weak cryptographic hashing algorithms can compromise security."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Use of a broken or weak cryptographic hashing algorithm on sensitive data\nUsing a broken or weak cryptographic hash function can leave data vulnerable, and should not be used in security related code.\n\nA strong cryptographic hash function should be resistant to:\n\n* pre-image attacks: if you know a hash value `h(x)`, you should not be able to easily find the input `x`.\n* collision attacks: if you know a hash value `h(x)`, you should not be able to easily find a different input `y` with the same hash value `h(x) = h(y)`.\nIn cases with a limited input space, such as for passwords, the hash function also needs to be computationally expensive to be resistant to brute-force attacks. Passwords should also have an unique salt applied before hashing, but that is not considered by this query.\n\nAs an example, both MD5 and SHA-1 are known to be vulnerable to collision attacks.\n\nSince it's OK to use a weak cryptographic hash function in a non-security context, this query only alerts when these are used to hash sensitive data (such as passwords, certificates, usernames).\n\nUse of broken or weak cryptographic algorithms that are not hashing algorithms, is handled by the `py/weak-cryptographic-algorithm` query.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic hash function:\n\n* such as Argon2, scrypt, bcrypt, or PBKDF2 for passwords and other data with limited input space.\n* such as SHA-2, or SHA-3 in other cases.\n\n## Example\nThe following example shows two functions for checking whether the hash of a certificate matches a known value -- to prevent tampering. The first function uses MD5 that is known to be vulnerable to collision attacks. The second function uses SHA-256 that is a strong cryptographic hashing function.\n\n\n```python\nimport hashlib\n\ndef certificate_matches_known_hash_bad(certificate, known_hash):\n    hash = hashlib.md5(certificate).hexdigest() # BAD\n    return hash == known_hash\n\ndef certificate_matches_known_hash_good(certificate, known_hash):\n    hash = hashlib.sha256(certificate).hexdigest() # GOOD\n    return hash == known_hash\n\n```\n\n## Example\nThe following example shows two functions for hashing passwords. The first function uses SHA-256 to hash passwords. Although SHA-256 is a strong cryptographic hash function, it is not suitable for password hashing since it is not computationally expensive.\n\n\n```python\nimport hashlib\n\ndef get_password_hash(password: str, salt: str):\n    return hashlib.sha256(password + salt).hexdigest() # BAD\n\n```\nThe second function uses Argon2 (through the `argon2-cffi` PyPI package), which is a strong password hashing algorithm (and includes a per-password salt by default).\n\n\n```python\nfrom argon2 import PasswordHasher\n\ndef get_initial_hash(password: str):\n    ph = PasswordHasher()\n    return ph.hash(password) # GOOD\n\ndef check_password(password: str, known_hash):\n    ph = PasswordHasher()\n    return ph.verify(known_hash, password) # GOOD\n\n```\n\n## References\n* OWASP: [Password Storage Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n* Common Weakness Enumeration: [CWE-328](https://cwe.mitre.org/data/definitions/328.html).\n* Common Weakness Enumeration: [CWE-916](https://cwe.mitre.org/data/definitions/916.html).\n",
+                  "markdown": "# Use of a broken or weak cryptographic hashing algorithm on sensitive data\nUsing a broken or weak cryptographic hash function can leave data vulnerable, and should not be used in security related code.\n\nA strong cryptographic hash function should be resistant to:\n\n* pre-image attacks: if you know a hash value `h(x)`, you should not be able to easily find the input `x`.\n* collision attacks: if you know a hash value `h(x)`, you should not be able to easily find a different input `y` with the same hash value `h(x) = h(y)`.\nIn cases with a limited input space, such as for passwords, the hash function also needs to be computationally expensive to be resistant to brute-force attacks. Passwords should also have an unique salt applied before hashing, but that is not considered by this query.\n\nAs an example, both MD5 and SHA-1 are known to be vulnerable to collision attacks.\n\nSince it's OK to use a weak cryptographic hash function in a non-security context, this query only alerts when these are used to hash sensitive data (such as passwords, certificates, usernames).\n\nUse of broken or weak cryptographic algorithms that are not hashing algorithms, is handled by the `py/weak-cryptographic-algorithm` query.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic hash function:\n\n* such as Argon2, scrypt, bcrypt, or PBKDF2 for passwords and other data with limited input space.\n* such as SHA-2, or SHA-3 in other cases.\n\n## Example\nThe following example shows two functions for checking whether the hash of a certificate matches a known value -- to prevent tampering. The first function uses MD5 that is known to be vulnerable to collision attacks. The second function uses SHA-256 that is a strong cryptographic hashing function.\n\n\n```python\nimport hashlib\n\ndef certificate_matches_known_hash_bad(certificate, known_hash):\n    hash = hashlib.md5(certificate).hexdigest() # BAD\n    return hash == known_hash\n\ndef certificate_matches_known_hash_good(certificate, known_hash):\n    hash = hashlib.sha256(certificate).hexdigest() # GOOD\n    return hash == known_hash\n\n```\n\n## Example\nThe following example shows two functions for hashing passwords. The first function uses SHA-256 to hash passwords. Although SHA-256 is a strong cryptographic hash function, it is not suitable for password hashing since it is not computationally expensive.\n\n\n```python\nimport hashlib\n\ndef get_password_hash(password: str, salt: str):\n    return hashlib.sha256(password + salt).hexdigest() # BAD\n\n```\nThe second function uses Argon2 (through the `argon2-cffi` PyPI package), which is a strong password hashing algorithm (and includes a per-password salt by default).\n\n\n```python\nfrom argon2 import PasswordHasher\n\ndef get_initial_hash(password: str):\n    ph = PasswordHasher()\n    return ph.hash(password) # GOOD\n\ndef check_password(password: str, known_hash):\n    ph = PasswordHasher()\n    return ph.verify(known_hash, password) # GOOD\n\n```\n\n## References\n* OWASP: [Password Storage Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n* Common Weakness Enumeration: [CWE-328](https://cwe.mitre.org/data/definitions/328.html).\n* Common Weakness Enumeration: [CWE-916](https://cwe.mitre.org/data/definitions/916.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-327",
+                    "external/cwe/cwe-328",
+                    "external/cwe/cwe-916",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/xml-bomb",
+                "name": "py/xml-bomb",
+                "short_description": {
+                  "text": "XML internal entity expansion"
+                },
+                "full_description": {
+                  "text": "Parsing user input as an XML document with arbitrary internal entity expansion is vulnerable to denial-of-service attacks."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# XML internal entity expansion\nParsing untrusted XML files with a weakly configured XML parser may be vulnerable to denial-of-service (DoS) attacks exploiting uncontrolled internal entity expansion.\n\nIn XML, so-called *internal entities* are a mechanism for introducing an abbreviation for a piece of text or part of a document. When a parser that has been configured to expand entities encounters a reference to an internal entity, it replaces the entity by the data it represents. The replacement text may itself contain other entity references, which are expanded recursively. This means that entity expansion can increase document size dramatically.\n\nIf untrusted XML is parsed with entity expansion enabled, a malicious attacker could submit a document that contains very deeply nested entity definitions, causing the parser to take a very long time or use large amounts of memory. This is sometimes called an *XML bomb* attack.\n\n\n## Recommendation\nThe safest way to prevent XML bomb attacks is to disable entity expansion when parsing untrusted data. Whether this can be done depends on the library being used. Note that some libraries, such as `lxml`, have measures enabled by default to prevent such DoS XML attacks, so unless you have explicitly set `huge_tree` to `True`, no further action is needed.\n\nWe recommend using the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package, which has been created to prevent XML attacks (both XXE and XML bombs).\n\n\n## Example\nThe following example uses the `xml.etree` XML parser provided by the Python standard library to parse a string `xml_src`. That string is from an untrusted source, so this code is vulnerable to a DoS attack, since the `xml.etree` XML parser expands internal entities by default:\n\n\n```python\nfrom flask import Flask, request\nimport xml.etree.ElementTree as ET\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = ET.fromstring(xml_src)\n    return ET.tostring(doc)\n\n```\nIt is not possible to guard against internal entity expansion with `xml.etree`, so to guard against these attacks, the following example uses the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package instead, which is not exposed to such internal entity expansion attacks.\n\n\n```python\nfrom flask import Flask, request\nimport defusedxml.ElementTree as ET\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = ET.fromstring(xml_src)\n    return ET.tostring(doc)\n\n```\n\n## References\n* Wikipedia: [Billion Laughs](https://en.wikipedia.org/wiki/Billion_laughs).\n* Bryan Sullivan: [Security Briefs - XML Denial of Service Attacks and Defenses](https://msdn.microsoft.com/en-us/magazine/ee335713.aspx).\n* Python 3 standard library: [XML Vulnerabilities](https://docs.python.org/3/library/xml.html#xml-vulnerabilities).\n* Python 2 standard library: [XML Vulnerabilities](https://docs.python.org/2/library/xml.html#xml-vulnerabilities).\n* Common Weakness Enumeration: [CWE-776](https://cwe.mitre.org/data/definitions/776.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n",
+                  "markdown": "# XML internal entity expansion\nParsing untrusted XML files with a weakly configured XML parser may be vulnerable to denial-of-service (DoS) attacks exploiting uncontrolled internal entity expansion.\n\nIn XML, so-called *internal entities* are a mechanism for introducing an abbreviation for a piece of text or part of a document. When a parser that has been configured to expand entities encounters a reference to an internal entity, it replaces the entity by the data it represents. The replacement text may itself contain other entity references, which are expanded recursively. This means that entity expansion can increase document size dramatically.\n\nIf untrusted XML is parsed with entity expansion enabled, a malicious attacker could submit a document that contains very deeply nested entity definitions, causing the parser to take a very long time or use large amounts of memory. This is sometimes called an *XML bomb* attack.\n\n\n## Recommendation\nThe safest way to prevent XML bomb attacks is to disable entity expansion when parsing untrusted data. Whether this can be done depends on the library being used. Note that some libraries, such as `lxml`, have measures enabled by default to prevent such DoS XML attacks, so unless you have explicitly set `huge_tree` to `True`, no further action is needed.\n\nWe recommend using the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package, which has been created to prevent XML attacks (both XXE and XML bombs).\n\n\n## Example\nThe following example uses the `xml.etree` XML parser provided by the Python standard library to parse a string `xml_src`. That string is from an untrusted source, so this code is vulnerable to a DoS attack, since the `xml.etree` XML parser expands internal entities by default:\n\n\n```python\nfrom flask import Flask, request\nimport xml.etree.ElementTree as ET\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = ET.fromstring(xml_src)\n    return ET.tostring(doc)\n\n```\nIt is not possible to guard against internal entity expansion with `xml.etree`, so to guard against these attacks, the following example uses the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package instead, which is not exposed to such internal entity expansion attacks.\n\n\n```python\nfrom flask import Flask, request\nimport defusedxml.ElementTree as ET\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = ET.fromstring(xml_src)\n    return ET.tostring(doc)\n\n```\n\n## References\n* Wikipedia: [Billion Laughs](https://en.wikipedia.org/wiki/Billion_laughs).\n* Bryan Sullivan: [Security Briefs - XML Denial of Service Attacks and Defenses](https://msdn.microsoft.com/en-us/magazine/ee335713.aspx).\n* Python 3 standard library: [XML Vulnerabilities](https://docs.python.org/3/library/xml.html#xml-vulnerabilities).\n* Python 2 standard library: [XML Vulnerabilities](https://docs.python.org/2/library/xml.html#xml-vulnerabilities).\n* Common Weakness Enumeration: [CWE-776](https://cwe.mitre.org/data/definitions/776.html).\n* Common Weakness Enumeration: [CWE-400](https://cwe.mitre.org/data/definitions/400.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-776/XmlBomb.ql",
+                  "security-severity": "7.5",
+                  "tags": [
+                    "external/cwe/cwe-400",
+                    "external/cwe/cwe-776",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/xpath-injection",
+                "name": "py/xpath-injection",
+                "short_description": {
+                  "text": "XPath query built from user-controlled sources"
+                },
+                "full_description": {
+                  "text": "Building a XPath query from user-controlled sources is vulnerable to insertion of malicious Xpath code by the user."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# XPath query built from user-controlled sources\nIf an XPath expression is built using string concatenation, and the components of the concatenation include user input, it makes it very easy for a user to create a malicious XPath expression.\n\n\n## Recommendation\nIf user input must be included in an XPath expression, either sanitize the data or use variable references to safely embed it without altering the structure of the expression.\n\n\n## Example\nIn the example below, the xpath query is controlled by the user and hence leads to a vulnerability.\n\n\n```python\nfrom lxml import etree\nfrom io import StringIO\n\nfrom django.urls import path\nfrom django.http import HttpResponse\nfrom django.template import Template, Context, Engine, engines\n\n\ndef a(request):\n    value = request.GET['xpath']\n    f = StringIO('<foo><bar></bar></foo>')\n    tree = etree.parse(f)\n    r = tree.xpath(\"/tag[@id='%s']\" % value)\n\n\nurlpatterns = [\n    path('a', a)\n]\n\n```\nThis can be fixed by using a parameterized query as shown below.\n\n\n```python\nfrom lxml import etree\nfrom io import StringIO\n\nfrom django.urls import path\nfrom django.http import HttpResponse\nfrom django.template import Template, Context, Engine, engines\n\n\ndef a(request):\n    value = request.GET['xpath']\n    f = StringIO('<foo><bar></bar></foo>')\n    tree = etree.parse(f)\n    r = tree.xpath(\"/tag[@id=$tagid]\", tagid=value)\n\n\nurlpatterns = [\n    path('a', a)\n]\n\n```\n\n## References\n* OWASP XPath injection : [](https://owasp.org/www-community/attacks/XPATH_Injection)/&gt;&gt;\n* Common Weakness Enumeration: [CWE-643](https://cwe.mitre.org/data/definitions/643.html).\n",
+                  "markdown": "# XPath query built from user-controlled sources\nIf an XPath expression is built using string concatenation, and the components of the concatenation include user input, it makes it very easy for a user to create a malicious XPath expression.\n\n\n## Recommendation\nIf user input must be included in an XPath expression, either sanitize the data or use variable references to safely embed it without altering the structure of the expression.\n\n\n## Example\nIn the example below, the xpath query is controlled by the user and hence leads to a vulnerability.\n\n\n```python\nfrom lxml import etree\nfrom io import StringIO\n\nfrom django.urls import path\nfrom django.http import HttpResponse\nfrom django.template import Template, Context, Engine, engines\n\n\ndef a(request):\n    value = request.GET['xpath']\n    f = StringIO('<foo><bar></bar></foo>')\n    tree = etree.parse(f)\n    r = tree.xpath(\"/tag[@id='%s']\" % value)\n\n\nurlpatterns = [\n    path('a', a)\n]\n\n```\nThis can be fixed by using a parameterized query as shown below.\n\n\n```python\nfrom lxml import etree\nfrom io import StringIO\n\nfrom django.urls import path\nfrom django.http import HttpResponse\nfrom django.template import Template, Context, Engine, engines\n\n\ndef a(request):\n    value = request.GET['xpath']\n    f = StringIO('<foo><bar></bar></foo>')\n    tree = etree.parse(f)\n    r = tree.xpath(\"/tag[@id=$tagid]\", tagid=value)\n\n\nurlpatterns = [\n    path('a', a)\n]\n\n```\n\n## References\n* OWASP XPath injection : [](https://owasp.org/www-community/attacks/XPATH_Injection)/&gt;&gt;\n* Common Weakness Enumeration: [CWE-643](https://cwe.mitre.org/data/definitions/643.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-643/XpathInjection.ql",
+                  "security-severity": "9.8",
+                  "tags": [
+                    "external/cwe/cwe-643",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "py/xxe",
+                "name": "py/xxe",
+                "short_description": {
+                  "text": "XML external entity expansion"
+                },
+                "full_description": {
+                  "text": "Parsing user input as an XML document with external entity expansion is vulnerable to XXE attacks."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# XML external entity expansion\nParsing untrusted XML files with a weakly configured XML parser may lead to an XML External Entity (XXE) attack. This type of attack uses external entity references to access arbitrary files on a system, carry out denial-of-service (DoS) attacks, or server-side request forgery. Even when the result of parsing is not returned to the user, DoS attacks are still possible and out-of-band data retrieval techniques may allow attackers to steal sensitive data.\n\n\n## Recommendation\nThe easiest way to prevent XXE attacks is to disable external entity handling when parsing untrusted data. How this is done depends on the library being used. Note that some libraries, such as recent versions of the XML libraries in the standard library of Python 3, disable entity expansion by default, so unless you have explicitly enabled entity expansion, no further action needs to be taken.\n\nWe recommend using the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package, which has been created to prevent XML attacks (both XXE and XML bombs).\n\n\n## Example\nThe following example uses the `lxml` XML parser to parse a string `xml_src`. That string is from an untrusted source, so this code is vulnerable to an XXE attack, since the [ default parser](https://lxml.de/apidoc/lxml.etree.html#lxml.etree.XMLParser) from `lxml.etree` allows local external entities to be resolved.\n\n\n```python\nfrom flask import Flask, request\nimport lxml.etree\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = lxml.etree.fromstring(xml_src)\n    return lxml.etree.tostring(doc)\n\n```\nTo guard against XXE attacks with the `lxml` library, you should create a parser with `resolve_entities` set to `false`. This means that no entity expansion is undertaken, although standard predefined entities such as `&gt;`, for writing `>` inside the text of an XML element, are still allowed.\n\n\n```python\nfrom flask import Flask, request\nimport lxml.etree\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    parser = lxml.etree.XMLParser(resolve_entities=False)\n    doc = lxml.etree.fromstring(xml_src, parser=parser)\n    return lxml.etree.tostring(doc)\n\n```\n\n## References\n* OWASP: [XML External Entity (XXE) Processing](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing).\n* Timothy Morgen: [XML Schema, DTD, and Entity Attacks](https://research.nccgroup.com/2014/05/19/xml-schema-dtd-and-entity-attacks-a-compendium-of-known-techniques/).\n* Timur Yunusov, Alexey Osipov: [XML Out-Of-Band Data Retrieval](https://www.slideshare.net/qqlan/bh-ready-v4).\n* Python 3 standard library: [XML Vulnerabilities](https://docs.python.org/3/library/xml.html#xml-vulnerabilities).\n* Python 2 standard library: [XML Vulnerabilities](https://docs.python.org/2/library/xml.html#xml-vulnerabilities).\n* PortSwigger: [XML external entity (XXE) injection](https://portswigger.net/web-security/xxe).\n* Common Weakness Enumeration: [CWE-611](https://cwe.mitre.org/data/definitions/611.html).\n* Common Weakness Enumeration: [CWE-827](https://cwe.mitre.org/data/definitions/827.html).\n",
+                  "markdown": "# XML external entity expansion\nParsing untrusted XML files with a weakly configured XML parser may lead to an XML External Entity (XXE) attack. This type of attack uses external entity references to access arbitrary files on a system, carry out denial-of-service (DoS) attacks, or server-side request forgery. Even when the result of parsing is not returned to the user, DoS attacks are still possible and out-of-band data retrieval techniques may allow attackers to steal sensitive data.\n\n\n## Recommendation\nThe easiest way to prevent XXE attacks is to disable external entity handling when parsing untrusted data. How this is done depends on the library being used. Note that some libraries, such as recent versions of the XML libraries in the standard library of Python 3, disable entity expansion by default, so unless you have explicitly enabled entity expansion, no further action needs to be taken.\n\nWe recommend using the [defusedxml](https://pypi.org/project/defusedxml/) PyPI package, which has been created to prevent XML attacks (both XXE and XML bombs).\n\n\n## Example\nThe following example uses the `lxml` XML parser to parse a string `xml_src`. That string is from an untrusted source, so this code is vulnerable to an XXE attack, since the [ default parser](https://lxml.de/apidoc/lxml.etree.html#lxml.etree.XMLParser) from `lxml.etree` allows local external entities to be resolved.\n\n\n```python\nfrom flask import Flask, request\nimport lxml.etree\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    doc = lxml.etree.fromstring(xml_src)\n    return lxml.etree.tostring(doc)\n\n```\nTo guard against XXE attacks with the `lxml` library, you should create a parser with `resolve_entities` set to `false`. This means that no entity expansion is undertaken, although standard predefined entities such as `&gt;`, for writing `>` inside the text of an XML element, are still allowed.\n\n\n```python\nfrom flask import Flask, request\nimport lxml.etree\n\napp = Flask(__name__)\n\n@app.post(\"/upload\")\ndef upload():\n    xml_src = request.get_data()\n    parser = lxml.etree.XMLParser(resolve_entities=False)\n    doc = lxml.etree.fromstring(xml_src, parser=parser)\n    return lxml.etree.tostring(doc)\n\n```\n\n## References\n* OWASP: [XML External Entity (XXE) Processing](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing).\n* Timothy Morgen: [XML Schema, DTD, and Entity Attacks](https://research.nccgroup.com/2014/05/19/xml-schema-dtd-and-entity-attacks-a-compendium-of-known-techniques/).\n* Timur Yunusov, Alexey Osipov: [XML Out-Of-Band Data Retrieval](https://www.slideshare.net/qqlan/bh-ready-v4).\n* Python 3 standard library: [XML Vulnerabilities](https://docs.python.org/3/library/xml.html#xml-vulnerabilities).\n* Python 2 standard library: [XML Vulnerabilities](https://docs.python.org/2/library/xml.html#xml-vulnerabilities).\n* PortSwigger: [XML external entity (XXE) injection](https://portswigger.net/web-security/xxe).\n* Common Weakness Enumeration: [CWE-611](https://cwe.mitre.org/data/definitions/611.html).\n* Common Weakness Enumeration: [CWE-827](https://cwe.mitre.org/data/definitions/827.html).\n"
+                },
+                "properties": {
+                  "precision": "high",
+                  "queryURI": "https://github.com/github/codeql/blob/39a67b6e2e6490a9bd010db50e148f647765e9f7/python/ql/src/Security/CWE-611/Xxe.ql",
+                  "security-severity": "9.1",
+                  "tags": [
+                    "external/cwe/cwe-611",
+                    "external/cwe/cwe-827",
+                    "security"
+                  ]
+                }
+              }
+            ]
+          },
+          {
+            "name": "codeql/python-all",
+            "semantic_version": "2.1.2+39a67b6e2e6490a9bd010db50e148f647765e9f7"
+          },
+          {
+            "name": "codeql/threat-models",
+            "semantic_version": "1.0.11+39a67b6e2e6490a9bd010db50e148f647765e9f7"
+          }
+        ]
+      },
+      "conversion": {
+        "tool": {
+          "driver": {
+            "name": "GitHub Code Scanning"
+          }
+        }
+      },
+      "version_control_provenance": [
+        {
+          "repository_uri": "https://github.com/nahsra/Vulnerable-Code-Snippets",
+          "revision_id": "07669239ed45467b3c169b9747b3ccdc229632ca",
+          "branch": "refs/heads/master"
+        }
+      ],
+      "artifacts": [
+        {
+          "location": {
+            "uri": "Unsafe Deserialization/pickle2.py",
+            "index": 0
+          }
+        },
+        {
+          "location": {
+            "uri": "Command Injection/tainted.py",
+            "index": 1
+          }
+        },
+        {
+          "location": {
+            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+            "index": 2
+          }
+        },
+        {
+          "location": {
+            "uri": "Path Traversal/py_ctf.py",
+            "index": 3
+          }
+        }
+      ],
+      "results": [
+        {
+          "rule_id": "py/clear-text-storage-sensitive-data",
+          "rule": {
+            "id": "py/clear-text-storage-sensitive-data",
+            "index": 3,
+            "tool_component": {
+              "index": 0
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "This expression stores [sensitive data (secret)](1) as clear text."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Unsafe Deserialization/pickle2.py",
+                  "index": 0
+                },
+                "region": {
+                  "start_line": 42,
+                  "start_column": 17,
+                  "end_line": 42,
+                  "end_column": 23
+                }
+              }
+            }
+          ],
+          "guid": "a31e9857-6704-4c0d-92c0-afebf001163b",
+          "correlation_guid": "3db4f2bd-6682-4bba-a7d4-5f5d76b6e190",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "7831bb4e0b589e7f:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Unsafe Deserialization/pickle2.py",
+                            "index": 0
+                          },
+                          "region": {
+                            "start_line": 40,
+                            "start_column": 18,
+                            "end_line": 41,
+                            "end_column": 44
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Unsafe Deserialization/pickle2.py",
+                            "index": 0
+                          },
+                          "region": {
+                            "start_line": 40,
+                            "start_column": 9,
+                            "end_line": 40,
+                            "end_column": 15
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for secret"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Unsafe Deserialization/pickle2.py",
+                            "index": 0
+                          },
+                          "region": {
+                            "start_line": 42,
+                            "start_column": 17,
+                            "end_line": 42,
+                            "end_column": 23
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for secret"
+                        }
+                      }
+                    }
+                  ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Unsafe Deserialization/pickle2.py",
+                  "index": 0
+                },
+                "region": {
+                  "start_line": 40,
+                  "start_column": 18,
+                  "end_line": 41,
+                  "end_column": 44
+                }
+              },
+              "message": {
+                "text": "sensitive data (secret)"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 2,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/2"
+          }
+        },
+        {
+          "rule_id": "py/flask-debug",
+          "rule": {
+            "id": "py/flask-debug",
+            "index": 8,
+            "tool_component": {
+              "index": 0
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Command Injection/tainted.py",
+                  "index": 1
+                },
+                "region": {
+                  "start_line": 14,
+                  "start_column": 2,
+                  "end_line": 14,
+                  "end_column": 21
+                }
+              }
+            }
+          ],
+          "guid": "792f4af0-ccf1-4258-992a-6d2e710fc00e",
+          "correlation_guid": "119ca813-b276-44bb-809c-be478bc6c216",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "592eb5113a7053ce:1"
+          },
+          "properties": {
+            "github/alertNumber": 3,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/3"
+          }
+        },
+        {
+          "rule_id": "py/command-line-injection",
+          "rule": {
+            "id": "py/command-line-injection",
+            "index": 5,
+            "tool_component": {
+              "index": 0
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "This command line depends on a [user-provided value](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Command Injection/tainted.py",
+                  "index": 1
+                },
+                "region": {
+                  "start_line": 9,
+                  "start_column": 15,
+                  "end_line": 9,
+                  "end_column": 34
+                }
+              }
+            }
+          ],
+          "guid": "09f9e38b-78e8-41a1-a462-b190b45665ed",
+          "correlation_guid": "956d88c6-70d3-4f7f-9fd1-00ce1c6059e0",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "d2d7cb64d3a56d5c:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Command Injection/tainted.py",
+                            "index": 1
+                          },
+                          "region": {
+                            "start_line": 2,
+                            "start_column": 26,
+                            "end_line": 2,
+                            "end_column": 33
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for ImportMember"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Command Injection/tainted.py",
+                            "index": 1
+                          },
+                          "region": {
+                            "start_line": 2,
+                            "start_column": 26,
+                            "end_line": 2,
+                            "end_column": 33
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Command Injection/tainted.py",
+                            "index": 1
+                          },
+                          "region": {
+                            "start_line": 9,
+                            "start_column": 15,
+                            "end_line": 9,
+                            "end_column": 22
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Command Injection/tainted.py",
+                            "index": 1
+                          },
+                          "region": {
+                            "start_line": 9,
+                            "start_column": 15,
+                            "end_line": 9,
+                            "end_column": 34
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute"
+                        }
+                      }
+                    }
+                  ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Command Injection/tainted.py",
+                  "index": 0
+                },
+                "region": {
+                  "start_line": 2,
+                  "start_column": 26,
+                  "end_line": 2,
+                  "end_column": 33
+                }
+              },
+              "message": {
+                "text": "user-provided value"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 4,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/4"
+          }
+        },
+        {
+          "rule_id": "py/reflective-xss",
+          "rule": {
+            "id": "py/reflective-xss",
+            "index": 25,
+            "tool_component": {
+              "index": 0
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Cross-site scripting vulnerability due to a [user-provided value](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                  "index": 2
+                },
+                "region": {
+                  "start_line": 56,
+                  "start_column": 12,
+                  "end_line": 56,
+                  "end_column": 44
+                }
+              }
+            }
+          ],
+          "guid": "2c03c241-c3ab-4291-b6bd-317471de0cf1",
+          "correlation_guid": "5b4f3e50-2b30-4a70-ac57-fa37359f9443",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "f207ef544f2b3e05:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for ImportMember"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 26,
+                            "start_column": 8,
+                            "end_line": 26,
+                            "end_column": 15
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 13,
+                            "end_line": 29,
+                            "end_column": 25
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 13,
+                            "end_line": 29,
+                            "end_column": 38
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 5,
+                            "end_line": 29,
+                            "end_column": 10
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for golem"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 36,
+                            "start_column": 28,
+                            "end_line": 36,
+                            "end_column": 33
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for golem"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 36,
+                            "start_column": 9,
+                            "end_line": 36,
+                            "end_column": 16
+                          }
+                        },
+                        "message": {
+                          "text": "[post] ControlFlowNode for session [Dictionary element at key golem]"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 50,
+                            "start_column": 9,
+                            "end_line": 50,
+                            "end_column": 16
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for session [Dictionary element at key golem]"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 50,
+                            "start_column": 9,
+                            "end_line": 50,
+                            "end_column": 25
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Subscript"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 41,
+                            "start_column": 9,
+                            "end_line": 41,
+                            "end_column": 17
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for template"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 35,
+                            "end_line": 56,
+                            "end_column": 43
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for template"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 12,
+                            "end_line": 56,
+                            "end_column": 44
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for render_template_string()"
+                        }
+                      }
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for ImportMember"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 13,
+                            "end_line": 29,
+                            "end_column": 20
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 13,
+                            "end_line": 29,
+                            "end_column": 25
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 13,
+                            "end_line": 29,
+                            "end_column": 38
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 5,
+                            "end_line": 29,
+                            "end_column": 10
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for golem"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 32,
+                            "start_column": 9,
+                            "end_line": 32,
+                            "end_column": 14
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for golem"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 36,
+                            "start_column": 28,
+                            "end_line": 36,
+                            "end_column": 33
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for golem"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 36,
+                            "start_column": 9,
+                            "end_line": 36,
+                            "end_column": 16
+                          }
+                        },
+                        "message": {
+                          "text": "[post] ControlFlowNode for session [Dictionary element at key golem]"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 50,
+                            "start_column": 9,
+                            "end_line": 50,
+                            "end_column": 16
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for session [Dictionary element at key golem]"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 50,
+                            "start_column": 9,
+                            "end_line": 50,
+                            "end_column": 25
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Subscript"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 41,
+                            "start_column": 9,
+                            "end_line": 41,
+                            "end_column": 17
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for template"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 35,
+                            "end_line": 56,
+                            "end_column": 43
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for template"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 12,
+                            "end_line": 56,
+                            "end_column": 44
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for render_template_string()"
+                        }
+                      }
+                    }
+                  ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                  "index": 0
+                },
+                "region": {
+                  "start_line": 6,
+                  "start_column": 5,
+                  "end_line": 6,
+                  "end_column": 12
+                }
+              },
+              "message": {
+                "text": "user-provided value"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 5,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/5"
+          }
+        },
+        {
+          "rule_id": "py/reflective-xss",
+          "rule": {
+            "id": "py/reflective-xss",
+            "index": 25,
+            "tool_component": {
+              "index": 0
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Cross-site scripting vulnerability due to a [user-provided value](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Path Traversal/py_ctf.py",
+                  "index": 3
+                },
+                "region": {
+                  "start_line": 56,
+                  "start_column": 12,
+                  "end_line": 56,
+                  "end_column": 44
+                }
+              }
+            }
+          ],
+          "guid": "9d7167a3-b874-4412-866f-e40302bfda44",
+          "correlation_guid": "4368aec2-0d5c-451e-a914-42cf18ca62fd",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "f207ef544f2b3e05:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for ImportMember"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 26,
+                            "start_column": 8,
+                            "end_line": 26,
+                            "end_column": 15
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 13,
+                            "end_line": 29,
+                            "end_column": 25
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 13,
+                            "end_line": 29,
+                            "end_column": 38
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 5,
+                            "end_line": 29,
+                            "end_column": 10
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for golem"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 36,
+                            "start_column": 28,
+                            "end_line": 36,
+                            "end_column": 33
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for golem"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 36,
+                            "start_column": 9,
+                            "end_line": 36,
+                            "end_column": 16
+                          }
+                        },
+                        "message": {
+                          "text": "[post] ControlFlowNode for session [Dictionary element at key golem]"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 50,
+                            "start_column": 9,
+                            "end_line": 50,
+                            "end_column": 16
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for session [Dictionary element at key golem]"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 50,
+                            "start_column": 9,
+                            "end_line": 50,
+                            "end_column": 25
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Subscript"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 41,
+                            "start_column": 9,
+                            "end_line": 41,
+                            "end_column": 17
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for template"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 35,
+                            "end_line": 56,
+                            "end_column": 43
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for template"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 12,
+                            "end_line": 56,
+                            "end_column": 44
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for render_template_string()"
+                        }
+                      }
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for ImportMember"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 13,
+                            "end_line": 29,
+                            "end_column": 20
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 13,
+                            "end_line": 29,
+                            "end_column": 25
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 13,
+                            "end_line": 29,
+                            "end_column": 38
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 29,
+                            "start_column": 5,
+                            "end_line": 29,
+                            "end_column": 10
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for golem"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 32,
+                            "start_column": 9,
+                            "end_line": 32,
+                            "end_column": 14
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for golem"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 36,
+                            "start_column": 28,
+                            "end_line": 36,
+                            "end_column": 33
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for golem"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 36,
+                            "start_column": 9,
+                            "end_line": 36,
+                            "end_column": 16
+                          }
+                        },
+                        "message": {
+                          "text": "[post] ControlFlowNode for session [Dictionary element at key golem]"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 50,
+                            "start_column": 9,
+                            "end_line": 50,
+                            "end_column": 16
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for session [Dictionary element at key golem]"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 50,
+                            "start_column": 9,
+                            "end_line": 50,
+                            "end_column": 25
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Subscript"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 41,
+                            "start_column": 9,
+                            "end_line": 41,
+                            "end_column": 17
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for template"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 35,
+                            "end_line": 56,
+                            "end_column": 43
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for template"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 12,
+                            "end_line": 56,
+                            "end_column": 44
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for render_template_string()"
+                        }
+                      }
+                    }
+                  ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Path Traversal/py_ctf.py",
+                  "index": 0
+                },
+                "region": {
+                  "start_line": 6,
+                  "start_column": 5,
+                  "end_line": 6,
+                  "end_column": 12
+                }
+              },
+              "message": {
+                "text": "user-provided value"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 6,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/6"
+          }
+        },
+        {
+          "rule_id": "py/path-injection",
+          "rule": {
+            "id": "py/path-injection",
+            "index": 22,
+            "tool_component": {
+              "index": 0
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "This path depends on a [user-provided value](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                  "index": 2
+                },
+                "region": {
+                  "start_line": 78,
+                  "start_column": 25,
+                  "end_line": 78,
+                  "end_column": 63
+                }
+              }
+            }
+          ],
+          "guid": "df21b514-aaa5-4fb0-bc50-7282feb87ab1",
+          "correlation_guid": "4586f203-2a1f-4567-b472-cf139c3171f7",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "49ce9f5ebea5b775:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for ImportMember"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 69,
+                            "start_column": 18,
+                            "end_line": 69,
+                            "end_column": 25
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 16,
+                            "end_line": 70,
+                            "end_column": 28
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 16,
+                            "end_line": 70,
+                            "end_column": 40
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 9,
+                            "end_line": 70,
+                            "end_column": 13
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for page"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 78,
+                            "start_column": 25,
+                            "end_line": 78,
+                            "end_column": 63
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for ImportMember"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 16,
+                            "end_line": 70,
+                            "end_column": 23
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 16,
+                            "end_line": 70,
+                            "end_column": 28
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 16,
+                            "end_line": 70,
+                            "end_column": 40
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 9,
+                            "end_line": 70,
+                            "end_column": 13
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for page"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 78,
+                            "start_column": 25,
+                            "end_line": 78,
+                            "end_column": 63
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    }
+                  ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Server Side Template Injection/asis_ssti_pt.py",
+                  "index": 0
+                },
+                "region": {
+                  "start_line": 6,
+                  "start_column": 5,
+                  "end_line": 6,
+                  "end_column": 12
+                }
+              },
+              "message": {
+                "text": "user-provided value"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 7,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/7"
+          }
+        },
+        {
+          "rule_id": "py/path-injection",
+          "rule": {
+            "id": "py/path-injection",
+            "index": 22,
+            "tool_component": {
+              "index": 0
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "This path depends on a [user-provided value](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Path Traversal/py_ctf.py",
+                  "index": 3
+                },
+                "region": {
+                  "start_line": 78,
+                  "start_column": 25,
+                  "end_line": 78,
+                  "end_column": 63
+                }
+              }
+            }
+          ],
+          "guid": "878beb47-c0fe-46d8-ae6c-1074387f1f21",
+          "correlation_guid": "13ee947d-8cdc-465b-8edc-b62046310cdd",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "49ce9f5ebea5b775:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for ImportMember"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 69,
+                            "start_column": 18,
+                            "end_line": 69,
+                            "end_column": 25
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 16,
+                            "end_line": 70,
+                            "end_column": 28
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 16,
+                            "end_line": 70,
+                            "end_column": 40
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 9,
+                            "end_line": 70,
+                            "end_column": 13
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for page"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 78,
+                            "start_column": 25,
+                            "end_line": 78,
+                            "end_column": 63
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for ImportMember"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 6,
+                            "start_column": 5,
+                            "end_line": 6,
+                            "end_column": 12
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 16,
+                            "end_line": 70,
+                            "end_column": 23
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for request"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 16,
+                            "end_line": 70,
+                            "end_column": 28
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 16,
+                            "end_line": 70,
+                            "end_column": 40
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 70,
+                            "start_column": 9,
+                            "end_line": 70,
+                            "end_column": 13
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for page"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "Path Traversal/py_ctf.py",
+                            "index": 3
+                          },
+                          "region": {
+                            "start_line": 78,
+                            "start_column": 25,
+                            "end_line": 78,
+                            "end_column": 63
+                          }
+                        },
+                        "message": {
+                          "text": "ControlFlowNode for Attribute()"
+                        }
+                      }
+                    }
+                  ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "Path Traversal/py_ctf.py",
+                  "index": 0
+                },
+                "region": {
+                  "start_line": 6,
+                  "start_column": 5,
+                  "end_line": 6,
+                  "end_column": 12
+                }
+              },
+              "message": {
+                "text": "user-provided value"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 8,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/Vulnerable-Code-Snippets/code-scanning/alerts/8"
+          }
+        }
+      ],
+      "automation_details": {
+        "id": "/language:python/"
+      },
+      "properties": {
+        "codeqlConfigSummary": {}
+      }
+    }
+  ]
+}
diff --git a/tests/samples/pygoat.semgrep.sarif.json b/tests/samples/pygoat.semgrep.sarif.json
index 1cf8a8e8..ab9e3167 100644
--- a/tests/samples/pygoat.semgrep.sarif.json
+++ b/tests/samples/pygoat.semgrep.sarif.json
@@ -1,4404 +1,4931 @@
 {
-  "$schema": "https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/schemas/sarif-schema-2.1.0.json",
+  "version": "2.1.0",
+  "schema_uri": "https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/schemas/sarif-schema-2.1.0.json",
   "runs": [
     {
-      "invocations": [
-        {
-          "executionSuccessful": true,
-          "toolExecutionNotifications": [
+      "tool": {
+        "driver": {
+          "name": "Semgrep OSS",
+          "semantic_version": "1.64.0",
+          "rules": [
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.lang.security.dangerous-subinterpreters-run-string.dangerous-subinterpreters-run-string",
+              "name": "python.lang.security.dangerous-subinterpreters-run-string.dangerous-subinterpreters-run-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.dangerous-subinterpreters-run-string.dangerous-subinterpreters-run-string"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/XSS/xss_lab_3.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "full_description": {
+                "text": "Found user controlled content in `run_string`. This is dangerous because it allows a malicious actor to run arbitrary Python code."
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/AUTH/auth_lab_login.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/csrf_dashboard.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "help_uri": "https://semgrep.dev/r/python.lang.security.dangerous-subinterpreters-run-string.dangerous-subinterpreters-run-string",
+              "help": {
+                "text": "Found user controlled content in `run_string`. This is dangerous because it allows a malicious actor to run arbitrary Python code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user controlled content in `run_string`. This is dangerous because it allows a malicious actor to run arbitrary Python code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-subinterpreters-run-string.dangerous-subinterpreters-run-string)\n - [https://bugs.python.org/issue43472](https://bugs.python.org/issue43472)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/A11/a11.html:1:\n `{% extends 'introduction/base.html' %} {% block content %} {% block title %}` was unexpected"
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method",
+              "name": "typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/A10/a10.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detection of $HTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use $HTML, consider using a sanitization library such as DOMPurify to sanitize your HTML."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method",
+              "help": {
+                "text": "Detection of $HTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use $HTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detection of $HTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use $HTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method)\n - [https://developer.mozilla.org/en-US/docs/Web/API/Document/writeln](https://developer.mozilla.org/en-US/docs/Web/API/Document/writeln)\n - [https://developer.mozilla.org/en-US/docs/Web/API/Document/write](https://developer.mozilla.org/en-US/docs/Web/API/Document/write)\n - [https://developer.mozilla.org/en-US/docs/Web/API/Element/insertAdjacentHTML](https://developer.mozilla.org/en-US/docs/Web/API/Element/insertAdjacentHTML)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission",
+              "name": "java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A7_auth_failure/lab3.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected file permissions that are overly permissive (read, write, and execute). It is generally a bad practices to set overly permissive file permission such as read+write+exec for all users. If the file affected is a configuration, a binary, a script or sensitive data, it can lead to privilege escalation or information leakage. Instead, follow the principle of least privilege and give users only the  permissions they need."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission",
+              "help": {
+                "text": "Detected file permissions that are overly permissive (read, write, and execute). It is generally a bad practices to set overly permissive file permission such as read+write+exec for all users. If the file affected is a configuration, a binary, a script or sensitive data, it can lead to privilege escalation or information leakage. Instead, follow the principle of least privilege and give users only the  permissions they need.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected file permissions that are overly permissive (read, write, and execute). It is generally a bad practices to set overly permissive file permission such as read+write+exec for all users. If the file affected is a configuration, a binary, a script or sensitive data, it can lead to privilege escalation or information leakage. Instead, follow the principle of least privilege and give users only the  permissions they need.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-276: Incorrect Default Permissions",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.aws.security.aws-ecr-mutable-image-tags.aws-ecr-mutable-image-tags",
+              "name": "terraform.aws.security.aws-ecr-mutable-image-tags.aws-ecr-mutable-image-tags",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-ecr-mutable-image-tags.aws-ecr-mutable-image-tags"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/A9/a9.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "The ECR repository allows tag mutability. Image tags could be overwritten with compromised images. ECR images should be set to IMMUTABLE to prevent code injection through image mutation. This can be done by setting `image_tag_mutability` to IMMUTABLE."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-ecr-mutable-image-tags.aws-ecr-mutable-image-tags",
+              "help": {
+                "text": "The ECR repository allows tag mutability. Image tags could be overwritten with compromised images. ECR images should be set to IMMUTABLE to prevent code injection through image mutation. This can be done by setting `image_tag_mutability` to IMMUTABLE.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The ECR repository allows tag mutability. Image tags could be overwritten with compromised images. ECR images should be set to IMMUTABLE to prevent code injection through image mutation. This can be done by setting `image_tag_mutability` to IMMUTABLE.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ecr-mutable-image-tags.aws-ecr-mutable-image-tags)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#image_tag_mutability](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#image_tag_mutability)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-345: Insufficient Verification of Data Authenticity",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "ruby.lang.security.create-with.create-with",
+              "name": "ruby.lang.security.create-with.create-with",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.create-with.create-with"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/playground/A9/index.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Checks for strong parameter bypass through usage of create_with. Create_with bypasses strong parameter protection, which could allow attackers to set arbitrary attributes on models. To fix this vulnerability, either remove all create_with calls or use the permit function to specify tags that are allowed to be set."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.create-with.create-with",
+              "help": {
+                "text": "Checks for strong parameter bypass through usage of create_with. Create_with bypasses strong parameter protection, which could allow attackers to set arbitrary attributes on models. To fix this vulnerability, either remove all create_with calls or use the permit function to specify tags that are allowed to be set.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for strong parameter bypass through usage of create_with. Create_with bypasses strong parameter protection, which could allow attackers to set arbitrary attributes on models. To fix this vulnerability, either remove all create_with calls or use the permit function to specify tags that are allowed to be set.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.create-with.create-with)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_create_with.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_create_with.rb)\n - [https://groups.google.com/g/rubyonrails-security/c/M4chq5Sb540/m/CC1Fh0Y_NWwJ](https://groups.google.com/g/rubyonrails-security/c/M4chq5Sb540/m/CC1Fh0Y_NWwJ)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.lang.security.detect-no-csrf-before-method-override.detect-no-csrf-before-method-override",
+              "name": "javascript.lang.security.detect-no-csrf-before-method-override.detect-no-csrf-before-method-override",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.detect-no-csrf-before-method-override.detect-no-csrf-before-method-override"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/DataExp/data_exp.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected use of express.csrf() middleware before express.methodOverride(). This can allow GET requests (which are not checked by csrf) to turn into POST requests later."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.detect-no-csrf-before-method-override.detect-no-csrf-before-method-override",
+              "help": {
+                "text": "Detected use of express.csrf() middleware before express.methodOverride(). This can allow GET requests (which are not checked by csrf) to turn into POST requests later.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of express.csrf() middleware before express.methodOverride(). This can allow GET requests (which are not checked by csrf) to turn into POST requests later.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-no-csrf-before-method-override.detect-no-csrf-before-method-override)\n - [https://github.com/nodesecurity/eslint-plugin-security/blob/master/docs/bypass-connect-csrf-protection-by-abusing.md](https://github.com/nodesecurity/eslint-plugin-security/blob/master/docs/bypass-connect-csrf-protection-by-abusing.md)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.ajv.security.audit.ajv-allerrors-true.ajv-allerrors-true",
+              "name": "javascript.ajv.security.audit.ajv-allerrors-true.ajv-allerrors-true",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.ajv.security.audit.ajv-allerrors-true.ajv-allerrors-true"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_top17.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "By setting `allErrors: true` in `Ajv` library, all error objects will be allocated without limit. This allows the attacker to produce a huge number of errors which can lead to denial of service. Do not use `allErrors: true` in production."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.ajv.security.audit.ajv-allerrors-true.ajv-allerrors-true",
+              "help": {
+                "text": "By setting `allErrors: true` in `Ajv` library, all error objects will be allocated without limit. This allows the attacker to produce a huge number of errors which can lead to denial of service. Do not use `allErrors: true` in production.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "By setting `allErrors: true` in `Ajv` library, all error objects will be allocated without limit. This allows the attacker to produce a huge number of errors which can lead to denial of service. Do not use `allErrors: true` in production.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.ajv.security.audit.ajv-allerrors-true.ajv-allerrors-true)\n - [https://ajv.js.org/options.html#allerrors](https://ajv.js.org/options.html#allerrors)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-400: Uncontrolled Resource Consumption",
+                  "LOW CONFIDENCE",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "ruby.rails.security.audit.xss.avoid-html-safe.avoid-html-safe",
+              "name": "ruby.rails.security.audit.xss.avoid-html-safe.avoid-html-safe",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-html-safe.avoid-html-safe"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A3_Injection/ssti_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "'html_safe()' does not make the supplied string safe. 'html_safe()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-html-safe.avoid-html-safe",
+              "help": {
+                "text": "'html_safe()' does not make the supplied string safe. 'html_safe()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'html_safe()' does not make the supplied string safe. 'html_safe()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-html-safe.avoid-html-safe)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/cross_site_scripting/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/cross_site_scripting/index.markdown)\n - [https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/](https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "typescript.nestjs.security.audit.nestjs-header-xss-disabled.nestjs-header-xss-disabled",
+              "name": "typescript.nestjs.security.audit.nestjs-header-xss-disabled.nestjs-header-xss-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.nestjs.security.audit.nestjs-header-xss-disabled.nestjs-header-xss-disabled"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/ssrf/ssrf.html:1:\n `{% extends 'introduction/base.html' %} {% block content %} {% block title %}` was unexpected"
+              "full_description": {
+                "text": "X-XSS-Protection header is set to 0. This will disable the browser's XSS Filter."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-header-xss-disabled.nestjs-header-xss-disabled",
+              "help": {
+                "text": "X-XSS-Protection header is set to 0. This will disable the browser's XSS Filter.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "X-XSS-Protection header is set to 0. This will disable the browser's XSS Filter.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-header-xss-disabled.nestjs-header-xss-disabled)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "json.aws.security.public-s3-policy-statement.public-s3-policy-statement",
+              "name": "json.aws.security.public-s3-policy-statement.public-s3-policy-statement",
+              "short_description": {
+                "text": "Semgrep Finding: json.aws.security.public-s3-policy-statement.public-s3-policy-statement"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/A9/a9_lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected public S3 bucket policy. This policy allows anyone to access certain properties of or items in the bucket. Do not do this unless you will never have sensitive data inside the bucket."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/json.aws.security.public-s3-policy-statement.public-s3-policy-statement",
+              "help": {
+                "text": "Detected public S3 bucket policy. This policy allows anyone to access certain properties of or items in the bucket. Do not do this unless you will never have sensitive data inside the bucket.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected public S3 bucket policy. This policy allows anyone to access certain properties of or items in the bucket. Do not do this unless you will never have sensitive data inside the bucket.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/json.aws.security.public-s3-policy-statement.public-s3-policy-statement)\n - [https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteAccessPermissionsReqd.html](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteAccessPermissionsReqd.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-264: CWE CATEGORY: Permissions, Privileges, and Access Controls",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "java.lang.security.audit.permissive-cors.permissive-cors",
+              "name": "java.lang.security.audit.permissive-cors.permissive-cors",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.permissive-cors.permissive-cors"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/desc.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "full_description": {
+                "text": "https://find-sec-bugs.github.io/bugs.htm#PERMISSIVE_CORS Permissive CORS policy will allow a malicious application to communicate with the victim application in an inappropriate way, leading to spoofing, data theft, relay and other attacks."
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/XXE/xxe.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/CMD/cmd.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.permissive-cors.permissive-cors",
+              "help": {
+                "text": "https://find-sec-bugs.github.io/bugs.htm#PERMISSIVE_CORS Permissive CORS policy will allow a malicious application to communicate with the victim application in an inappropriate way, leading to spoofing, data theft, relay and other attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "https://find-sec-bugs.github.io/bugs.htm#PERMISSIVE_CORS Permissive CORS policy will allow a malicious application to communicate with the victim application in an inappropriate way, leading to spoofing, data theft, relay and other attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.permissive-cors.permissive-cors)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-183: Permissive List of Allowed Inputs",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal",
+              "name": "javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A7_auth_failure/a7.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Possible writing outside of the destination, make sure that the target path is nested in the intended destination"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal",
+              "help": {
+                "text": "Possible writing outside of the destination, make sure that the target path is nested in the intended destination\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Possible writing outside of the destination, make sure that the target path is nested in the intended destination\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.pycryptodome.security.insecure-hash-algorithm.insecure-hash-algorithm-sha1",
+              "name": "python.pycryptodome.security.insecure-hash-algorithm.insecure-hash-algorithm-sha1",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insecure-hash-algorithm.insecure-hash-algorithm-sha1"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/introduction/base.html:2:\n `{% load static %}` was unexpected"
+              "full_description": {
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm.insecure-hash-algorithm-sha1",
+              "help": {
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm.insecure-hash-algorithm-sha1)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "scala.jwt-scala.security.jwt-scala-hardcode.jwt-scala-hardcode",
+              "name": "scala.jwt-scala.security.jwt-scala-hardcode.jwt-scala-hardcode",
+              "short_description": {
+                "text": "Semgrep Finding: scala.jwt-scala.security.jwt-scala-hardcode.jwt-scala-hardcode"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/sec_mis/sec_mis_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/scala.jwt-scala.security.jwt-scala-hardcode.jwt-scala-hardcode",
+              "help": {
+                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.jwt-scala.security.jwt-scala-hardcode.jwt-scala-hardcode)\n - [https://jwt-scala.github.io/jwt-scala/](https://jwt-scala.github.io/jwt-scala/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.vm2.security.audit.vm2-context-injection.vm2-context-injection",
+              "name": "javascript.vm2.security.audit.vm2-context-injection.vm2-context-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.vm2.security.audit.vm2-context-injection.vm2-context-injection"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Make sure that unverified user data can not reach `vm2`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.vm2.security.audit.vm2-context-injection.vm2-context-injection",
+              "help": {
+                "text": "Make sure that unverified user data can not reach `vm2`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Make sure that unverified user data can not reach `vm2`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.vm2.security.audit.vm2-context-injection.vm2-context-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.flask.security.audit.app-run-param-config.avoid_app_run_with_bad_host",
+              "name": "python.flask.security.audit.app-run-param-config.avoid_app_run_with_bad_host",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.app-run-param-config.avoid_app_run_with_bad_host"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Running flask app with host 0.0.0.0 could expose the server publicly."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.app-run-param-config.avoid_app_run_with_bad_host",
+              "help": {
+                "text": "Running flask app with host 0.0.0.0 could expose the server publicly.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Running flask app with host 0.0.0.0 could expose the server publicly.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.app-run-param-config.avoid_app_run_with_bad_host)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-668: Exposure of Resource to Wrong Sphere",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.express.security.audit.xss.pug.var-in-href.var-in-href",
+              "name": "javascript.express.security.audit.xss.pug.var-in-href.var-in-href",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.pug.var-in-href.var-in-href"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/XXE/xxe_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: a(href='/'+url). You may also consider setting the Content Security Policy (CSP) header."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.pug.var-in-href.var-in-href",
+              "help": {
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: a(href='/'+url). You may also consider setting the Content Security Policy (CSP) header.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: a(href='/'+url). You may also consider setting the Content Security Policy (CSP) header.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.pug.var-in-href.var-in-href)\n - [https://github.com/pugjs/pug/issues/2952](https://github.com/pugjs/pug/issues/2952)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression",
+              "name": "javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/CMD/cmd_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected use of dynamic execution of JavaScript which may come from user-input, which can lead to Cross-Site-Scripting (XSS). Where possible avoid including user-input in functions which dynamically execute user-input."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression",
+              "help": {
+                "text": "Detected use of dynamic execution of JavaScript which may come from user-input, which can lead to Cross-Site-Scripting (XSS). Where possible avoid including user-input in functions which dynamically execute user-input.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of dynamic execution of JavaScript which may come from user-input, which can lead to Cross-Site-Scripting (XSS). Where possible avoid including user-input in functions which dynamically execute user-input.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression)\n - [https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval#never_use_eval!](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval#never_use_eval!)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "ruby.rails.security.audit.xss.templates.var-in-href.var-in-href",
+              "name": "ruby.rails.security.audit.xss.templates.var-in-href.var-in-href",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.var-in-href.var-in-href"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/XSS/xss_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link =>'. You may also consider setting the Content Security Policy (CSP) header."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.var-in-href.var-in-href",
+              "help": {
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link =>'. You may also consider setting the Content Security Policy (CSP) header.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link =>'. You may also consider setting the Content Security Policy (CSP) header.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.var-in-href.var-in-href)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI)\n - [https://github.com/pugjs/pug/issues/2952](https://github.com/pugjs/pug/issues/2952)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.aws.security.aws-cloudtrail-encrypted-with-cmk.aws-cloudtrail-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-cloudtrail-encrypted-with-cmk.aws-cloudtrail-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-cloudtrail-encrypted-with-cmk.aws-cloudtrail-encrypted-with-cmk"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure.html:1:\n `{% extends 'introduction/base.html' %} {% block content %} {% block title %}` was unexpected"
+              "full_description": {
+                "text": "Ensure CloudTrail logs are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-cloudtrail-encrypted-with-cmk.aws-cloudtrail-encrypted-with-cmk",
+              "help": {
+                "text": "Ensure CloudTrail logs are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure CloudTrail logs are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-cloudtrail-encrypted-with-cmk.aws-cloudtrail-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.flask.security.injection.nan-injection.nan-injection",
+              "name": "python.flask.security.injection.nan-injection.nan-injection",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.injection.nan-injection.nan-injection"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/AUTH/auth_lab_signup.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.injection.nan-injection.nan-injection",
+              "help": {
+                "text": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.nan-injection.nan-injection)\n - [https://discuss.python.org/t/nan-breaks-min-max-and-sorting-functions-a-solution/2868](https://discuss.python.org/t/nan-breaks-min-max-and-sorting-functions-a-solution/2868)\n - [https://blog.bitdiscovery.com/2021/12/python-nan-injection/](https://blog.bitdiscovery.com/2021/12/python-nan-injection/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-704: Incorrect Type Conversion or Cast",
+                  "MEDIUM CONFIDENCE",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.lang.security.audit.sqli.asyncpg-sqli.asyncpg-sqli",
+              "name": "python.lang.security.audit.sqli.asyncpg-sqli.asyncpg-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.sqli.asyncpg-sqli.asyncpg-sqli"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/A9/a9_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a asyncpg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.fetch(\"SELECT $1 FROM table\", value)'. You can also create prepared statements with 'Connection.prepare': 'stmt = conn.prepare(\"SELECT $1 FROM table\"); await stmt.fetch(user_value)'"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/A10/a10_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/BrokenAccess/ba_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.sqli.asyncpg-sqli.asyncpg-sqli",
+              "help": {
+                "text": "Detected string concatenation with a non-literal variable in a asyncpg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.fetch(\"SELECT $1 FROM table\", value)'. You can also create prepared statements with 'Connection.prepare': 'stmt = conn.prepare(\"SELECT $1 FROM table\"); await stmt.fetch(user_value)'\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a asyncpg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.fetch(\"SELECT $1 FROM table\", value)'. You can also create prepared statements with 'Connection.prepare': 'stmt = conn.prepare(\"SELECT $1 FROM table\"); await stmt.fetch(user_value)'\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.sqli.asyncpg-sqli.asyncpg-sqli)\n - [https://github.com/MagicStack/asyncpg](https://github.com/MagicStack/asyncpg)\n - [https://magicstack.github.io/asyncpg/current/](https://magicstack.github.io/asyncpg/current/)\n"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_lab_25.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "ruby.lang.security.md5-used-as-password.md5-used-as-password",
+              "name": "ruby.lang.security.md5-used-as-password.md5-used-as-password",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.md5-used-as-password.md5-used-as-password"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_top9.html:1:\n `{% extends \"introduction/base.html\" %} \n{% load static %} \n{% block content %} \n{%block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "full_description": {
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Instead, use a suitable password hashing function such as bcrypt. You can use the `bcrypt` gem."
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_top8.html:1:\n `{% extends \"introduction/base.html\" %} \n{% load static %} \n{% block content %} \n{% block title %}` was unexpected"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.md5-used-as-password.md5-used-as-password",
+              "help": {
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Instead, use a suitable password hashing function such as bcrypt. You can use the `bcrypt` gem.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Instead, use a suitable password hashing function such as bcrypt. You can use the `bcrypt` gem.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html](https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html)\n - [https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "go.lang.security.audit.dangerous-exec-command.dangerous-exec-command",
+              "name": "go.lang.security.audit.dangerous-exec-command.dangerous-exec-command",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.dangerous-exec-command.dangerous-exec-command"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/A11/a11_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected non-static command inside Command. Audit the input to 'exec.Command'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.dangerous-exec-command.dangerous-exec-command",
+              "help": {
+                "text": "Detected non-static command inside Command. Audit the input to 'exec.Command'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-static command inside Command. Audit the input to 'exec.Command'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.dangerous-exec-command.dangerous-exec-command)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "kotlin.lang.security.unencrypted-socket.unencrypted-socket",
+              "name": "kotlin.lang.security.unencrypted-socket.unencrypted-socket",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.unencrypted-socket.unencrypted-socket"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/AUTH/auth_home.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "This socket is not encrypted. The traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.unencrypted-socket.unencrypted-socket",
+              "help": {
+                "text": "This socket is not encrypted. The traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This socket is not encrypted. The traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.unencrypted-socket.unencrypted-socket)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "java.lang.security.audit.xxe.saxparserfactory-disallow-doctype-decl-missing.saxparserfactory-disallow-doctype-decl-missing",
+              "name": "java.lang.security.audit.xxe.saxparserfactory-disallow-doctype-decl-missing.saxparserfactory-disallow-doctype-decl-missing",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.xxe.saxparserfactory-disallow-doctype-decl-missing.saxparserfactory-disallow-doctype-decl-missing"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_top21.html:1:\n `{% extends \"introduction/base.html\" %}\n {% load static %} \n {% block content %} \n {% block title %}` was unexpected"
+              "full_description": {
+                "text": "DOCTYPE declarations are enabled for this SAXParserFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature `http://apache.org/xml/features/disallow-doctype-decl` to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features `http://xml.org/sax/features/external-general-entities` and `http://xml.org/sax/features/external-parameter-entities` to false. NOTE - The previous links are not meant to be clicked. They are the literal config key values that are supposed to be used to disable these features. For more information, see https://semgrep.dev/docs/cheat-sheets/java-xxe/#3a-documentbuilderfactory."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.xxe.saxparserfactory-disallow-doctype-decl-missing.saxparserfactory-disallow-doctype-decl-missing",
+              "help": {
+                "text": "DOCTYPE declarations are enabled for this SAXParserFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature `http://apache.org/xml/features/disallow-doctype-decl` to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features `http://xml.org/sax/features/external-general-entities` and `http://xml.org/sax/features/external-parameter-entities` to false. NOTE - The previous links are not meant to be clicked. They are the literal config key values that are supposed to be used to disable these features. For more information, see https://semgrep.dev/docs/cheat-sheets/java-xxe/#3a-documentbuilderfactory.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "DOCTYPE declarations are enabled for this SAXParserFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature `http://apache.org/xml/features/disallow-doctype-decl` to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features `http://xml.org/sax/features/external-general-entities` and `http://xml.org/sax/features/external-parameter-entities` to false. NOTE - The previous links are not meant to be clicked. They are the literal config key values that are supposed to be used to disable these features. For more information, see https://semgrep.dev/docs/cheat-sheets/java-xxe/#3a-documentbuilderfactory.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.saxparserfactory-disallow-doctype-decl-missing.saxparserfactory-disallow-doctype-decl-missing)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n - [https://xerces.apache.org/xerces2-j/features.html](https://xerces.apache.org/xerces2-j/features.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "go.lang.security.bad_tmp.bad-tmp-file-creation",
+              "name": "go.lang.security.bad_tmp.bad-tmp-file-creation",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.bad_tmp.bad-tmp-file-creation"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/playground/A7/index.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "File creation in shared tmp directory without using ioutil.Tempfile"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.bad_tmp.bad-tmp-file-creation",
+              "help": {
+                "text": "File creation in shared tmp directory without using ioutil.Tempfile\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "File creation in shared tmp directory without using ioutil.Tempfile\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.bad_tmp.bad-tmp-file-creation)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-377: Insecure Temporary File",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.lang.security.eks-public-endpoint-enabled.eks-public-endpoint-enabled",
+              "name": "terraform.lang.security.eks-public-endpoint-enabled.eks-public-endpoint-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.eks-public-endpoint-enabled.eks-public-endpoint-enabled"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/A10/a10_lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "The vpc_config resource inside the eks cluster has not explicitly disabled public endpoint access"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.eks-public-endpoint-enabled.eks-public-endpoint-enabled",
+              "help": {
+                "text": "The vpc_config resource inside the eks cluster has not explicitly disabled public endpoint access\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The vpc_config resource inside the eks cluster has not explicitly disabled public endpoint access\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.eks-public-endpoint-enabled.eks-public-endpoint-enabled)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.aws.security.aws-ebs-unencrypted.aws-ebs-unencrypted",
+              "name": "terraform.aws.security.aws-ebs-unencrypted.aws-ebs-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-ebs-unencrypted.aws-ebs-unencrypted"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A7_auth_failure/lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "The AWS EBS is unencrypted. The AWS EBS encryption protects data in the EBS."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-ebs-unencrypted.aws-ebs-unencrypted",
+              "help": {
+                "text": "The AWS EBS is unencrypted. The AWS EBS encryption protects data in the EBS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS EBS is unencrypted. The AWS EBS encryption protects data in the EBS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ebs-unencrypted.aws-ebs-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.aws.security.aws-lambda-permission-unrestricted-source-arn.aws-lambda-permission-unrestricted-source-arn",
+              "name": "terraform.aws.security.aws-lambda-permission-unrestricted-source-arn.aws-lambda-permission-unrestricted-source-arn",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-lambda-permission-unrestricted-source-arn.aws-lambda-permission-unrestricted-source-arn"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_top3.html:1:\n `{% extends \"introduction/base.html\" %} \n{% load static %} \n{% block content %} \n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "The AWS Lambda permission has an AWS service principal but does not specify a source ARN. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function. Set the source_arn value to the ARN of the AWS resource that invokes the function, eg. an S3 bucket, CloudWatch Events Rule, API Gateway, or SNS topic."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-lambda-permission-unrestricted-source-arn.aws-lambda-permission-unrestricted-source-arn",
+              "help": {
+                "text": "The AWS Lambda permission has an AWS service principal but does not specify a source ARN. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function. Set the source_arn value to the ARN of the AWS resource that invokes the function, eg. an S3 bucket, CloudWatch Events Rule, API Gateway, or SNS topic.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS Lambda permission has an AWS service principal but does not specify a source ARN. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function. Set the source_arn value to the ARN of the AWS resource that invokes the function, eg. an S3 bucket, CloudWatch Events Rule, API Gateway, or SNS topic.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-lambda-permission-unrestricted-source-arn.aws-lambda-permission-unrestricted-source-arn)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission)\n - [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.aws.security.aws-codebuild-project-unencrypted.aws-codebuild-project-unencrypted",
+              "name": "terraform.aws.security.aws-codebuild-project-unencrypted.aws-codebuild-project-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-codebuild-project-unencrypted.aws-codebuild-project-unencrypted"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A3_Injection/injection.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "The AWS CodeBuild Project is unencrypted. The AWS KMS encryption key protects projects in the CodeBuild. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-codebuild-project-unencrypted.aws-codebuild-project-unencrypted",
+              "help": {
+                "text": "The AWS CodeBuild Project is unencrypted. The AWS KMS encryption key protects projects in the CodeBuild. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS CodeBuild Project is unencrypted. The AWS KMS encryption key protects projects in the CodeBuild. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-codebuild-project-unencrypted.aws-codebuild-project-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.angular.security.detect-angular-element-methods.detect-angular-element-methods",
+              "name": "javascript.angular.security.detect-angular-element-methods.detect-angular-element-methods",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-element-methods.detect-angular-element-methods"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/ssrf/ssrf_discussion.html:1:\n `{% extends 'introduction/base.html' %} {% block content %} {% block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "full_description": {
+                "text": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize."
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_3.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-element-methods.detect-angular-element-methods",
+              "help": {
+                "text": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-element-methods.detect-angular-element-methods)\n - [https://docs.angularjs.org/api/ng/function/angular.element](https://docs.angularjs.org/api/ng/function/angular.element)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.playwright.security.audit.playwright-exposed-chrome-devtools.playwright-exposed-chrome-devtools",
+              "name": "javascript.playwright.security.audit.playwright-exposed-chrome-devtools.playwright-exposed-chrome-devtools",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-exposed-chrome-devtools.playwright-exposed-chrome-devtools"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-exposed-chrome-devtools.playwright-exposed-chrome-devtools",
+              "help": {
+                "text": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-exposed-chrome-devtools.playwright-exposed-chrome-devtools)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.aws.security.aws-kms-key-wildcard-principal.aws-kms-key-wildcard-principal",
+              "name": "terraform.aws.security.aws-kms-key-wildcard-principal.aws-kms-key-wildcard-principal",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-kms-key-wildcard-principal.aws-kms-key-wildcard-principal"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/BrokenAuth/bau.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected wildcard access granted in your KMS key. This means anyone with this policy can perform administrative actions over the keys. Instead, limit principals, actions and resources to what you need according to least privilege."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-kms-key-wildcard-principal.aws-kms-key-wildcard-principal",
+              "help": {
+                "text": "Detected wildcard access granted in your KMS key. This means anyone with this policy can perform administrative actions over the keys. Instead, limit principals, actions and resources to what you need according to least privilege.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected wildcard access granted in your KMS key. This means anyone with this policy can perform administrative actions over the keys. Instead, limit principals, actions and resources to what you need according to least privilege.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-kms-key-wildcard-principal.aws-kms-key-wildcard-principal)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.sax.security.audit.sax-xxe.sax-xxe",
+              "name": "javascript.sax.security.audit.sax-xxe.sax-xxe",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.sax.security.audit.sax-xxe.sax-xxe"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_top2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Use of 'ondoctype' in 'sax' library detected. By default, 'sax' won't do anything with custom DTD entity definitions. If you're implementing a custom DTD entity definition, be sure not to introduce XML External Entity (XXE) vulnerabilities, or be absolutely sure that external entities received from a trusted source while processing XML."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.sax.security.audit.sax-xxe.sax-xxe",
+              "help": {
+                "text": "Use of 'ondoctype' in 'sax' library detected. By default, 'sax' won't do anything with custom DTD entity definitions. If you're implementing a custom DTD entity definition, be sure not to introduce XML External Entity (XXE) vulnerabilities, or be absolutely sure that external entities received from a trusted source while processing XML.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use of 'ondoctype' in 'sax' library detected. By default, 'sax' won't do anything with custom DTD entity definitions. If you're implementing a custom DTD entity definition, be sure not to introduce XML External Entity (XXE) vulnerabilities, or be absolutely sure that external entities received from a trusted source while processing XML.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sax.security.audit.sax-xxe.sax-xxe)\n - [https://github.com/Leonidas-from-XIV/node-xml2js/issues/415](https://github.com/Leonidas-from-XIV/node-xml2js/issues/415)\n - [https://github.com/isaacs/sax-js](https://github.com/isaacs/sax-js)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "c.lang.security.insecure-use-gets-fn.insecure-use-gets-fn",
+              "name": "c.lang.security.insecure-use-gets-fn.insecure-use-gets-fn",
+              "short_description": {
+                "text": "Semgrep Finding: c.lang.security.insecure-use-gets-fn.insecure-use-gets-fn"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Avoid 'gets()'. This function does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' or 'gets_s()' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/c.lang.security.insecure-use-gets-fn.insecure-use-gets-fn",
+              "help": {
+                "text": "Avoid 'gets()'. This function does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' or 'gets_s()' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid 'gets()'. This function does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' or 'gets_s()' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/c.lang.security.insecure-use-gets-fn.insecure-use-gets-fn)\n - [https://us-cert.cisa.gov/bsi/articles/knowledge/coding-practices/fgets-and-gets_s](https://us-cert.cisa.gov/bsi/articles/knowledge/coding-practices/fgets-and-gets_s)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-676: Use of Potentially Dangerous Function",
+                  "MEDIUM CONFIDENCE",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.pyramid.security.sqlalchemy-sql-injection.pyramid-sqlalchemy-sql-injection",
+              "name": "python.pyramid.security.sqlalchemy-sql-injection.pyramid-sqlalchemy-sql-injection",
+              "short_description": {
+                "text": "Semgrep Finding: python.pyramid.security.sqlalchemy-sql-injection.pyramid-sqlalchemy-sql-injection"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/XSS/xss.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}` was unexpected"
+              "full_description": {
+                "text": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.pyramid.security.sqlalchemy-sql-injection.pyramid-sqlalchemy-sql-injection",
+              "help": {
+                "text": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pyramid.security.sqlalchemy-sql-injection.pyramid-sqlalchemy-sql-injection)\n - [https://docs.sqlalchemy.org/en/14/tutorial/data_select.html#tutorial-selecting-data](https://docs.sqlalchemy.org/en/14/tutorial/data_select.html#tutorial-selecting-data)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "scala.lang.security.audit.scala-dangerous-process-run.scala-dangerous-process-run",
+              "name": "scala.lang.security.audit.scala-dangerous-process-run.scala-dangerous-process-run",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.scala-dangerous-process-run.scala-dangerous-process-run"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/DataExp/data_exp_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Use `Seq(...)` for dynamically generated commands."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.scala-dangerous-process-run.scala-dangerous-process-run",
+              "help": {
+                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Use `Seq(...)` for dynamically generated commands.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Use `Seq(...)` for dynamically generated commands.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.scala-dangerous-process-run.scala-dangerous-process-run)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.azure.security.keyvault.keyvault-purge-enabled.keyvault-purge-enabled",
+              "name": "terraform.azure.security.keyvault.keyvault-purge-enabled.keyvault-purge-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.keyvault.keyvault-purge-enabled.keyvault-purge-enabled"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/BrokenAccess/ba.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Key vault should have purge protection enabled"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-purge-enabled.keyvault-purge-enabled",
+              "help": {
+                "text": "Key vault should have purge protection enabled\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Key vault should have purge protection enabled\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-purge-enabled.keyvault-purge-enabled)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault#purge_protection_enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault#purge_protection_enabled)\n - [https://docs.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview#purge-protection](https://docs.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview#purge-protection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-693: Protection Mechanism Failure",
+                  "MEDIUM CONFIDENCE",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec",
+              "name": "terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/SQL/sql.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Provisioners are a tool of last resort and should be avoided where possible. Provisioner behavior cannot be mapped by Terraform as part of a plan, and execute arbitrary shell commands by design."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec",
+              "help": {
+                "text": "Provisioners are a tool of last resort and should be avoided where possible. Provisioner behavior cannot be mapped by Terraform as part of a plan, and execute arbitrary shell commands by design.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Provisioners are a tool of last resort and should be avoided where possible. Provisioner behavior cannot be mapped by Terraform as part of a plan, and execute arbitrary shell commands by design.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec)\n - [https://developer.hashicorp.com/terraform/language/resources/provisioners/remote-exec](https://developer.hashicorp.com/terraform/language/resources/provisioners/remote-exec)\n - [https://developer.hashicorp.com/terraform/language/resources/provisioners/local-exec](https://developer.hashicorp.com/terraform/language/resources/provisioners/local-exec)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "kotlin.lang.security.use-of-sha1.use-of-sha1",
+              "name": "kotlin.lang.security.use-of-sha1.use-of-sha1",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.use-of-sha1.use-of-sha1"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/ssrf/ssrf_lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.use-of-sha1.use-of-sha1",
+              "help": {
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.use-of-sha1.use-of-sha1)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "scala.play.security.tainted-html-response.tainted-html-response",
+              "name": "scala.play.security.tainted-html-response.tainted-html-response",
+              "short_description": {
+                "text": "Semgrep Finding: scala.play.security.tainted-html-response.tainted-html-response"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/sec_mis/sec_mis_lab3.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected a request with potential user-input going into an `Ok()` response. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as Twirl which automatically escapes HTML views."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/scala.play.security.tainted-html-response.tainted-html-response",
+              "help": {
+                "text": "Detected a request with potential user-input going into an `Ok()` response. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as Twirl which automatically escapes HTML views.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a request with potential user-input going into an `Ok()` response. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as Twirl which automatically escapes HTML views.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.play.security.tainted-html-response.tainted-html-response)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.express.security.audit.express-jwt-not-revoked.express-jwt-not-revoked",
+              "name": "javascript.express.security.audit.express-jwt-not-revoked.express-jwt-not-revoked",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-jwt-not-revoked.express-jwt-not-revoked"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_top25.html:1:\n `{% extends \"introduction/base.html\" %} \n{% load static %} \n{% block content %}\n{%block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "full_description": {
+                "text": "No token revoking configured for `express-jwt`. A leaked token could still be used and unable to be revoked. Consider using function as the `isRevoked` option."
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A3_Injection/ssti.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
-              }
-            },
-            {
-              "descriptor": {
-                "id": "Syntax error"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_lab_17.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-jwt-not-revoked.express-jwt-not-revoked",
+              "help": {
+                "text": "No token revoking configured for `express-jwt`. A leaked token could still be used and unable to be revoked. Consider using function as the `isRevoked` option.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "No token revoking configured for `express-jwt`. A leaked token could still be used and unable to be revoked. Consider using function as the `isRevoked` option.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-jwt-not-revoked.express-jwt-not-revoked)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "java.lang.security.audit.ognl-injection.ognl-injection",
+              "name": "java.lang.security.audit.ognl-injection.ognl-injection",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.ognl-injection.ognl-injection"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/ssrf/ssrf_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.ognl-injection.ognl-injection",
+              "help": {
+                "text": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.ognl-injection.ognl-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.lang.security.iam.no-iam-admin-privileges.no-iam-admin-privileges",
+              "name": "terraform.lang.security.iam.no-iam-admin-privileges.no-iam-admin-privileges",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-admin-privileges.no-iam-admin-privileges"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/sec_mis/sec_mis.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "IAM policies that allow full \"*-*\" admin privileges violates the principle of least privilege. This allows an attacker to take full control over all AWS account resources. Instead, give each user more fine-grained control with only the privileges they need. $TYPE"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-admin-privileges.no-iam-admin-privileges",
+              "help": {
+                "text": "IAM policies that allow full \"*-*\" admin privileges violates the principle of least privilege. This allows an attacker to take full control over all AWS account resources. Instead, give each user more fine-grained control with only the privileges they need. $TYPE\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "IAM policies that allow full \"*-*\" admin privileges violates the principle of least privilege. This allows an attacker to take full control over all AWS account resources. Instead, give each user more fine-grained control with only the privileges they need. $TYPE\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-admin-privileges.no-iam-admin-privileges)\n - [https://github.com/bridgecrewio/checkov/blob/master/checkov/terraform/checks/data/aws/AdminPolicyDocument.py](https://github.com/bridgecrewio/checkov/blob/master/checkov/terraform/checks/data/aws/AdminPolicyDocument.py)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-269: Improper Privilege Management",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve-ftp.insecure-urlopener-retrieve-ftp",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve-ftp.insecure-urlopener-retrieve-ftp",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve-ftp.insecure-urlopener-retrieve-ftp"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_top4.html:1:\n `{% extends \"introduction/base.html\" %} {% load static %} {% block content %} \n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected an insecure transmission channel. 'URLopener.retrieve(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve-ftp.insecure-urlopener-retrieve-ftp",
+              "help": {
+                "text": "Detected an insecure transmission channel. 'URLopener.retrieve(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an insecure transmission channel. 'URLopener.retrieve(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve-ftp.insecure-urlopener-retrieve-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.retrieve](https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.retrieve)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "javascript.angular.security.detect-angular-trust-as-resourceurl-method.detect-angular-trust-as-resourceurl-method",
+              "name": "javascript.angular.security.detect-angular-trust-as-resourceurl-method.detect-angular-trust-as-resourceurl-method",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-resourceurl-method.detect-angular-trust-as-resourceurl-method"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/AUTH/auth_success.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "The use of $sce.trustAsResourceUrl can be dangerous if unsanitized user input flows through this API."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-resourceurl-method.detect-angular-trust-as-resourceurl-method",
+              "help": {
+                "text": "The use of $sce.trustAsResourceUrl can be dangerous if unsanitized user input flows through this API.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The use of $sce.trustAsResourceUrl can be dangerous if unsanitized user input flows through this API.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-resourceurl-method.detect-angular-trust-as-resourceurl-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsResourceUrl](https://docs.angularjs.org/api/ng/service/$sce#trustAsResourceUrl)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.django.security.audit.unvalidated-password.unvalidated-password",
+              "name": "python.django.security.audit.unvalidated-password.unvalidated-password",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.unvalidated-password.unvalidated-password"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/AUTH/auth_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "The password on '$MODEL' is being set without validating the password. Call django.contrib.auth.password_validation.validate_password() with validation functions before setting the password. See https://docs.djangoproject.com/en/3.0/topics/auth/passwords/ for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.unvalidated-password.unvalidated-password",
+              "help": {
+                "text": "The password on '$MODEL' is being set without validating the password. Call django.contrib.auth.password_validation.validate_password() with validation functions before setting the password. See https://docs.djangoproject.com/en/3.0/topics/auth/passwords/ for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The password on '$MODEL' is being set without validating the password. Call django.contrib.auth.password_validation.validate_password() with validation functions before setting the password. See https://docs.djangoproject.com/en/3.0/topics/auth/passwords/ for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.unvalidated-password.unvalidated-password)\n - [https://docs.djangoproject.com/en/3.0/topics/auth/passwords/#module-django.contrib.auth.password_validation](https://docs.djangoproject.com/en/3.0/topics/auth/passwords/#module-django.contrib.auth.password_validation)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-521: Weak Password Requirements",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup",
+              "name": "python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/registration/register.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %} \n\n{% load crispy_forms_tags %}` was unexpected"
+              "full_description": {
+                "text": "Detected explicitly unescaped content using 'Markup()'. This permits the unescaped data to include unescaped HTML which could result in cross-site scripting. Ensure this data is not externally controlled, or consider rewriting to not use 'Markup()'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup",
+              "help": {
+                "text": "Detected explicitly unescaped content using 'Markup()'. This permits the unescaped data to include unescaped HTML which could result in cross-site scripting. Ensure this data is not externally controlled, or consider rewriting to not use 'Markup()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected explicitly unescaped content using 'Markup()'. This permits the unescaped data to include unescaped HTML which could result in cross-site scripting. Ensure this data is not externally controlled, or consider rewriting to not use 'Markup()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup)\n - [https://tedboy.github.io/flask/generated/generated/flask.Markup.html](https://tedboy.github.io/flask/generated/generated/flask.Markup.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.lang.compatibility.python37.python37-compatibility-os2-ok2",
+              "name": "python.lang.compatibility.python37.python37-compatibility-os2-ok2",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-os2-ok2"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/CMD/cmd_lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "os.pwritev() is only available on Python 3.3+ and is therefore not backwards compatible. Instead, use a combination of pwrite() and writev()."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-os2-ok2",
+              "help": {
+                "text": "os.pwritev() is only available on Python 3.3+ and is therefore not backwards compatible. Instead, use a combination of pwrite() and writev().\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "os.pwritev() is only available on Python 3.3+ and is therefore not backwards compatible. Instead, use a combination of pwrite() and writev().\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-os2-ok2)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": []
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "go.jwt-go.security.audit.jwt-parse-unverified.jwt-go-parse-unverified",
+              "name": "go.jwt-go.security.audit.jwt-parse-unverified.jwt-go-parse-unverified",
+              "short_description": {
+                "text": "Semgrep Finding: go.jwt-go.security.audit.jwt-parse-unverified.jwt-go-parse-unverified"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/BrokenAuth/bau_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected the decoding of a JWT token without a verify step. Don't use `ParseUnverified` unless you know what you're doing This method parses the token but doesn't validate the signature. It's only ever useful in cases where you know the signature is valid (because it has been checked previously in the stack) and you want to extract values from it."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.jwt-go.security.audit.jwt-parse-unverified.jwt-go-parse-unverified",
+              "help": {
+                "text": "Detected the decoding of a JWT token without a verify step. Don't use `ParseUnverified` unless you know what you're doing This method parses the token but doesn't validate the signature. It's only ever useful in cases where you know the signature is valid (because it has been checked previously in the stack) and you want to extract values from it.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the decoding of a JWT token without a verify step. Don't use `ParseUnverified` unless you know what you're doing This method parses the token but doesn't validate the signature. It's only ever useful in cases where you know the signature is valid (because it has been checked previously in the stack) and you want to extract values from it.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.jwt-go.security.audit.jwt-parse-unverified.jwt-go-parse-unverified)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-345: Insufficient Verification of Data Authenticity",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open.insecure-openerdirector-open",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open.insecure-openerdirector-open",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open.insecure-openerdirector-open"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open.insecure-openerdirector-open",
+              "help": {
+                "text": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open.insecure-openerdirector-open)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.OpenerDirector.open](https://docs.python.org/3/library/urllib.request.html#urllib.request.OpenerDirector.open)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "scala.lang.security.audit.insecure-random.insecure-random",
+              "name": "scala.lang.security.audit.insecure-random.insecure-random",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.insecure-random.insecure-random"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/SQL/sql_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Flags the use of a predictable random value from `scala.util.Random`. This can lead to vulnerabilities when used in security contexts, such as in a CSRF token, password reset token, or any other secret value. To fix this, use java.security.SecureRandom instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.insecure-random.insecure-random",
+              "help": {
+                "text": "Flags the use of a predictable random value from `scala.util.Random`. This can lead to vulnerabilities when used in security contexts, such as in a CSRF token, password reset token, or any other secret value. To fix this, use java.security.SecureRandom instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Flags the use of a predictable random value from `scala.util.Random`. This can lead to vulnerabilities when used in security contexts, such as in a CSRF token, password reset token, or any other secret value. To fix this, use java.security.SecureRandom instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.insecure-random.insecure-random)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-330: Use of Insufficiently Random Values",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "scala.play.security.tainted-slick-sqli.tainted-slick-sqli",
+              "name": "scala.play.security.tainted-slick-sqli.tainted-slick-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: scala.play.security.tainted-slick-sqli.tainted-slick-sqli"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected a tainted SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using using user input for generating SQL strings."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/scala.play.security.tainted-slick-sqli.tainted-slick-sqli",
+              "help": {
+                "text": "Detected a tainted SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using using user input for generating SQL strings.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a tainted SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using using user input for generating SQL strings.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.play.security.tainted-slick-sqli.tainted-slick-sqli)\n - [https://scala-slick.org/doc/3.3.3/sql.html#splicing-literal-values](https://scala-slick.org/doc/3.3.3/sql.html#splicing-literal-values)\n - [https://scala-slick.org/doc/3.2.0/sql-to-slick.html#non-optimal-sql-code](https://scala-slick.org/doc/3.2.0/sql-to-slick.html#non-optimal-sql-code)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "ocaml.lang.compatibility.deprecated.deprecated-pervasives",
+              "name": "ocaml.lang.compatibility.deprecated.deprecated-pervasives",
+              "short_description": {
+                "text": "Semgrep Finding: ocaml.lang.compatibility.deprecated.deprecated-pervasives"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A3_Injection/sql_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Pervasives is deprecated and will not be available after 4.10. Use Stdlib."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/ocaml.lang.compatibility.deprecated.deprecated-pervasives",
+              "help": {
+                "text": "Pervasives is deprecated and will not be available after 4.10. Use Stdlib.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Pervasives is deprecated and will not be available after 4.10. Use Stdlib.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.compatibility.deprecated.deprecated-pervasives)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": []
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.lang.security.audit.md5-used-as-password.md5-used-as-password",
+              "name": "python.lang.security.audit.md5-used-as-password.md5-used-as-password",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.md5-used-as-password.md5-used-as-password"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/registration/login.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% load crispy_forms_tags %}\n{% load socialaccount %}` was unexpected"
+              "full_description": {
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as scrypt. You can use `hashlib.scrypt`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.md5-used-as-password.md5-used-as-password",
+              "help": {
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as scrypt. You can use `hashlib.scrypt`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as scrypt. You can use `hashlib.scrypt`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/html/rfc6151](https://tools.ietf.org/html/rfc6151)\n - [https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision](https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n - [https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n - [https://docs.python.org/3/library/hashlib.html#hashlib.scrypt](https://docs.python.org/3/library/hashlib.html#hashlib.scrypt)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests",
+              "name": "python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab3.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request. See https://owasp.org/www-community/attacks/Server_Side_Request_Forgery to learn more about SSRF vulnerabilities."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests",
+              "help": {
+                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request. See https://owasp.org/www-community/attacks/Server_Side_Request_Forgery to learn more about SSRF vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request. See https://owasp.org/www-community/attacks/Server_Side_Request_Forgery to learn more about SSRF vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests)\n - [https://owasp.org/www-community/attacks/Server_Side_Request_Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.azure.security.storage.storage-use-secure-tls-policy.storage-use-secure-tls-policy",
+              "name": "terraform.azure.security.storage.storage-use-secure-tls-policy.storage-use-secure-tls-policy",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.storage.storage-use-secure-tls-policy.storage-use-secure-tls-policy"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/XSS/xss_lab_2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Azure Storage currently supports three versions of the TLS protocol: 1.0, 1.1, and 1.2. Azure Storage uses TLS 1.2 on public HTTPS endpoints, but TLS 1.0 and TLS 1.1 are still supported for backward compatibility. This check will warn if the minimum TLS is not set to TLS1_2."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.storage.storage-use-secure-tls-policy.storage-use-secure-tls-policy",
+              "help": {
+                "text": "Azure Storage currently supports three versions of the TLS protocol: 1.0, 1.1, and 1.2. Azure Storage uses TLS 1.2 on public HTTPS endpoints, but TLS 1.0 and TLS 1.1 are still supported for backward compatibility. This check will warn if the minimum TLS is not set to TLS1_2.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Azure Storage currently supports three versions of the TLS protocol: 1.0, 1.1, and 1.2. Azure Storage uses TLS 1.2 on public HTTPS endpoints, but TLS 1.0 and TLS 1.1 are still supported for backward compatibility. This check will warn if the minimum TLS is not set to TLS1_2.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.storage.storage-use-secure-tls-policy.storage-use-secure-tls-policy)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#min_tls_version](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#min_tls_version)\n - [https://docs.microsoft.com/en-us/azure/storage/common/transport-layer-security-configure-minimum-version](https://docs.microsoft.com/en-us/azure/storage/common/transport-layer-security-configure-minimum-version)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-326: Inadequate Encryption Strength",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.jwt.security.jwt-none-alg.jwt-python-none-alg",
+              "name": "python.jwt.security.jwt-none-alg.jwt-python-none-alg",
+              "short_description": {
+                "text": "Semgrep Finding: python.jwt.security.jwt-none-alg.jwt-python-none-alg"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/insec_des/insec_des.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.jwt.security.jwt-none-alg.jwt-python-none-alg",
+              "help": {
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.jwt.security.jwt-none-alg.jwt-python-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "python.fastapi.security.wildcard-cors.wildcard-cors",
+              "name": "python.fastapi.security.wildcard-cors.wildcard-cors",
+              "short_description": {
+                "text": "Semgrep Finding: python.fastapi.security.wildcard-cors.wildcard-cors"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_top6.html:1:\n `{% extends \"introduction/base.html\" %} \n{% load static %} \n{% block content %} \n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "CORS policy allows any origin (using wildcard '*'). This is insecure and should be avoided."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.fastapi.security.wildcard-cors.wildcard-cors",
+              "help": {
+                "text": "CORS policy allows any origin (using wildcard '*'). This is insecure and should be avoided.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "CORS policy allows any origin (using wildcard '*'). This is insecure and should be avoided.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.fastapi.security.wildcard-cors.wildcard-cors)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n - [https://cwe.mitre.org/data/definitions/942.html](https://cwe.mitre.org/data/definitions/942.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-942: Permissive Cross-domain Policy with Untrusted Domains",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "generic.secrets.security.detected-snyk-api-key.detected-snyk-api-key",
+              "name": "generic.secrets.security.detected-snyk-api-key.detected-snyk-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-snyk-api-key.detected-snyk-api-key"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/mitre/mitre_top14.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              "full_description": {
+                "text": "Snyk API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-snyk-api-key.detected-snyk-api-key",
+              "help": {
+                "text": "Snyk API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Snyk API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-snyk-api-key.detected-snyk-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "security"
+                ]
               }
             },
             {
-              "descriptor": {
-                "id": "Syntax error"
+              "id": "terraform.lang.security.iam.no-iam-priv-esc-funcs.no-iam-priv-esc-funcs",
+              "name": "terraform.lang.security.iam.no-iam-priv-esc-funcs.no-iam-priv-esc-funcs",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-priv-esc-funcs.no-iam-priv-esc-funcs"
               },
-              "level": "warning",
-              "message": {
-                "text": "Syntax error at line introduction/templates/Lab/insec_des/insec_des_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
-              }
-            }
-          ]
-        }
-      ],
-      "results": [
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "0b3b792daab2dc62fd32d3312b5f93adeaaf3cc56f473f8ee518dbf61d96ade648a3e2d21315c12e5e60c401facd36ad19f9c2d5785bd72732b6b486aa7254be_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "docker-compose.yml",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 5,
-                  "endLine": 4,
-                  "snippet": {
-                    "text": "  db:"
-                  },
-                  "startColumn": 3,
-                  "startLine": 4
-                }
+              "full_description": {
+                "text": "Ensure that actions that can result in privilege escalation are not used. These actions could potentially result in an attacker gaining full administrator access of an AWS account. Try not to use these actions."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-funcs.no-iam-priv-esc-funcs",
+              "help": {
+                "text": "Ensure that actions that can result in privilege escalation are not used. These actions could potentially result in an attacker gaining full administrator access of an AWS account. Try not to use these actions.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure that actions that can result in privilege escalation are not used. These actions could potentially result in an attacker gaining full administrator access of an AWS account. Try not to use these actions.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-funcs.no-iam-priv-esc-funcs)\n - [https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/](https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/](https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-250: Execution with Unnecessary Privileges",
+                  "LOW CONFIDENCE",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Service 'db' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this."
-          },
-          "properties": {},
-          "ruleId": "yaml.docker-compose.security.no-new-privileges.no-new-privileges"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "a4c9a5b5da893201bcf0908973bfd478af5ce99508d5c1313c871a7cd96bf620cc2c844d70e6da41d1f6e470eed9006460a3c74048353a89477dec781d9b1505_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "docker-compose.yml",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 5,
-                  "endLine": 4,
-                  "snippet": {
-                    "text": "  db:"
-                  },
-                  "startColumn": 3,
-                  "startLine": 4
-                }
+              "id": "solidity.security.balancer-readonly-reentrancy-getrate.balancer-readonly-reentrancy-getrate",
+              "name": "solidity.security.balancer-readonly-reentrancy-getrate.balancer-readonly-reentrancy-getrate",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.balancer-readonly-reentrancy-getrate.balancer-readonly-reentrancy-getrate"
+              },
+              "full_description": {
+                "text": "$VAR.getRate() call on a Balancer pool is not protected from the read-only reentrancy."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/solidity.security.balancer-readonly-reentrancy-getrate.balancer-readonly-reentrancy-getrate",
+              "help": {
+                "text": "$VAR.getRate() call on a Balancer pool is not protected from the read-only reentrancy.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "$VAR.getRate() call on a Balancer pool is not protected from the read-only reentrancy.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.balancer-readonly-reentrancy-getrate.balancer-readonly-reentrancy-getrate)\n - [https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345](https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-841: Improper Enforcement of Behavioral Workflow",
+                  "HIGH CONFIDENCE",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Service 'db' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this."
-          },
-          "properties": {},
-          "ruleId": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "87736b9d8cef31303e2d599e7507f7bb57a34861c06065179e905e836b2b11e3b8602d15a33bdd67ab003bc51353aeff42e128d7b5524e0ccdb4ada621866678_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "docker-compose.yml",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 6,
-                  "endLine": 12,
-                  "snippet": {
-                    "text": "  web:"
-                  },
-                  "startColumn": 3,
-                  "startLine": 12
-                }
+              "id": "terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active",
+              "name": "terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active"
+              },
+              "full_description": {
+                "text": "The AWS Lambda function does not have active X-Ray tracing enabled. X-Ray tracing enables end-to-end debugging and analysis of all function activity. This makes it easier to trace the flow of logs and identify bottlenecks, slow downs and timeouts."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active",
+              "help": {
+                "text": "The AWS Lambda function does not have active X-Ray tracing enabled. X-Ray tracing enables end-to-end debugging and analysis of all function activity. This makes it easier to trace the flow of logs and identify bottlenecks, slow downs and timeouts.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS Lambda function does not have active X-Ray tracing enabled. X-Ray tracing enables end-to-end debugging and analysis of all function activity. This makes it easier to trace the flow of logs and identify bottlenecks, slow downs and timeouts.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active)\n - [https://cwe.mitre.org/data/definitions/778.html](https://cwe.mitre.org/data/definitions/778.html)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#mode](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#mode)\n - [https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-778: Insufficient Logging",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A09:2021 Security Logging and Monitoring Failures",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Service 'web' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this."
-          },
-          "properties": {},
-          "ruleId": "yaml.docker-compose.security.no-new-privileges.no-new-privileges"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "56fce689fc6a4b07a3924c13c3ea6690b223f4fd2486fd71d596bcef142827c266921a13c9b96a0fd52786ca62cb124d6b86b27361e81f6bc9c9b8756921e6e6_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "docker-compose.yml",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 6,
-                  "endLine": 12,
-                  "snippet": {
-                    "text": "  web:"
-                  },
-                  "startColumn": 3,
-                  "startLine": 12
-                }
+              "id": "typescript.nestjs.security.audit.nestjs-header-cors-any.nestjs-header-cors-any",
+              "name": "typescript.nestjs.security.audit.nestjs-header-cors-any.nestjs-header-cors-any",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.nestjs.security.audit.nestjs-header-cors-any.nestjs-header-cors-any"
+              },
+              "full_description": {
+                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-header-cors-any.nestjs-header-cors-any",
+              "help": {
+                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-header-cors-any.nestjs-header-cors-any)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-183: Permissive List of Allowed Inputs",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Service 'web' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this."
-          },
-          "properties": {},
-          "ruleId": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "23591327960ac4a8c9e6e4083739f90aba07d5e0f7cb69bf911ba42873c706a39fcbf591acefe665a018640dee047e1f58eefc5644b91d3969db5542fc9c42bb_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "docker-compose.yml",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 12,
-                  "endLine": 23,
-                  "snippet": {
-                    "text": "  migration:"
-                  },
-                  "startColumn": 3,
-                  "startLine": 23
-                }
+              "id": "typescript.react.security.audit.react-jwt-in-localstorage.react-jwt-in-localstorage",
+              "name": "typescript.react.security.audit.react-jwt-in-localstorage.react-jwt-in-localstorage",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.react.security.audit.react-jwt-in-localstorage.react-jwt-in-localstorage"
+              },
+              "full_description": {
+                "text": "Storing JWT tokens in localStorage known to be a bad practice, consider moving your tokens from localStorage to a HTTP cookie."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
+              },
+              "help_uri": "https://semgrep.dev/r/typescript.react.security.audit.react-jwt-in-localstorage.react-jwt-in-localstorage",
+              "help": {
+                "text": "Storing JWT tokens in localStorage known to be a bad practice, consider moving your tokens from localStorage to a HTTP cookie.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Storing JWT tokens in localStorage known to be a bad practice, consider moving your tokens from localStorage to a HTTP cookie.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.audit.react-jwt-in-localstorage.react-jwt-in-localstorage)\n - [https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-922: Insecure Storage of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Service 'migration' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this."
-          },
-          "properties": {},
-          "ruleId": "yaml.docker-compose.security.no-new-privileges.no-new-privileges"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "983066f423cf6b5efbb7d4170512c6e7f27ec55f30b8b1d9abbaaf973915139eaca485929b450dc8adb04f90f0e65522a18973145462567a04914d940fdf484b_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "docker-compose.yml",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 12,
-                  "endLine": 23,
-                  "snippet": {
-                    "text": "  migration:"
-                  },
-                  "startColumn": 3,
-                  "startLine": 23
-                }
+              "id": "ruby.lang.security.dangerous-open3-pipeline.dangerous-open3-pipeline",
+              "name": "ruby.lang.security.dangerous-open3-pipeline.dangerous-open3-pipeline",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.dangerous-open3-pipeline.dangerous-open3-pipeline"
+              },
+              "full_description": {
+                "text": "Detected non-static command inside $PIPE. Audit the input to '$PIPE'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.dangerous-open3-pipeline.dangerous-open3-pipeline",
+              "help": {
+                "text": "Detected non-static command inside $PIPE. Audit the input to '$PIPE'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-static command inside $PIPE. Audit the input to '$PIPE'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.dangerous-open3-pipeline.dangerous-open3-pipeline)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Service 'migration' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this."
-          },
-          "properties": {},
-          "ruleId": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "2d3b14853f00deaed8ccf36ecba7dcb9ac1f79dd8f9dfed4ce707078e2327b467ecd8b67f9da30d18f24c9dfcd59ec6b374479c7c00c5b11d59bd55591d592f7_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/apis.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 77,
-                  "endLine": 49,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef ssrf_code_checker(request):\n    if request.user.is_authenticated:\n        if request.method == 'POST':\n            python_code = request.POST['python_code']\n            html_code = request.POST['html_code']\n            if not (ssrf_code_converter(python_code)):\n                return JsonResponse({\"status\": \"error\", \"message\": \"Invalid code\"})\n            test_bench1 = ssrf_html_input_extractor(html_code)\n            \n            if (len(test_bench1) >4):\n                return JsonResponse({'message':'too many inputs in Html\\n Try again'},status = 400)\n            test_bench2 = ['secret.txt']\n            correct_output1 = [{\"blog\": \"blog1-passed\"}, {\"blog\": \"blog2-passed\"}, {\"blog\": \"blog3-passed\"}, {\"blog\": \"blog4-passed\"}]\n            outputs = []\n            for inputs in test_bench1:\n                outputs.append(main.ssrf_lab(inputs))\n            if outputs == correct_output1:\n                outputs = []\n            else:\n                return JsonResponse({'message':'Testbench failed, Code is not working\\n Try again'},status = 200)\n\n            correct_output2 = [{\"blog\": \"No blog found\"}]\n            for inputs in test_bench2:\n                outputs.append(main.ssrf_lab(inputs))\n            if outputs == correct_output2:\n                return JsonResponse({'message':'Congratulation, you have written a secure code.', 'passed':1}, status = 200)\n            \n            return JsonResponse({'message':'Test bench passed but the code is not secure'}, status = 200,safe = False)\n        else:\n            return JsonResponse({'message':'method not allowed'},status = 405)\n    else:\n        return JsonResponse({'message':'UnAuthenticated User'},status = 401)"
-                  },
-                  "startColumn": 1,
-                  "startLine": 17
-                }
+              "id": "java.aws-lambda.security.tainted-sqli.tainted-sqli",
+              "name": "java.aws-lambda.security.tainted-sqli.tainted-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: java.aws-lambda.security.tainted-sqli.tainted-sqli"
+              },
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.aws-lambda.security.tainted-sqli.tainted-sqli",
+              "help": {
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.aws-lambda.security.tainted-sqli.tainted-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "8bef469d6d835477cac185d6919da13bee63f0474dea5ad5a7e80ddb846a6bcbcffada06739a0503b965af22f8e3703864693d197c755a56b92285b175120465_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/apis.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 75,
-                  "endLine": 85,
-                  "snippet": {
-                    "text": "@csrf_exempt\n# @authentication_decorator\ndef log_function_checker(request):\n    if request.method == 'POST':\n        csrf_token = request.POST.get(\"csrfmiddlewaretoken\")\n        log_code = request.POST.get('log_code')\n        api_code = request.POST.get('api_code')\n        dirname = os.path.dirname(__file__)\n        log_filename = os.path.join(dirname, \"playground/A9/main.py\")\n        api_filename = os.path.join(dirname, \"playground/A9/api.py\")\n        f = open(log_filename,\"w\")\n        f.write(log_code)\n        f.close()\n        f = open(api_filename,\"w\")\n        f.write(api_code)\n        f.close()\n        # Clearing the log file before starting the test\n        f = open('test.log', 'w')\n        f.write(\"\")\n        f.close()\n        url = \"http://127.0.0.1:8000/2021/discussion/A9/target\"\n        payload={'csrfmiddlewaretoken': csrf_token }\n        requests.request(\"GET\", url)\n        requests.request(\"POST\", url)\n        requests.request(\"PATCH\", url, data=payload)\n        requests.request(\"DELETE\", url)\n        f = open('test.log', 'r')\n        lines = f.readlines()\n        f.close()\n        return JsonResponse({\"message\":\"success\", \"logs\": lines},status = 200)\n    else:\n        return JsonResponse({\"message\":\"method not allowed\"},status = 405)"
-                  },
-                  "startColumn": 1,
-                  "startLine": 54
-                }
+              "id": "java.lang.security.audit.crypto.unencrypted-socket.unencrypted-socket",
+              "name": "java.lang.security.audit.crypto.unencrypted-socket.unencrypted-socket",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.unencrypted-socket.unencrypted-socket"
+              },
+              "full_description": {
+                "text": "Detected use of a Java socket that is not encrypted. As a result, the traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.unencrypted-socket.unencrypted-socket",
+              "help": {
+                "text": "Detected use of a Java socket that is not encrypted. As a result, the traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of a Java socket that is not encrypted. As a result, the traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.unencrypted-socket.unencrypted-socket)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "be4638bf4115ae8bafc33af11f84fbfbc7792f505c9091259a25a6d37937aa36a91d4af2ffcb34b4b70b6692d4c060db72aec0193b7c974a3531f187c67fab18_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/apis.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 26,
-                  "endLine": 65,
-                  "snippet": {
-                    "text": "        log_code = request.POST.get('log_code')\n        api_code = request.POST.get('api_code')\n        dirname = os.path.dirname(__file__)\n        log_filename = os.path.join(dirname, \"playground/A9/main.py\")\n        api_filename = os.path.join(dirname, \"playground/A9/api.py\")\n        f = open(log_filename,\"w\")\n        f.write(log_code)"
-                  },
-                  "startColumn": 9,
-                  "startLine": 59
-                }
+              "id": "javascript.lang.security.detect-pseudorandombytes.detect-pseudoRandomBytes",
+              "name": "javascript.lang.security.detect-pseudorandombytes.detect-pseudoRandomBytes",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.detect-pseudorandombytes.detect-pseudoRandomBytes"
+              },
+              "full_description": {
+                "text": "Detected usage of crypto.pseudoRandomBytes, which does not produce secure random numbers."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.detect-pseudorandombytes.detect-pseudoRandomBytes",
+              "help": {
+                "text": "Detected usage of crypto.pseudoRandomBytes, which does not produce secure random numbers.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected usage of crypto.pseudoRandomBytes, which does not produce secure random numbers.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-pseudorandombytes.detect-pseudoRandomBytes)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.request-data-write.request-data-write"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "389b5dda2e9be773649bb510fd6f13d489003311f98db6586b79854c3098639a59b3fa71c0f3d21118c6c00de5c31ba38e40cc3056ca0aa30218ad26d1f96741_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/apis.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 26,
-                  "endLine": 68,
-                  "snippet": {
-                    "text": "        api_code = request.POST.get('api_code')\n        dirname = os.path.dirname(__file__)\n        log_filename = os.path.join(dirname, \"playground/A9/main.py\")\n        api_filename = os.path.join(dirname, \"playground/A9/api.py\")\n        f = open(log_filename,\"w\")\n        f.write(log_code)\n        f.close()\n        f = open(api_filename,\"w\")\n        f.write(api_code)"
-                  },
-                  "startColumn": 9,
-                  "startLine": 60
-                }
+              "id": "java.spring.security.injection.tainted-file-path.tainted-file-path",
+              "name": "java.spring.security.injection.tainted-file-path.tainted-file-path",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.injection.tainted-file-path.tainted-file-path"
+              },
+              "full_description": {
+                "text": "Detected user input controlling a file path. An attacker could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.injection.tainted-file-path.tainted-file-path",
+              "help": {
+                "text": "Detected user input controlling a file path. An attacker could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input controlling a file path. An attacker could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.injection.tainted-file-path.tainted-file-path)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-23: Relative Path Traversal",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.request-data-write.request-data-write"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ffeb2d134aefc2f19a38d3f546112cb166327a14205f7ad6263f22a91836cbb702497984fa78f8810f5a33cc08e8f5ebd884e01932ab35d29ad834a7a23f18e0_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/apis.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 60,
-                  "endLine": 104,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef A7_disscussion_api(request):\n    if request.method != 'POST':\n        return JsonResponse({\"message\":\"method not allowed\"},status = 405)\n\n    try:\n        code = request.POST.get('code')\n    except:\n        return JsonResponse({\"message\":\"missing code\"},status = 400)\n\n    search_snipet = \"AF_session_id.objects.get(sesssion_id = cookie).delete()\"\n    search_snipet2 = \"AF_session_id.objects.get(sesssion_id=cookie).delete()\"\n\n    if (search_snipet in code) or (search_snipet2 in code):\n        return JsonResponse({\"message\":\"success\"},status = 200)\n\n    return JsonResponse({\"message\":\"failure\"},status = 400)"
-                  },
-                  "startColumn": 1,
-                  "startLine": 88
-                }
+              "id": "kotlin.lang.security.cookie-missing-secure-flag.cookie-missing-secure-flag",
+              "name": "kotlin.lang.security.cookie-missing-secure-flag.cookie-missing-secure-flag",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.cookie-missing-secure-flag.cookie-missing-secure-flag"
+              },
+              "full_description": {
+                "text": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.cookie-missing-secure-flag.cookie-missing-secure-flag",
+              "help": {
+                "text": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.cookie-missing-secure-flag.cookie-missing-secure-flag)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "LOW CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "877c489a52f15be13e30584b03ca34e1d3715584b02608de6d659ba7a9df51ec98b5ea74b1f166c71aba308a10391b951aba2848d1317a11ce1c95860a5ffb02_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/apis.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 64,
-                  "endLine": 118,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef A6_disscussion_api(request):\n    test_bench = [\"Pillow==8.0.0\",\"PyJWT==2.4.0\",\"requests==2.28.0\",\"Django==4.0.4\"]\n    \n    try:\n        result = check_vuln(test_bench)\n        print(len(result))\n        if result:\n            return JsonResponse({\"message\":\"success\",\"vulns\":result},status = 200)\n        return JsonResponse({\"message\":\"failure\"},status = 400)\n    except Exception as e:\n        return JsonResponse({\"message\":\"failure\"},status = 400)"
-                  },
-                  "startColumn": 1,
-                  "startLine": 107
-                }
+              "id": "trailofbits.go.missing-unlock-before-return.missing-unlock-before-return",
+              "name": "trailofbits.go.missing-unlock-before-return.missing-unlock-before-return",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.missing-unlock-before-return.missing-unlock-before-return"
+              },
+              "full_description": {
+                "text": "Missing mutex unlock (`$T` variable) before returning from a function.  This could result in panics resulting from double lock operations"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.missing-unlock-before-return.missing-unlock-before-return",
+              "help": {
+                "text": "Missing mutex unlock (`$T` variable) before returning from a function.  This could result in panics resulting from double lock operations\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Missing mutex unlock (`$T` variable) before returning from a function.  This could result in panics resulting from double lock operations\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.missing-unlock-before-return.missing-unlock-before-return)\n - [https://pkg.go.dev/sync#Mutex](https://pkg.go.dev/sync#Mutex)\n - [https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/](https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-667: Improper Locking",
+                  "MEDIUM CONFIDENCE",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "c361f237adbf5148745cf5fc72982323a355e01330d72810c8e2f64ce43520e119e884f6910767101afbff87c791d71dc92328079ee35b223a18404f39f82e28_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/apis.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 60,
-                  "endLine": 133,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef A6_disscussion_api_2(request):\n    if request.method != 'POST':\n        return JsonResponse({\"message\":\"method not allowed\"},status = 405)\n    try:\n        code = request.POST.get('code')\n        dirname = os.path.dirname(__file__)\n        filename = os.path.join(dirname, \"playground/A6/utility.py\")\n        f = open(filename,\"w\")\n        f.write(code)\n        f.close()\n    except:\n        return JsonResponse({\"message\":\"missing code\"},status = 400)\n    return JsonResponse({\"message\":\"success\"},status = 200)"
-                  },
-                  "startColumn": 1,
-                  "startLine": 120
-                }
+              "id": "solidity.security.curve-readonly-reentrancy.curve-readonly-reentrancy",
+              "name": "solidity.security.curve-readonly-reentrancy.curve-readonly-reentrancy",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.curve-readonly-reentrancy.curve-readonly-reentrancy"
+              },
+              "full_description": {
+                "text": "$POOL.get_virtual_price() call on a Curve pool is not protected from the read-only reentrancy."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/solidity.security.curve-readonly-reentrancy.curve-readonly-reentrancy",
+              "help": {
+                "text": "$POOL.get_virtual_price() call on a Curve pool is not protected from the read-only reentrancy.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "$POOL.get_virtual_price() call on a Curve pool is not protected from the read-only reentrancy.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.curve-readonly-reentrancy.curve-readonly-reentrancy)\n - [https://chainsecurity.com/heartbreaks-curve-lp-oracles/](https://chainsecurity.com/heartbreaks-curve-lp-oracles/)\n - [https://chainsecurity.com/curve-lp-oracle-manipulation-post-mortem/](https://chainsecurity.com/curve-lp-oracle-manipulation-post-mortem/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-841: Improper Enforcement of Behavioral Workflow",
+                  "HIGH CONFIDENCE",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "a842d7b67dbfe63c8e4c993c831da8e0cc61dc2faad67ac58b5ba5eceaa9bcc1dc35b19d72df9e1046644aec55b250228ab5bf434bbd9f79c5aa2c8f955b5c98_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/apis.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 22,
-                  "endLine": 129,
-                  "snippet": {
-                    "text": "        code = request.POST.get('code')\n        dirname = os.path.dirname(__file__)\n        filename = os.path.join(dirname, \"playground/A6/utility.py\")\n        f = open(filename,\"w\")\n        f.write(code)"
-                  },
-                  "startColumn": 9,
-                  "startLine": 125
-                }
+              "id": "yaml.kubernetes.security.allow-privilege-escalation-true.allow-privilege-escalation-true",
+              "name": "yaml.kubernetes.security.allow-privilege-escalation-true.allow-privilege-escalation-true",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.allow-privilege-escalation-true.allow-privilege-escalation-true"
+              },
+              "full_description": {
+                "text": "In Kubernetes, each pod runs in its own isolated environment with its own  set of security policies. However, certain container images may contain  `setuid` or `setgid` binaries that could allow an attacker to perform  privilege escalation and gain access to sensitive resources. To mitigate  this risk, it's recommended to add a `securityContext` to the container in  the pod, with the parameter `allowPrivilegeEscalation` set to `false`.  This will prevent the container from running any privileged processes and  limit the impact of any potential attacks.  In the container `$CONTAINER` this parameter is set to `true` which makes this container much more vulnerable to privelege escalation attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation-true.allow-privilege-escalation-true",
+              "help": {
+                "text": "In Kubernetes, each pod runs in its own isolated environment with its own  set of security policies. However, certain container images may contain  `setuid` or `setgid` binaries that could allow an attacker to perform  privilege escalation and gain access to sensitive resources. To mitigate  this risk, it's recommended to add a `securityContext` to the container in  the pod, with the parameter `allowPrivilegeEscalation` set to `false`.  This will prevent the container from running any privileged processes and  limit the impact of any potential attacks.  In the container `$CONTAINER` this parameter is set to `true` which makes this container much more vulnerable to privelege escalation attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "In Kubernetes, each pod runs in its own isolated environment with its own  set of security policies. However, certain container images may contain  `setuid` or `setgid` binaries that could allow an attacker to perform  privilege escalation and gain access to sensitive resources. To mitigate  this risk, it's recommended to add a `securityContext` to the container in  the pod, with the parameter `allowPrivilegeEscalation` set to `false`.  This will prevent the container from running any privileged processes and  limit the impact of any potential attacks.  In the container `$CONTAINER` this parameter is set to `true` which makes this container much more vulnerable to privelege escalation attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation-true.allow-privilege-escalation-true)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n - [https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.request-data-write.request-data-write"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ea767c6603d32dc3d96e5731f633cc610c95ac9f90faf72a5eb0e21a78fff39f36572b024d2acad0358d1304189093192e38d5bd2b594b94bc0300ef239cb15a_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/mitre.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 54,
-                  "endLine": 158,
-                  "snippet": {
-                    "text": "        password = md5(password.encode()).hexdigest()"
-                  },
-                  "startColumn": 20,
-                  "startLine": 158
-                }
+              "id": "python.lang.security.audit.subprocess-shell-true.subprocess-shell-true",
+              "name": "python.lang.security.audit.subprocess-shell-true.subprocess-shell-true",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.subprocess-shell-true.subprocess-shell-true"
+              },
+              "full_description": {
+                "text": "Found 'subprocess' function '$FUNC' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.subprocess-shell-true.subprocess-shell-true",
+              "help": {
+                "text": "Found 'subprocess' function '$FUNC' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found 'subprocess' function '$FUNC' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.subprocess-shell-true.subprocess-shell-true)\n - [https://stackoverflow.com/questions/3172470/actual-meaning-of-shell-true-in-subprocess](https://stackoverflow.com/questions/3172470/actual-meaning-of-shell-true-in-subprocess)\n - [https://docs.python.org/3/library/subprocess.html](https://docs.python.org/3/library/subprocess.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as scrypt. You can use `hashlib.scrypt`."
-          },
-          "properties": {},
-          "ruleId": "python.lang.security.audit.md5-used-as-password.md5-used-as-password"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "611ab643a9a1cafac1ce5c6c21a9ba1756a906c92275b6b2feea6f8a66513e6ab00e2e242305017e0e3ef80429769c41479f2c40b29052b3a35827a5ec0e7cae_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/mitre.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 62,
-                  "endLine": 166,
-                  "snippet": {
-                    "text": "            cookie = jwt.encode(payload, 'csrf_vulneribility', algorithm='HS256')"
-                  },
-                  "startColumn": 42,
-                  "startLine": 166
-                }
+              "id": "javascript.browser.security.insufficient-postmessage-origin-validation.insufficient-postmessage-origin-validation",
+              "name": "javascript.browser.security.insufficient-postmessage-origin-validation.insufficient-postmessage-origin-validation",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.browser.security.insufficient-postmessage-origin-validation.insufficient-postmessage-origin-validation"
+              },
+              "full_description": {
+                "text": "No validation of origin is done by the addEventListener API. It may be possible to exploit this flaw to perform Cross Origin attacks such as Cross-Site Scripting(XSS)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.browser.security.insufficient-postmessage-origin-validation.insufficient-postmessage-origin-validation",
+              "help": {
+                "text": "No validation of origin is done by the addEventListener API. It may be possible to exploit this flaw to perform Cross Origin attacks such as Cross-Site Scripting(XSS).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "No validation of origin is done by the addEventListener API. It may be possible to exploit this flaw to perform Cross Origin attacks such as Cross-Site Scripting(XSS).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.insufficient-postmessage-origin-validation.insufficient-postmessage-origin-validation)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-345: Insufficient Verification of Data Authenticity",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)"
-          },
-          "properties": {},
-          "ruleId": "python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "a3960b79e05a17a6a840a1f06dae5919adbf28488255add3e2bc5d4e89fcc5a276391ce6f8bc7b6e42080709eb4c95fcafb37bbe25993c341e658003949640cb_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/mitre.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 56,
-                  "endLine": 168,
-                  "snippet": {
-                    "text": "            response.set_cookie('auth_cookiee', cookie)"
-                  },
-                  "startColumn": 13,
-                  "startLine": 168
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.secure-cookies.django-secure-set-cookie"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "39c7284e78d57269272719f6d5d29d19368eefefd5b98495e114002485ad1f7466c76596368159d22fd550a637f1bd892dbeb2dc6f55ee720e359ebdb89507c0_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/mitre.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 50,
-                  "endLine": 186,
-                  "snippet": {
-                    "text": "@authentication_decorator\n@csrf_exempt\ndef csrf_transfer_monei(request):\n    if request.method == 'GET':\n        try:\n            cookie = request.COOKIES['auth_cookiee']\n            payload = jwt.decode(cookie, 'csrf_vulneribility', algorithms=['HS256'])\n            username = payload['username']\n            User = CSRF_user_tbl.objects.filter(username=username)\n            if not User:\n                redirect('/mitre/9/lab/login')\n            return render(request, 'mitre/csrf_dashboard.html', {'balance': User[0].balance})\n        except:\n            return redirect('/mitre/9/lab/login')"
-                  },
-                  "startColumn": 1,
-                  "startLine": 173
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "3bd08d07f3616b3e9fb1531618fc52c5173f3258ffce6cb8c8c6a85b20d8f0c0e9432654d88fd84e2c1b3d52df5efe34547ac3cbb2775b13942c51d51ff77286_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/mitre.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 42,
-                  "endLine": 218,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef mitre_lab_25_api(request):\n    if request.method == \"POST\":\n        expression = request.POST.get('expression')\n        result = eval(expression)\n        return JsonResponse({'result': result})\n    else:\n        return redirect('/mitre/25/lab/')"
-                  },
-                  "startColumn": 1,
-                  "startLine": 211
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "16b058d7ce6382ab0004c866a6a81acbf09d97a7c629401bcf9e23d20e1315c8c515f63b2d7681d8db31381c241e24d5d7aa9d60197813dcb410d069e8ca8566_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/mitre.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 34,
-                  "endLine": 215,
-                  "snippet": {
-                    "text": "        expression = request.POST.get('expression')\n        result = eval(expression)"
-                  },
-                  "startColumn": 9,
-                  "startLine": 214
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.code.user-eval.user-eval"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "3a71a35bf3f477d805112137ed91deb1b379944439526a46e8f0de4ab242f93bc35b7c7cf21445e6db092f47eabeba5310c234d55ae46117df24b606e96ffbe2_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/mitre.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 34,
-                  "endLine": 215,
-                  "snippet": {
-                    "text": "        result = eval(expression)"
-                  },
-                  "startColumn": 18,
-                  "startLine": 215
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
-          },
-          "properties": {},
-          "ruleId": "python.lang.security.audit.eval-detected.eval-detected"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "8bdf8a56660b14f45dedab486300af9cea042a261eed005c1a3f042921f0e0466290dda8b2cbd10e111fafd98bae479bd379f09e901df65c1c1570ed93269d34_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/mitre.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 100,
-                  "endLine": 230,
-                  "snippet": {
-                    "text": "    process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)"
-                  },
-                  "startColumn": 15,
-                  "startLine": 230
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Found 'subprocess' function 'Popen' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead."
-          },
-          "properties": {},
-          "ruleId": "python.lang.security.audit.subprocess-shell-true.subprocess-shell-true"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "45d758bdbcd1fc9963b1838f952e5b5df3318f5e34eccf72f4be5a470db7789abc82a69f138c1a939614255039bfbb5dea1521f10669ebe0d77b2f3c3102d063_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/mitre.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 88,
-                  "endLine": 244,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef mitre_lab_17_api(request):\n    if request.method == \"POST\":\n        ip = request.POST.get('ip')\n        command = \"nmap \" + ip \n        res, err = command_out(command)\n        res = res.decode()\n        err = err.decode()\n        pattern = \"STATE SERVICE.*\\\\n\\\\n\"\n        ports = re.findall(pattern, res,re.DOTALL)[0][14:-2].split('\\n')\n        return JsonResponse({'raw_res': str(res), 'raw_err': str(err), 'ports': ports})"
-                  },
-                  "startColumn": 1,
-                  "startLine": 234
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "6414d84080647287a56ac40ac539e68d14c7df967fc0d430285e7a1a2d485a3b5f84f9e7900818229c68e4be2b5033521be955f655d1a7e07a0e96512db79679_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/playground/A9/api.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 71,
-                  "endLine": 31,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef log_function_target(request):\n    L = Log(request)\n    if request.method == \"GET\":\n        L.info(\"GET request\")\n        return JsonResponse({\"message\":\"normal get request\", \"method\":\"get\"},status = 200)\n    if request.method == \"POST\":\n        username = request.POST['username']\n        password = request.POST['password']\n        L.info(f\"POST request with username {username} and password {password}\")\n        if username == \"admin\" and password == \"admin\":\n            return JsonResponse({\"message\":\"Loged in successfully\", \"method\":\"post\"},status = 200)\n        return JsonResponse({\"message\":\"Invalid credentials\", \"method\":\"post\"},status = 401)\n    if request.method == \"PUT\":\n        L.info(\"PUT request\")\n        return JsonResponse({\"message\":\"success\", \"method\":\"put\"},status = 200)\n    if request.method == \"DELETE\":\n        if request.user.is_authenticated:\n            return JsonResponse({\"message\":\"User is authenticated\", \"method\":\"delete\"},status = 200)\n        L.error(\"DELETE request\")\n        return JsonResponse({\"message\":\"permission denied\", \"method\":\"delete\"},status = 200)\n    if request.method == \"PATCH\":\n        L.info(\"PATCH request\")\n        return JsonResponse({\"message\":\"success\", \"method\":\"patch\"},status = 200)\n    if request.method == \"UPDATE\":\n        return JsonResponse({\"message\":\"success\", \"method\":\"update\"},status = 200)\n    return JsonResponse({\"message\":\"method not allowed\"},status = 403)"
-                  },
-                  "startColumn": 1,
-                  "startLine": 5
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "64ffeff6e27b31d8497884023fbeff139351912240b637560f45d7958cee1df2c903c2d03ae5802e7f0f47694f9406709620b4606c6de7d674f80efbcd8ca660_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/playground/A9/archive.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 71,
-                  "endLine": 31,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef log_function_target(request):\n    L = Log(request)\n    if request.method == \"GET\":\n        L.info(\"GET request\")\n        return JsonResponse({\"message\":\"normal get request\", \"method\":\"get\"},status = 200)\n    if request.method == \"POST\":\n        username = request.POST['username']\n        password = request.POST['password']\n        L.info(f\"POST request with username {username} and password {password}\")\n        if username == \"admin\" and password == \"admin\":\n            return JsonResponse({\"message\":\"Loged in successfully\", \"method\":\"post\"},status = 200)\n        return JsonResponse({\"message\":\"Invalid credentials\", \"method\":\"post\"},status = 401)\n    if request.method == \"PUT\":\n        L.info(\"PUT request\")\n        return JsonResponse({\"message\":\"success\", \"method\":\"put\"},status = 200)\n    if request.method == \"DELETE\":\n        if request.user.is_authenticated:\n            return JsonResponse({\"message\":\"User is authenticated\", \"method\":\"delete\"},status = 200)\n        L.error(\"DELETE request\")\n        return JsonResponse({\"message\":\"permission denied\", \"method\":\"delete\"},status = 200)\n    if request.method == \"PATCH\":\n        L.info(\"PATCH request\")\n        return JsonResponse({\"message\":\"success\", \"method\":\"patch\"},status = 200)\n    if request.method == \"UPDATE\":\n        return JsonResponse({\"message\":\"success\", \"method\":\"update\"},status = 200)\n    return JsonResponse({\"message\":\"method not allowed\"},status = 403)"
-                  },
-                  "startColumn": 1,
-                  "startLine": 5
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "9f143409c967066b678bea31ceb920fff27645a353fda40e50dbfd0e86a02d14790a51eb2a38927c27846bd489a39442a2216cc7c261efadca487f3e4a583e8a_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/static/js/a7.js",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 210,
-                  "endLine": 4,
-                  "snippet": {
-                    "text": "    // myHeaders.append(\"Cookie\", \"csrftoken=5fVOTXh2HNahtvJFJNRSrKkwPAgPM9YCHlrCGprAxhAAKOUWMxqMnWm8BUomv0Yd; jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MSwiZXhwIjoxNjUzMzEzMDIxLCJpYXQiOjE2NTMzMDk0MjF9.dh2gfP9wKD8GKu1J-jVs2jJUYMgKu_kMaJjrD0hHP-I\");"
-                  },
-                  "startColumn": 116,
-                  "startLine": 4
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "JWT token detected"
-          },
-          "properties": {},
-          "ruleId": "generic.secrets.security.detected-jwt-token.detected-jwt-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "0351a53c7214f89703a7cc24715480943a60ed50d72da59e97d12aa1c5e04865467ebc64a72baa3b03905e2e22d643c7f522774fa1f1549899e2319b4823631a_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/static/js/a9.js",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 207,
-                  "endLine": 18,
-                  "snippet": {
-                    "text": "    myHeaders.append(\"Cookie\", \"csrftoken=5fVOTXh2HNahtvJFJNRSrKkwPAgPM9YCHlrCGprAxhAAKOUWMxqMnWm8BUomv0Yd; jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MSwiZXhwIjoxNjUzMzEzMDIxLCJpYXQiOjE2NTMzMDk0MjF9.dh2gfP9wKD8GKu1J-jVs2jJUYMgKu_kMaJjrD0hHP-I\");"
-                  },
-                  "startColumn": 113,
-                  "startLine": 18
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "JWT token detected"
-          },
-          "properties": {},
-          "ruleId": "generic.secrets.security.detected-jwt-token.detected-jwt-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "63620f765169ad1354b15660d21643db72743148ee1726cc300d851696edc64e7b1c13e1c8fc7370dec33b49d8ce21acfebfa65c6463275d962d410138239ec8_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/static/js/a9.js",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 41,
-                  "endLine": 40,
-                  "snippet": {
-                    "text": "            li.innerHTML = data.logs[i];"
-                  },
-                  "startColumn": 13,
-                  "startLine": 40
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities"
-          },
-          "properties": {},
-          "ruleId": "javascript.browser.security.insecure-document-method.insecure-document-method"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "39c24f28fe90fc823aef79becd1f7b7fbaa8f97246336a42976ff05d9f37317692e299d3d38ce39fe4a6b404656f8e28f62216c8fbb5e442c82cdd1eda8eaae3_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/A9/a9_lab.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 12,
-                  "endLine": 14,
-                  "snippet": {
-                    "text": "    <form enctype=\"multipart/form-data\" method=\"post\" action=\"/a9_lab\">\n        <input type=\"file\" name=\"file\"><br>\n        <br>\n        <button class=\"btn btn-info\" type=\"submit\">Upload</button>\n    </form>"
-                  },
-                  "startColumn": 5,
-                  "startLine": 10
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "cd257c73794366c1e7c0c9f9f077ba5189201e42bd59d651e143a14d2245b349fcf2dea544e90340798983e1e56293e76297317360358cb68d8cda04aeba9fba_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/A9/a9_lab2.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 12,
-                  "endLine": 25,
-                  "snippet": {
-                    "text": "    <form enctype=\"multipart/form-data\" id=\"a9_form2\" method=\"POST\" style=\"display: flex;flex-direction: column;align-items: center;margin-bottom: 50px;\">\n        <input type=\"file\" name=\"file\" id=\"a9_file\" />\n        <input type=\"text\" name=\"function\" id=\"a9_function\" placeholder=\"function\"/>\n        <button type=\"submit\" id=\"a9_submit\" >Submit</button>\n    </form><br><br>"
-                  },
-                  "startColumn": 5,
-                  "startLine": 21
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "6c55ae73d62631eacf3e3643d31abafee344d0442acf5c19b48957ce1304ce5cdef8fe15ea9c14d87027d3b4a2c5d99ef9d00dc7ec351855ddfecd3cf33e0af0_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/A9/a9_lab2.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 22,
-                  "endLine": 91,
-                  "snippet": {
-                    "text": "    alert(\"{{ data }}\");"
-                  },
-                  "startColumn": 12,
-                  "startLine": 91
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`)."
-          },
-          "properties": {},
-          "ruleId": "generic.html-templates.security.var-in-script-tag.var-in-script-tag"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "91bcd15d7a2a0d16b0b06e1a9641b4419a70f21506f436b851beda29c151a0e540e46aa0190f701f94a69e80f845f4e047855ab4cb994eb4bbd091eb5c5e624a_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/A9/a9_lab2.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 22,
-                  "endLine": 91,
-                  "snippet": {
-                    "text": "    alert(\"{{ data }}\");"
-                  },
-                  "startColumn": 12,
-                  "startLine": 91
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`)."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.xss.var-in-script-tag.var-in-script-tag"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "689059ffed525598c0d311633e06afdba2fba5311c13caee1561644ad3d13758303cba8ece4c17fe42f96593c5cfe5df393c8c96820e0fa1d9e5125566e09111_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/BrokenAccess/ba_lab.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 16,
-                  "endLine": 18,
-                  "snippet": {
-                    "text": "        <form method=\"post\" action=\"/ba_lab\">\n\n            <input id=\"input\" type=\"text\" name=\"name\" placeholder=\"User Name\"><br>\n            <input id=\"input\" type=\"password\" name=\"pass\" placeholder=\"Password\"><br>\n            <button style=\"margin-top:20px\" class=\"btn btn-info\" type=\"submit\"> Log in</button>\n\n\n        </form>"
-                  },
-                  "startColumn": 9,
-                  "startLine": 11
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "8e7dd730eacf0de1effe8a64f292d3448ec57670547e2d3ce6492ebde073ae8aaec217216c1f1ea921e58761461e3958cabe1ec5ebff9e624e432fe14adbbfca_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/BrokenAuth/otp.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 12,
-                  "endLine": 22,
-                  "snippet": {
-                    "text": "    <form method=\"post\" action=\"/otp\">\n        <label for='enter'>Enter Your OTP:</label>\n        <input id=\"enter\" type=\"number\" maxlength=\"3\" name=\"otp\"><br><br>\n        <button class=\"btn btn-info\" type=\"submit\">Log in</button>\n    </form>"
-                  },
-                  "startColumn": 5,
-                  "startLine": 18
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "1914fc2fb2842c92d5c41d19fa38165c3eff14446209f565f0d78f2abc341835fc260d6034b24d18dff5b85b90c4d26c50e173236671fe6a0c45512acc96bc14_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/CMD/cmd_lab.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 16,
-                  "endLine": 16,
-                  "snippet": {
-                    "text": "        <form method=\"post\" action=\"/cmd_lab\">\n            <input type=\"text\" name=\"domain\" placeholder=\"Enter Domain Here\"><br><br>\n            <input type=\"radio\" id=\"linux\" name=\"os\" value=\"linux\">\n            <label for=\"linux\">Linux</label>\n            <input type=\"radio\" id=\"windows\" name=\"os\" value=\"win\">\n            <label for=\"windows\">Windows</label><br>\n            <button class=\"btn btn-info\" type=\"submit\" style=\"align:right\">GO</button>\n        </form>"
-                  },
-                  "startColumn": 9,
-                  "startLine": 9
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "2f38b15704c7322f83c9b194a0103a57a3cb1873e06d60b2910ff30b53ce4d8e6e0c54b73ddc35a43b9136b25bd9b60a614e282e23490e507077ab521133c912_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/CMD/cmd_lab2.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 16,
-                  "endLine": 12,
-                  "snippet": {
-                    "text": "        <form method=\"post\" action=\"/cmd_lab2\">\n            <input type=\"text\" name=\"val\" placeholder=\"eg. 7*7\"><br><br>\n            <center><button class=\"btn btn-info\" type=\"submit\">GO</button></center>\n        </form>"
-                  },
-                  "startColumn": 9,
-                  "startLine": 9
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "95eb1ef11cad3c1355ce20ae95a89119dd1b7d86907c5f29485e3c020b55033897ac046a524c368eb45a676558c3f2964f0005c5c8b520054e5525264a65b3fe_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/XSS/xss_lab_3.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 13,
-                  "endLine": 22,
-                  "snippet": {
-                    "text": "    {{code}}"
-                  },
-                  "startColumn": 5,
-                  "startLine": 22
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`)."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.xss.var-in-script-tag.var-in-script-tag"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ca2008bb3a5ab33ce4dc3d90bec934025699c5a00d9f45dbc6c3f4a280668147cb6bcb1d3cf3423e3ae47a48f4d5171a9d05383f8d750dac10c5adce877a4976_0"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/ssrf/ssrf_discussion.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 12,
-                  "endLine": 129,
-                  "snippet": {
-                    "text": "    <form method=\"post\" action=\"/ssrf_lab\">\n        {&#37; csrf_token &#37;}\n        <input type=\"hidden\" name=\"blog\" value=\"templates/Lab/ssrf/blogs/blog1.txt\">\n        <button type=\"submit\" class=\"btn btn-info\"> Blog1 </button>\n    </form>"
-                  },
-                  "startColumn": 5,
-                  "startLine": 125
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ca2008bb3a5ab33ce4dc3d90bec934025699c5a00d9f45dbc6c3f4a280668147cb6bcb1d3cf3423e3ae47a48f4d5171a9d05383f8d750dac10c5adce877a4976_1"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/ssrf/ssrf_discussion.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 12,
-                  "endLine": 134,
-                  "snippet": {
-                    "text": "    <form method=\"post\" action=\"/ssrf_lab\">\n        {&#37; csrf_token &#37;}\n        <input type=\"hidden\" name=\"blog\" value=\"templates/Lab/ssrf/blogs/blog2.txt\">\n        <button type=\"submit\" class=\"btn btn-info\"> Blog2 </button>\n    </form>"
-                  },
-                  "startColumn": 5,
-                  "startLine": 130
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ca2008bb3a5ab33ce4dc3d90bec934025699c5a00d9f45dbc6c3f4a280668147cb6bcb1d3cf3423e3ae47a48f4d5171a9d05383f8d750dac10c5adce877a4976_2"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/ssrf/ssrf_discussion.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 12,
-                  "endLine": 139,
-                  "snippet": {
-                    "text": "    <form method=\"post\" action=\"/ssrf_lab\">\n        {&#37; csrf_token &#37;}\n        <input type=\"hidden\" name=\"blog\" value=\"templates/Lab/ssrf/blogs/blog3.txt\">\n        <button type=\"submit\" class=\"btn btn-info\"> Blog3 </button>\n    </form>"
-                  },
-                  "startColumn": 5,
-                  "startLine": 135
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ca2008bb3a5ab33ce4dc3d90bec934025699c5a00d9f45dbc6c3f4a280668147cb6bcb1d3cf3423e3ae47a48f4d5171a9d05383f8d750dac10c5adce877a4976_3"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab/ssrf/ssrf_discussion.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 12,
-                  "endLine": 144,
-                  "snippet": {
-                    "text": "    <form method=\"post\" action=\"/ssrf_lab\">\n        {&#37; csrf_token &#37;}\n        <input type=\"hidden\" name=\"blog\" value=\"templates/Lab/ssrf/blogs/blog4.txt\">\n        <button type=\"submit\" class=\"btn btn-info\"> Blog4 </button>\n    </form>"
-                  },
-                  "startColumn": 5,
-                  "startLine": 140
-                }
+              "id": "kotlin.lang.security.weak-rsa.use-of-weak-rsa-key",
+              "name": "kotlin.lang.security.weak-rsa.use-of-weak-rsa-key",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.weak-rsa.use-of-weak-rsa-key"
+              },
+              "full_description": {
+                "text": "RSA keys should be at least 2048 bits based on NIST recommendation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.weak-rsa.use-of-weak-rsa-key",
+              "help": {
+                "text": "RSA keys should be at least 2048 bits based on NIST recommendation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "RSA keys should be at least 2048 bits based on NIST recommendation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.weak-rsa.use-of-weak-rsa-key)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-326: Inadequate Encryption Strength",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "d1f213b8b60b4da1e500e01b90728dc4ede017dfca6e40def70543e278b5b1f015cc46ca7684ef1b5b82664573a8b2099e0c157117ce9162937f3e860a82a73b_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 16,
-                  "endLine": 18,
-                  "snippet": {
-                    "text": "        <form method=\"post\" action=\"/broken_access_lab_1\">\n\n            <input id=\"input\" type=\"text\" name=\"name\" placeholder=\"User Name\"><br>\n            <input id=\"input\" type=\"password\" name=\"pass\" placeholder=\"Password\"><br>\n            <button style=\"margin-top:20px\" class=\"btn btn-info\" type=\"submit\"> Log in</button>\n\n\n        </form>"
-                  },
-                  "startColumn": 9,
-                  "startLine": 11
-                }
+              "id": "go.lang.security.audit.xss.no-interpolation-js-template-string.no-interpolation-js-template-string",
+              "name": "go.lang.security.audit.xss.no-interpolation-js-template-string.no-interpolation-js-template-string",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.xss.no-interpolation-js-template-string.no-interpolation-js-template-string"
+              },
+              "full_description": {
+                "text": "Detected template variable interpolation in a JavaScript template string. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over JavaScript but without the need to use escaped characters. Instead, obtain this variable outside of the template string and ensure your template is properly escaped."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-interpolation-js-template-string.no-interpolation-js-template-string",
+              "help": {
+                "text": "Detected template variable interpolation in a JavaScript template string. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over JavaScript but without the need to use escaped characters. Instead, obtain this variable outside of the template string and ensure your template is properly escaped.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected template variable interpolation in a JavaScript template string. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over JavaScript but without the need to use escaped characters. Instead, obtain this variable outside of the template string and ensure your template is properly escaped.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-interpolation-js-template-string.no-interpolation-js-template-string)\n - [https://github.com/golang/go/issues/9200#issuecomment-66100328](https://github.com/golang/go/issues/9200#issuecomment-66100328)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "e38c316b557fb586af36f2c890371456e6fe286dfc9959cc9232fff2f28244c6948cf2bfa736d6c7bef94f6f6476706f8bf9b52d0cac6e5c3c007994e44e78ff_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 16,
-                  "endLine": 18,
-                  "snippet": {
-                    "text": "        <form method=\"post\" action=\"/broken_access_lab_2\">\n\n            <input id=\"input\" type=\"text\" name=\"name\" placeholder=\"User Name\"><br>\n            <input id=\"input\" type=\"password\" name=\"pass\" placeholder=\"Password\"><br>\n            <button style=\"margin-top:20px\" class=\"btn btn-info\" type=\"submit\"> Log in</button>\n\n\n        </form>"
-                  },
-                  "startColumn": 9,
-                  "startLine": 11
-                }
+              "id": "terraform.aws.security.aws-cloudwatch-log-group-unencrypted.aws-cloudwatch-log-group-unencrypted",
+              "name": "terraform.aws.security.aws-cloudwatch-log-group-unencrypted.aws-cloudwatch-log-group-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-cloudwatch-log-group-unencrypted.aws-cloudwatch-log-group-unencrypted"
+              },
+              "full_description": {
+                "text": "By default, AWS CloudWatch Log Group is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your log group in CloudWatch. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-cloudwatch-log-group-unencrypted.aws-cloudwatch-log-group-unencrypted",
+              "help": {
+                "text": "By default, AWS CloudWatch Log Group is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your log group in CloudWatch. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "By default, AWS CloudWatch Log Group is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your log group in CloudWatch. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-cloudwatch-log-group-unencrypted.aws-cloudwatch-log-group-unencrypted)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.django-no-csrf-token.django-no-csrf-token"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "96056686594b4c1d3f50b576a48f3f6f4afaf5298c805304b9b3b0d5cdb69a57d06fddf8ea40241d6f2b9bf2a901b2563861d962f13a2b334b8bf349c0c3b67a_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 112,
-                  "endLine": 155,
-                  "snippet": {
-                    "text": "                sql_query = \"SELECT * FROM introduction_login WHERE user='\"+name+\"'AND password='\"+password+\"'\""
-                  },
-                  "startColumn": 29,
-                  "startLine": 155
-                }
+              "id": "python.django.security.injection.code.globals-misuse-code-execution.globals-misuse-code-execution",
+              "name": "python.django.security.injection.code.globals-misuse-code-execution.globals-misuse-code-execution",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.code.globals-misuse-code-execution.globals-misuse-code-execution"
+              },
+              "full_description": {
+                "text": "Found request data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.code.globals-misuse-code-execution.globals-misuse-code-execution",
+              "help": {
+                "text": "Found request data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found request data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.code.globals-misuse-code-execution.globals-misuse-code-execution)\n - [https://github.com/mpirnat/lets-be-bad-guys/blob/d92768fb3ade32956abd53bd6bb06e19d634a084/badguys/vulnerable/views.py#L181-L186](https://github.com/mpirnat/lets-be-bad-guys/blob/d92768fb3ade32956abd53bd6bb06e19d634a084/badguys/vulnerable/views.py#L181-L186)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using the Django object-relational mappers (ORM) instead of raw SQL queries."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.tainted-sql-string.tainted-sql-string"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "97b9e056085549aa69dadfe9acc2c89198dab6994e7a4143713acc170392ff70b6efe7eaa69ef6ab9df0c08ae6b198a7fc2affe677c2ba8311e7337df580cd74_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 53,
-                  "endLine": 159,
-                  "snippet": {
-                    "text": "                    val=login.objects.raw(sql_query)"
-                  },
-                  "startColumn": 25,
-                  "startLine": 159
-                }
+              "id": "javascript.express.security.express-xml2json-xxe.express-xml2json-xxe",
+              "name": "javascript.express.security.express-xml2json-xxe.express-xml2json-xxe",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-xml2json-xxe.express-xml2json-xxe"
+              },
+              "full_description": {
+                "text": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-xml2json-xxe.express-xml2json-xxe",
+              "help": {
+                "text": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-xml2json-xxe.express-xml2json-xxe)\n - [https://www.npmjs.com/package/xml2json](https://www.npmjs.com/package/xml2json)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected the use of 'RawSQL' or 'raw' indicating the execution of a non-parameterized SQL query. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use Django ORM and parameterized queries before raw SQL. An example of using the Django ORM is: `People.objects.get(name='Bob')`"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.raw-query.avoid-raw-sql"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "a8718d5941cddbb4f3f2b7d4f80d4ddb9dd12abeb6306e98f6f051e5199f97e3d0ae15577e082a8f6d0d1b0b5d0e13dd194dc3ebac179c7cde2b98e976740345_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 40,
-                  "endLine": 199,
-                  "snippet": {
-                    "text": "pickled_user = pickle.dumps(TestUser())"
-                  },
-                  "startColumn": 16,
-                  "startLine": 199
-                }
+              "id": "javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent",
+              "name": "javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent"
+              },
+              "full_description": {
+                "text": "Detected use of parseXml() function with the `noent` field set to `true`. This can lead to an XML External Entities (XXE) attack if untrusted data is passed into it."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent",
+              "help": {
+                "text": "Detected use of parseXml() function with the `noent` field set to `true`. This can lead to an XML External Entities (XXE) attack if untrusted data is passed into it.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of parseXml() function with the `noent` field set to `true`. This can lead to an XML External Entities (XXE) attack if untrusted data is passed into it.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent)\n - [https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
-          },
-          "properties": {},
-          "ruleId": "python.lang.security.deserialization.pickle.avoid-pickle"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 73,
-                  "endLine": 208,
-                  "snippet": {
-                    "text": "            response.set_cookie(key='token',value=token.decode('utf-8'))"
-                  },
-                  "startColumn": 13,
-                  "startLine": 208
-                }
+              "id": "yaml.docker-compose.security.privileged-service.privileged-service",
+              "name": "yaml.docker-compose.security.privileged-service.privileged-service",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.docker-compose.security.privileged-service.privileged-service"
+              },
+              "full_description": {
+                "text": "Service '$SERVICE' is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/yaml.docker-compose.security.privileged-service.privileged-service",
+              "help": {
+                "text": "Service '$SERVICE' is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Service '$SERVICE' is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.privileged-service.privileged-service)\n - [https://www.trendmicro.com/en_us/research/19/l/why-running-a-privileged-container-in-docker-is-a-bad-idea.html](https://www.trendmicro.com/en_us/research/19/l/why-running-a-privileged-container-in-docker-is-a-bad-idea.html)\n - [https://containerjournal.com/topics/container-security/why-running-a-privileged-container-is-not-a-good-idea/](https://containerjournal.com/topics/container-security/why-running-a-privileged-container-is-not-a-good-idea/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-250: Execution with Unnecessary Privileges",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.secure-cookies.django-secure-set-cookie"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "6afd3de860be660079ffdea91808b7bd19861619ab2d850b5233695189c043a97873f674cb51da6153616c0d07e07607389507ef460d0d27ff369679efbf9654_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 40,
-                  "endLine": 211,
-                  "snippet": {
-                    "text": "            admin = pickle.loads(token)"
-                  },
-                  "startColumn": 21,
-                  "startLine": 211
-                }
+              "id": "generic.secrets.security.google-maps-apikeyleak.google-maps-apikeyleak",
+              "name": "generic.secrets.security.google-maps-apikeyleak.google-maps-apikeyleak",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.google-maps-apikeyleak.google-maps-apikeyleak"
+              },
+              "full_description": {
+                "text": "Detects potential Google Maps API keys in code"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.google-maps-apikeyleak.google-maps-apikeyleak",
+              "help": {
+                "text": "Detects potential Google Maps API keys in code\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detects potential Google Maps API keys in code\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.google-maps-apikeyleak.google-maps-apikeyleak)\n - [https://ozguralp.medium.com/unauthorized-google-maps-api-key-usage-cases-and-why-you-need-to-care-1ccb28bf21e](https://ozguralp.medium.com/unauthorized-google-maps-api-key-usage-cases-and-why-you-need-to-care-1ccb28bf21e)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A3:2017 Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Avoid using insecure deserialization library, backed by `pickle`, `_pickle`, `cpickle`, `dill`, `shelve`, or `yaml`, which are known to lead to remote code execution vulnerabilities."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "2e66761d8bcdeeccc02a513374680f9a85d9855ec839abb13aa5756474e976bc03456a7edaa05b12f3852465afb5fe7c45383c3d75cb6d3cfae55e34a06451fe_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 40,
-                  "endLine": 211,
-                  "snippet": {
-                    "text": "            admin = pickle.loads(token)"
-                  },
-                  "startColumn": 21,
-                  "startLine": 211
-                }
+              "id": "csharp.lang.security.ssrf.web-client.ssrf",
+              "name": "csharp.lang.security.ssrf.web-client.ssrf",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.ssrf.web-client.ssrf"
+              },
+              "full_description": {
+                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.ssrf.web-client.ssrf",
+              "help": {
+                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.ssrf.web-client.ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
-          },
-          "properties": {},
-          "ruleId": "python.lang.security.deserialization.pickle.avoid-pickle"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "44bbf262277c0f2622f3ae76a1f05df2417644c4b37d15a0dec33189fb77173bace0bbd16dcb4f0010a1e2c456175423527a43cbea4443eba5fe1616232e46db_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 33,
-                  "endLine": 244,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef xxe_see(request):\n    if request.user.is_authenticated:\n\n        data=comments.objects.all()\n        com=data[0].comment\n        return render(request,'Lab/XXE/xxe_lab.html',{\"com\":com})\n    else:\n        return redirect('login')"
-                  },
-                  "startColumn": 1,
-                  "startLine": 236
-                }
+              "id": "javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp",
+              "name": "javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp"
+              },
+              "full_description": {
+                "text": "RegExp() called with a `$ARG` function argument, this might allow an attacker to cause a Regular Expression Denial-of-Service (ReDoS) within your application as RegExP blocks the main thread. For this reason, it is recommended to use hardcoded regexes instead. If your regex is run on user-controlled input, consider performing input validation or use a regex checking/sanitization library such as https://www.npmjs.com/package/recheck to verify that the regex does not appear vulnerable to ReDoS."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp",
+              "help": {
+                "text": "RegExp() called with a `$ARG` function argument, this might allow an attacker to cause a Regular Expression Denial-of-Service (ReDoS) within your application as RegExP blocks the main thread. For this reason, it is recommended to use hardcoded regexes instead. If your regex is run on user-controlled input, consider performing input validation or use a regex checking/sanitization library such as https://www.npmjs.com/package/recheck to verify that the regex does not appear vulnerable to ReDoS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "RegExp() called with a `$ARG` function argument, this might allow an attacker to cause a Regular Expression Denial-of-Service (ReDoS) within your application as RegExP blocks the main thread. For this reason, it is recommended to use hardcoded regexes instead. If your regex is run on user-controlled input, consider performing input validation or use a regex checking/sanitization library such as https://www.npmjs.com/package/recheck to verify that the regex does not appear vulnerable to ReDoS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp)\n - [https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-1333: Inefficient Regular Expression Complexity",
+                  "LOW CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "cdf9672bc3f7e69a2b03d003c14cbe3da0d32cf91db748ddda0f2c682f88cefd2dd99fc1139686e54cd8c4f9222dce4d67bca5a37ac1be223e392c6a16dd82fe_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 51,
-                  "endLine": 262,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef xxe_parse(request):\n\n    parser = make_parser()\n    parser.setFeature(feature_external_ges, True)\n    doc = parseString(request.body.decode('utf-8'), parser=parser)\n    for event, node in doc:\n        if event == START_ELEMENT and node.tagName == 'text':\n            doc.expandNode(node)\n            text = node.toxml()\n    startInd = text.find('>')\n    endInd = text.find('<', startInd)\n    text = text[startInd + 1:endInd:]\n    p=comments.objects.filter(id=1).update(comment=text)\n\n    return render(request, 'Lab/XXE/xxe_lab.html')"
-                  },
-                  "startColumn": 1,
-                  "startLine": 247
-                }
+              "id": "javascript.aws-lambda.security.pg-sqli.pg-sqli",
+              "name": "javascript.aws-lambda.security.pg-sqli.pg-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.pg-sqli.pg-sqli"
+              },
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.pg-sqli.pg-sqli",
+              "help": {
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.pg-sqli.pg-sqli)\n - [https://node-postgres.com/features/queries](https://node-postgres.com/features/queries)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ecdb18cf7b07cc98ef9f53a5c39eef5cffe7ca167f0e6e2cbdb42f5c35d4b702ddb93acce08ad802d34c6164f349a5cb0995c2327292b5f1666b643006580779_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 50,
-                  "endLine": 282,
-                  "snippet": {
-                    "text": "                response = HttpResponse(rendered)"
-                  },
-                  "startColumn": 28,
-                  "startLine": 282
-                }
+              "id": "terraform.aws.security.aws-kinesis-video-stream-encrypted-with-cmk.aws-kinesis-video-stream-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-kinesis-video-stream-encrypted-with-cmk.aws-kinesis-video-stream-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-kinesis-video-stream-encrypted-with-cmk.aws-kinesis-video-stream-encrypted-with-cmk"
+              },
+              "full_description": {
+                "text": "Ensure Kinesis video stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-kinesis-video-stream-encrypted-with-cmk.aws-kinesis-video-stream-encrypted-with-cmk",
+              "help": {
+                "text": "Ensure Kinesis video stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure Kinesis video stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-kinesis-video-stream-encrypted-with-cmk.aws-kinesis-video-stream-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_1"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 105,
-                  "endLine": 283,
-                  "snippet": {
-                    "text": "                response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)"
-                  },
-                  "startColumn": 17,
-                  "startLine": 283
-                }
+              "id": "java.lang.security.jackson-unsafe-deserialization.jackson-unsafe-deserialization",
+              "name": "java.lang.security.jackson-unsafe-deserialization.jackson-unsafe-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.jackson-unsafe-deserialization.jackson-unsafe-deserialization"
+              },
+              "full_description": {
+                "text": "When using Jackson to marshall/unmarshall JSON to Java objects, enabling default typing is dangerous and can lead to RCE. If an attacker can control `$JSON` it might be possible to provide a malicious JSON which can be used to exploit unsecure deserialization. In order to prevent this issue, avoid to enable default typing (globally or by using \"Per-class\" annotations) and avoid using `Object` and other dangerous types for member variable declaration which creating classes for Jackson based deserialization."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.jackson-unsafe-deserialization.jackson-unsafe-deserialization",
+              "help": {
+                "text": "When using Jackson to marshall/unmarshall JSON to Java objects, enabling default typing is dangerous and can lead to RCE. If an attacker can control `$JSON` it might be possible to provide a malicious JSON which can be used to exploit unsecure deserialization. In order to prevent this issue, avoid to enable default typing (globally or by using \"Per-class\" annotations) and avoid using `Object` and other dangerous types for member variable declaration which creating classes for Jackson based deserialization.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "When using Jackson to marshall/unmarshall JSON to Java objects, enabling default typing is dangerous and can lead to RCE. If an attacker can control `$JSON` it might be possible to provide a malicious JSON which can be used to exploit unsecure deserialization. In order to prevent this issue, avoid to enable default typing (globally or by using \"Per-class\" annotations) and avoid using `Object` and other dangerous types for member variable declaration which creating classes for Jackson based deserialization.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.jackson-unsafe-deserialization.jackson-unsafe-deserialization)\n - [https://swapneildash.medium.com/understanding-insecure-implementation-of-jackson-deserialization-7b3d409d2038](https://swapneildash.medium.com/understanding-insecure-implementation-of-jackson-deserialization-7b3d409d2038)\n - [https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062](https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062)\n - [https://adamcaudill.com/2017/10/04/exploiting-jackson-rce-cve-2017-7525/](https://adamcaudill.com/2017/10/04/exploiting-jackson-rce-cve-2017-7525/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A8:2017 Insecure Deserialization",
+                  "OWASP-A8:2021 Software and Data Integrity Failures",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.secure-cookies.django-secure-set-cookie"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ecdb18cf7b07cc98ef9f53a5c39eef5cffe7ca167f0e6e2cbdb42f5c35d4b702ddb93acce08ad802d34c6164f349a5cb0995c2327292b5f1666b643006580779_1"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 46,
-                  "endLine": 296,
-                  "snippet": {
-                    "text": "            response = HttpResponse(rendered)"
-                  },
-                  "startColumn": 24,
-                  "startLine": 296
-                }
+              "id": "javascript.express.security.audit.xss.mustache.escape-function-overwrite.escape-function-overwrite",
+              "name": "javascript.express.security.audit.xss.mustache.escape-function-overwrite.escape-function-overwrite",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.mustache.escape-function-overwrite.escape-function-overwrite"
+              },
+              "full_description": {
+                "text": "The Mustache escape function is being overwritten. This could bypass HTML escaping safety measures built into the rendering engine, exposing your application to cross-site scripting (XSS) vulnerabilities. If you need unescaped HTML, use the triple brace operator in your template: '{{{ ... }}}'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.escape-function-overwrite.escape-function-overwrite",
+              "help": {
+                "text": "The Mustache escape function is being overwritten. This could bypass HTML escaping safety measures built into the rendering engine, exposing your application to cross-site scripting (XSS) vulnerabilities. If you need unescaped HTML, use the triple brace operator in your template: '{{{ ... }}}'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The Mustache escape function is being overwritten. This could bypass HTML escaping safety measures built into the rendering engine, exposing your application to cross-site scripting (XSS) vulnerabilities. If you need unescaped HTML, use the triple brace operator in your template: '{{{ ... }}}'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.escape-function-overwrite.escape-function-overwrite)\n - [https://github.com/janl/mustache.js/#variables](https://github.com/janl/mustache.js/#variables)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_2"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 101,
-                  "endLine": 297,
-                  "snippet": {
-                    "text": "            response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)"
-                  },
-                  "startColumn": 13,
-                  "startLine": 297
-                }
+              "id": "go.jwt-go.security.jwt.hardcoded-jwt-key",
+              "name": "go.jwt-go.security.jwt.hardcoded-jwt-key",
+              "short_description": {
+                "text": "Semgrep Finding: go.jwt-go.security.jwt.hardcoded-jwt-key"
+              },
+              "full_description": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.jwt-go.security.jwt.hardcoded-jwt-key",
+              "help": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.jwt-go.security.jwt.hardcoded-jwt-key)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.secure-cookies.django-secure-set-cookie"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ecdb18cf7b07cc98ef9f53a5c39eef5cffe7ca167f0e6e2cbdb42f5c35d4b702ddb93acce08ad802d34c6164f349a5cb0995c2327292b5f1666b643006580779_2"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 50,
-                  "endLine": 310,
-                  "snippet": {
-                    "text": "                response = HttpResponse(rendered)"
-                  },
-                  "startColumn": 28,
-                  "startLine": 310
-                }
+              "id": "python.flask.security.injection.raw-html-concat.raw-html-format",
+              "name": "python.flask.security.injection.raw-html-concat.raw-html-format",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.injection.raw-html-concat.raw-html-format"
+              },
+              "full_description": {
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`flask.render_template`) which will safely render HTML instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.injection.raw-html-concat.raw-html-format",
+              "help": {
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`flask.render_template`) which will safely render HTML instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`flask.render_template`) which will safely render HTML instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.raw-html-concat.raw-html-format)\n - [https://flask.palletsprojects.com/en/2.0.x/security/#cross-site-scripting-xss](https://flask.palletsprojects.com/en/2.0.x/security/#cross-site-scripting-xss)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_3"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 105,
-                  "endLine": 311,
-                  "snippet": {
-                    "text": "                response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)"
-                  },
-                  "startColumn": 17,
-                  "startLine": 311
-                }
+              "id": "terraform.aws.security.aws-codebuild-project-artifacts-unencrypted.aws-codebuild-project-artifacts-unencrypted",
+              "name": "terraform.aws.security.aws-codebuild-project-artifacts-unencrypted.aws-codebuild-project-artifacts-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-codebuild-project-artifacts-unencrypted.aws-codebuild-project-artifacts-unencrypted"
+              },
+              "full_description": {
+                "text": "The AWS CodeBuild Project Artifacts are unencrypted. The AWS KMS encryption key protects artifacts in the CodeBuild Projects. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-codebuild-project-artifacts-unencrypted.aws-codebuild-project-artifacts-unencrypted",
+              "help": {
+                "text": "The AWS CodeBuild Project Artifacts are unencrypted. The AWS KMS encryption key protects artifacts in the CodeBuild Projects. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS CodeBuild Project Artifacts are unencrypted. The AWS KMS encryption key protects artifacts in the CodeBuild Projects. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-codebuild-project-artifacts-unencrypted.aws-codebuild-project-artifacts-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.secure-cookies.django-secure-set-cookie"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ecdb18cf7b07cc98ef9f53a5c39eef5cffe7ca167f0e6e2cbdb42f5c35d4b702ddb93acce08ad802d34c6164f349a5cb0995c2327292b5f1666b643006580779_3"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 38,
-                  "endLine": 321,
-                  "snippet": {
-                    "text": "    response = HttpResponse(rendered)"
-                  },
-                  "startColumn": 16,
-                  "startLine": 321
-                }
+              "id": "problem-based-packs.insecure-transport.java-stdlib.telnet-request.telnet-request",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.telnet-request.telnet-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.telnet-request.telnet-request"
+              },
+              "full_description": {
+                "text": "Checks for attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.telnet-request.telnet-request",
+              "help": {
+                "text": "Checks for attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.telnet-request.telnet-request)\n - [https://commons.apache.org/proper/commons-net/javadocs/api-3.6/org/apache/commons/net/telnet/TelnetClient.html](https://commons.apache.org/proper/commons-net/javadocs/api-3.6/org/apache/commons/net/telnet/TelnetClient.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "feaf12476ff893432ebe0db525c31ca7c359f29837754a6419a2f623ab3722353f7c76c1ddded78ecf6baa8cfbbf4787c34023db4907a6e24e54507a4fa70861_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 33,
-                  "endLine": 332,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef ba(request):\n    if request.user.is_authenticated:\n        return render(request,\"Lab/BrokenAccess/ba.html\")\n    else:\n        return redirect('login')"
-                  },
-                  "startColumn": 1,
-                  "startLine": 327
-                }
+              "id": "javascript.angular.security.detect-angular-trust-as-css.detect-angular-trust-as-css-method",
+              "name": "javascript.angular.security.detect-angular-trust-as-css.detect-angular-trust-as-css-method",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-css.detect-angular-trust-as-css-method"
+              },
+              "full_description": {
+                "text": "The use of $sce.trustAsCss can be dangerous if unsanitized user input flows through this API."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-css.detect-angular-trust-as-css-method",
+              "help": {
+                "text": "The use of $sce.trustAsCss can be dangerous if unsanitized user input flows through this API.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The use of $sce.trustAsCss can be dangerous if unsanitized user input flows through this API.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-css.detect-angular-trust-as-css-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsCss](https://docs.angularjs.org/api/ng/service/$sce#trustAsCss)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "8e222532117b46dd5aca3d0f01ee82d19abb9dd9209105bcbf94029566cf9d85c25a1d3c454e6d6ec3aadd386eff5278c1c4d6ad55f52f8ff4ac9ac480d5ec32_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 33,
-                  "endLine": 373,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef ba_lab(request):\n    if request.user.is_authenticated:\n        name = request.POST.get('name')\n        password = request.POST.get('pass')\n        if name:\n            if request.COOKIES.get('admin') == \"1\":\n                return render(\n                    request, \n                    'Lab/BrokenAccess/ba_lab.html', \n                    {\n                        \"data\":\"0NLY_F0R_4DM1N5\",\n                        \"username\": \"admin\"\n                    })\n            elif login.objects.filter(user='admin',password=password):\n                html = render(\n                    request, \n                    'Lab/BrokenAccess/ba_lab.html', \n                    {\n                        \"data\":\"0NLY_F0R_4DM1N5\",\n                        \"username\": \"admin\"\n                    })\n                html.set_cookie(\"admin\", \"1\",max_age=200)\n                return html\n            elif login.objects.filter(user=name,password=password):\n                html = render(\n                request, \n                'Lab/BrokenAccess/ba_lab.html', \n                {\n                    \"not_admin\":\"No Secret key for this User\",\n                    \"username\": name\n                })\n                html.set_cookie(\"admin\", \"0\",max_age=200)\n                return html\n            else:\n                return render(request, 'Lab/BrokenAccess/ba_lab.html', {\"data\": \"User Not Found\"})\n\n        else:\n            return render(request,'Lab/BrokenAccess/ba_lab.html',{\"no_creds\":True})\n    else:\n        return redirect('login')"
-                  },
-                  "startColumn": 1,
-                  "startLine": 333
-                }
+              "id": "ruby.rails.security.audit.xss.avoid-render-text.avoid-render-text",
+              "name": "ruby.rails.security.audit.xss.avoid-render-text.avoid-render-text",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-render-text.avoid-render-text"
+              },
+              "full_description": {
+                "text": "'render text: ...' actually sets the content-type to 'text/html'. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Instead, use 'render plain: ...' to render non-HTML text."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-text.avoid-render-text",
+              "help": {
+                "text": "'render text: ...' actually sets the content-type to 'text/html'. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Instead, use 'render plain: ...' to render non-HTML text.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'render text: ...' actually sets the content-type to 'text/html'. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Instead, use 'render plain: ...' to render non-HTML text.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-text.avoid-render-text)\n - [https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#inline-renders---even-worse-than-xss](https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#inline-renders---even-worse-than-xss)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "2b50e5583de0310dc0118436d7f56ecbfafef069ec53226bdc089aa06142b85407cc318aa89afd17a9247137f87d67e58138051123ccaa10b98d740130a06687_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 33,
-                  "endLine": 441,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef cmd_lab(request):\n    if request.user.is_authenticated:\n        if(request.method==\"POST\"):\n            domain=request.POST.get('domain')\n            domain=domain.replace(\"https://www.\",'')\n            os=request.POST.get('os')\n            print(os)\n            if(os=='win'):\n                command=\"nslookup {}\".format(domain)\n            else:\n                command = \"dig {}\".format(domain)\n            \n            try:\n                # output=subprocess.check_output(command,shell=True,encoding=\"UTF-8\")\n                process = subprocess.Popen(\n                    command,\n                    shell=True,\n                    stdout=subprocess.PIPE, \n                    stderr=subprocess.PIPE)\n                stdout, stderr = process.communicate()\n                data = stdout.decode('utf-8')\n                stderr = stderr.decode('utf-8')\n                # res = json.loads(data)\n                # print(\"Stdout\\n\" + data)\n                output = data + stderr\n                print(data + stderr)\n            except:\n                output = \"Something went wrong\"\n                return render(request,'Lab/CMD/cmd_lab.html',{\"output\":output})\n            print(output)\n            return render(request,'Lab/CMD/cmd_lab.html',{\"output\":output})\n        else:\n            return render(request, 'Lab/CMD/cmd_lab.html')\n    else:\n        return redirect('login')"
-                  },
-                  "startColumn": 1,
-                  "startLine": 406
-                }
+              "id": "javascript.playwright.security.audit.playwright-goto-injection.playwright-goto-injection",
+              "name": "javascript.playwright.security.audit.playwright-goto-injection.playwright-goto-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-goto-injection.playwright-goto-injection"
+              },
+              "full_description": {
+                "text": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-goto-injection.playwright-goto-injection",
+              "help": {
+                "text": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-goto-injection.playwright-goto-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "94611d943987a0d7f75afc843d39653c4ade5d2aedc527f96b426d960163cb2a1870d9e6b1fed79c92cc9a9843458348cbcdd152d51665133f63850bd8e67788_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 44,
-                  "endLine": 425,
-                  "snippet": {
-                    "text": "                process = subprocess.Popen(\n                    command,\n                    shell=True,\n                    stdout=subprocess.PIPE, \n                    stderr=subprocess.PIPE)"
-                  },
-                  "startColumn": 27,
-                  "startLine": 421
-                }
+              "id": "terraform.aws.security.aws-cloudfront-insecure-tls.aws-insecure-cloudfront-distribution-tls-version",
+              "name": "terraform.aws.security.aws-cloudfront-insecure-tls.aws-insecure-cloudfront-distribution-tls-version",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-cloudfront-insecure-tls.aws-insecure-cloudfront-distribution-tls-version"
+              },
+              "full_description": {
+                "text": "Detected an AWS CloudFront Distribution with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `minimum_protocol_version` to `\"TLSv1.2_2018\", \"TLSv1.2_2019\" or \"TLSv1.2_2021\"`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-cloudfront-insecure-tls.aws-insecure-cloudfront-distribution-tls-version",
+              "help": {
+                "text": "Detected an AWS CloudFront Distribution with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `minimum_protocol_version` to `\"TLSv1.2_2018\", \"TLSv1.2_2019\" or \"TLSv1.2_2021\"`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an AWS CloudFront Distribution with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `minimum_protocol_version` to `\"TLSv1.2_2018\", \"TLSv1.2_2019\" or \"TLSv1.2_2021\"`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-cloudfront-insecure-tls.aws-insecure-cloudfront-distribution-tls-version)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-326: Inadequate Encryption Strength",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.command.subprocess-injection.subprocess-injection"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "d665d7d2046c901331c1436bf4971a4c8a73ce7a02e928d5e781145c9f43c379adcd48ff49768c44f5dc591534b02ff3f688d042d99797b98326f48dee92c783_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 44,
-                  "endLine": 425,
-                  "snippet": {
-                    "text": "                process = subprocess.Popen(\n                    command,\n                    shell=True,\n                    stdout=subprocess.PIPE, \n                    stderr=subprocess.PIPE)"
-                  },
-                  "startColumn": 27,
-                  "startLine": 421
-                }
+              "id": "java.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "name": "java.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: java.aws-lambda.security.tainted-sql-string.tainted-sql-string"
+              },
+              "full_description": {
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "help": {
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.aws-lambda.security.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Found 'subprocess' function 'Popen' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead."
-          },
-          "properties": {},
-          "ruleId": "python.lang.security.audit.subprocess-shell-true.subprocess-shell-true"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "b22e8250a693c5f615d40674fb16d520b52b75e4c405f61babb0ced7553bd691bc0c14dd21ff7ff0441ea97d16470a221e447d09fb17213138e9b4f4c4ab6e49_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 28,
-                  "endLine": 422,
-                  "snippet": {
-                    "text": "                    command,"
-                  },
-                  "startColumn": 21,
-                  "startLine": 422
-                }
+              "id": "javascript.browser.security.insecure-document-method.insecure-document-method",
+              "name": "javascript.browser.security.insecure-document-method.insecure-document-method",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.browser.security.insecure-document-method.insecure-document-method"
+              },
+              "full_description": {
+                "text": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.browser.security.insecure-document-method.insecure-document-method",
+              "help": {
+                "text": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.insecure-document-method.insecure-document-method)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected subprocess function 'cmd_lab' with user controlled data. A malicious actor could leverage this to perform command injection. You may consider using 'shlex.escape()'."
-          },
-          "properties": {},
-          "ruleId": "python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "15f5aa865ea27de8b14a0f65de60b4d5a43909244b985f4b737212410912deb50360fe0aaa1c7ccba11f6468bdd8d96392c2bb1fc4ee29de3c03a1da2809579f_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 33,
-                  "endLine": 460,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef cmd_lab2(request):\n    if request.user.is_authenticated:\n        if (request.method==\"POST\"):\n            val=request.POST.get('val')\n            \n            print(val)\n            try:\n                output = eval(val)\n            except:\n                output = \"Something went wrong\"\n                return render(request,'Lab/CMD/cmd_lab2.html',{\"output\":output})\n            print(\"Output = \", output)\n            return render(request,'Lab/CMD/cmd_lab2.html',{\"output\":output})\n        else:\n            return render(request, 'Lab/CMD/cmd_lab2.html')\n    else:\n        return redirect('login')"
-                  },
-                  "startColumn": 1,
-                  "startLine": 443
-                }
+              "id": "java.lang.security.audit.ldap-entry-poisoning.ldap-entry-poisoning",
+              "name": "java.lang.security.audit.ldap-entry-poisoning.ldap-entry-poisoning",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.ldap-entry-poisoning.ldap-entry-poisoning"
+              },
+              "full_description": {
+                "text": "An object-returning LDAP search will allow attackers to control the LDAP response. This could lead to Remote Code Execution."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.ldap-entry-poisoning.ldap-entry-poisoning",
+              "help": {
+                "text": "An object-returning LDAP search will allow attackers to control the LDAP response. This could lead to Remote Code Execution.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "An object-returning LDAP search will allow attackers to control the LDAP response. This could lead to Remote Code Execution.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.ldap-entry-poisoning.ldap-entry-poisoning)\n - [https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf](https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "912c28621c990cec1c4c259dd72a41485aea7cc7cbd2cb5846b55e1c8b65678baa533b5787eb5e222a430b7457bb95e4fa816109902a2e9f1261fdda0f915c01_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 81,
-                  "endLine": 454,
-                  "snippet": {
-                    "text": "            val=request.POST.get('val')\n            \n            print(val)\n            try:\n                output = eval(val)\n            except:\n                output = \"Something went wrong\"\n                return render(request,'Lab/CMD/cmd_lab2.html',{\"output\":output})"
-                  },
-                  "startColumn": 13,
-                  "startLine": 447
-                }
+              "id": "javascript.serialize-javascript.security.audit.unsafe-serialize-javascript.unsafe-serialize-javascript",
+              "name": "javascript.serialize-javascript.security.audit.unsafe-serialize-javascript.unsafe-serialize-javascript",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.serialize-javascript.security.audit.unsafe-serialize-javascript.unsafe-serialize-javascript"
+              },
+              "full_description": {
+                "text": "`serialize-javascript` used with `unsafe` parameter, this could be vulnerable to XSS."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.serialize-javascript.security.audit.unsafe-serialize-javascript.unsafe-serialize-javascript",
+              "help": {
+                "text": "`serialize-javascript` used with `unsafe` parameter, this could be vulnerable to XSS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "`serialize-javascript` used with `unsafe` parameter, this could be vulnerable to XSS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.serialize-javascript.security.audit.unsafe-serialize-javascript.unsafe-serialize-javascript)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.code.user-eval.user-eval"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "7ccc3aeb5b5a728bfcf602ad9cab37a9abed280ad405be4b82f5910ac8b9d23750a6fc80f1c3f4a334729a6b04698f458e44672dc8042688ceb2fe1277e1918d_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 35,
-                  "endLine": 451,
-                  "snippet": {
-                    "text": "                output = eval(val)"
-                  },
-                  "startColumn": 26,
-                  "startLine": 451
-                }
+              "id": "java.lang.security.audit.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
+              "name": "java.lang.security.audit.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call"
+              },
+              "full_description": {
+                "text": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
+              "help": {
+                "text": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
-          },
-          "properties": {},
-          "ruleId": "python.lang.security.audit.eval-detected.eval-detected"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "78279ef509d2c1eed42551b6c27d952a43c7fdd175b1fda0d839e1c661fcd340333fa5de968f41fa98bd3f85dca3823775dd9c8ce013fe1b23ab39e3776626da_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 101,
-                  "endLine": 509,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef Otp(request):\n    if request.method==\"GET\":\n        email=request.GET.get('email')\n        otpN=randint(100,999)\n        if email and otpN:\n            if email==\"admin@pygoat.com\":\n                otp.objects.filter(id=2).update(otp=otpN)\n                html = render(request, \"Lab/BrokenAuth/otp.html\", {\"otp\":\"Sent To Admin Mail ID\"})\n                html.set_cookie(\"email\", email)\n                return html\n\n            else:\n                otp.objects.filter(id=1).update(email=email, otp=otpN)\n                html=render (request,\"Lab/BrokenAuth/otp.html\",{\"otp\":otpN})\n                html.set_cookie(\"email\",email)\n                return html\n        else:\n            return render(request,\"Lab/BrokenAuth/otp.html\")\n    else:\n        otpR=request.POST.get(\"otp\")\n        email=request.COOKIES.get(\"email\")\n        if otp.objects.filter(email=email,otp=otpR) or otp.objects.filter(id=2,otp=otpR):\n            # return HttpResponse(\"<h3>Login Success for email:::\"+email+\"</h3>\")\n            return render (request,\"Lab/BrokenAuth/otp.html\",{\"email\":email})\n        else:\n            return render (request,\"Lab/BrokenAuth/otp.html\",{\"otp\":\"Invalid OTP Please Try Again\"})"
-                  },
-                  "startColumn": 1,
-                  "startLine": 483
-                }
+              "id": "python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli",
+              "name": "python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli"
+              },
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a psycopg2 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements by creating a 'sql.SQL' string. You can also use the pyformat binding style to create parameterized queries. For example: 'cur.execute(SELECT * FROM table WHERE name=%s, user_input)'"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli",
+              "help": {
+                "text": "Detected string concatenation with a non-literal variable in a psycopg2 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements by creating a 'sql.SQL' string. You can also use the pyformat binding style to create parameterized queries. For example: 'cur.execute(SELECT * FROM table WHERE name=%s, user_input)'\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a psycopg2 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements by creating a 'sql.SQL' string. You can also use the pyformat binding style to create parameterized queries. For example: 'cur.execute(SELECT * FROM table WHERE name=%s, user_input)'\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli)\n - [https://www.psycopg.org/docs/sql.html](https://www.psycopg.org/docs/sql.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "2e45d84cc3d0ec744e402069ff47e53801293c70711a30d8f019631b8c57c2a40c69c6a9224379c2b6d2e46b62e1ad8ab5435a06e52defaf8fa8d309a2a7bea9_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 33,
-                  "endLine": 560,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef a9_lab(request):\n    if request.user.is_authenticated:\n        if request.method==\"GET\":\n            return render(request,\"Lab/A9/a9_lab.html\")\n        else:\n\n            try :\n                file=request.FILES[\"file\"]\n                try :\n                    data = yaml.load(file,yaml.Loader)\n                    \n                    return render(request,\"Lab/A9/a9_lab.html\",{\"data\":data})\n                except:\n                    return render(request, \"Lab/A9/a9_lab.html\", {\"data\": \"Error\"})\n\n            except:\n                return render(request, \"Lab/A9/a9_lab.html\", {\"data\":\"Please Upload a Yaml file.\"})\n    else:\n        return redirect('login')"
-                  },
-                  "startColumn": 1,
-                  "startLine": 541
-                }
+              "id": "go.lang.security.audit.crypto.use_of_weak_rsa_key.use-of-weak-rsa-key",
+              "name": "go.lang.security.audit.crypto.use_of_weak_rsa_key.use-of-weak-rsa-key",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.use_of_weak_rsa_key.use-of-weak-rsa-key"
+              },
+              "full_description": {
+                "text": "RSA keys should be at least 2048 bits"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_rsa_key.use-of-weak-rsa-key",
+              "help": {
+                "text": "RSA keys should be at least 2048 bits\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "RSA keys should be at least 2048 bits\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_rsa_key.use-of-weak-rsa-key)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-326: Inadequate Encryption Strength",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "55b039a7d13528e25e3bad4465aaea7b810fbbce02b515657d90a9e1bd61e656bf30e35d3d477cbb78924a78e34b0bf91c371ea860fdb697d0643a120df5776b_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 55,
-                  "endLine": 551,
-                  "snippet": {
-                    "text": "                    data = yaml.load(file,yaml.Loader)"
-                  },
-                  "startColumn": 28,
-                  "startLine": 551
-                }
+              "id": "java.spring.security.audit.spring-actuator-fully-enabled.spring-actuator-fully-enabled",
+              "name": "java.spring.security.audit.spring-actuator-fully-enabled.spring-actuator-fully-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.audit.spring-actuator-fully-enabled.spring-actuator-fully-enabled"
+              },
+              "full_description": {
+                "text": "Spring Boot Actuator is fully enabled. This exposes sensitive endpoints such as /actuator/env, /actuator/logfile, /actuator/heapdump and others. Unless you have Spring Security enabled or another means to protect these endpoints, this functionality is available without authentication, causing a significant security risk."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.audit.spring-actuator-fully-enabled.spring-actuator-fully-enabled",
+              "help": {
+                "text": "Spring Boot Actuator is fully enabled. This exposes sensitive endpoints such as /actuator/env, /actuator/logfile, /actuator/heapdump and others. Unless you have Spring Security enabled or another means to protect these endpoints, this functionality is available without authentication, causing a significant security risk.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Spring Boot Actuator is fully enabled. This exposes sensitive endpoints such as /actuator/env, /actuator/logfile, /actuator/heapdump and others. Unless you have Spring Security enabled or another means to protect these endpoints, this functionality is available without authentication, causing a significant security risk.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spring-actuator-fully-enabled.spring-actuator-fully-enabled)\n - [https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-features.html#production-ready-endpoints-exposing-endpoints](https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-features.html#production-ready-endpoints-exposing-endpoints)\n - [https://medium.com/walmartglobaltech/perils-of-spring-boot-actuators-misconfiguration-185c43a0f785](https://medium.com/walmartglobaltech/perils-of-spring-boot-actuators-misconfiguration-185c43a0f785)\n - [https://blog.maass.xyz/spring-actuator-security-part-1-stealing-secrets-using-spring-actuators](https://blog.maass.xyz/spring-actuator-security-part-1-stealing-secrets-using-spring-actuators)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Avoid using insecure deserialization library, backed by `pickle`, `_pickle`, `cpickle`, `dill`, `shelve`, or `yaml`, which are known to lead to remote code execution vulnerabilities."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "2f5a5b921e9a789d38827bfe1df346c19bf56260aa1c9682e59828f2aaee4c3a00123ab2b16ff9fcc184db1988e35b745826349da75542dae28d9ea9b3d9aa98_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 105,
-                  "endLine": 596,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef a9_lab2(request):\n    if not request.user.is_authenticated:\n        return redirect('login')\n    \n    if request.method == \"GET\":\n        return render (request,\"Lab/A9/a9_lab2.html\")\n    elif request.method == \"POST\":\n        try :\n            file=request.FILES[\"file\"]\n            function_str = request.POST.get(\"function\")\n            img  = Image.open(file)\n            img = img.convert(\"RGB\")\n            r,g,b  = img.split()\n            # function_str = \"convert(r+g, '1')\"\n            output = ImageMath.eval(function_str,img = img, b=b, r=r, g=g)\n\n            # saving the image \n            buffered = BytesIO()\n            output.save(buffered, format=\"JPEG\")\n            img_str = base64.b64encode(buffered.getvalue()).decode(\"utf-8\")\n\n            bufferd_ref = BytesIO()\n            img.save(bufferd_ref, format=\"JPEG\")\n            img_str_ref = base64.b64encode(bufferd_ref.getvalue()).decode(\"utf-8\")\n            try :\n                return render(request,\"Lab/A9/a9_lab2.html\",{\"img_str\": img_str,\"img_str_ref\":img_str_ref, \"success\": True})\n            except Exception as e:\n                print(e)\n                return render(request, \"Lab/A9/a9_lab2.html\", {\"data\": \"Error\", \"error\": True})\n        except Exception as e:\n            print(e)\n            return render(request, \"Lab/A9/a9_lab2.html\", {\"data\":\"Please Upload a file\", \"error\":True})"
-                  },
-                  "startColumn": 1,
-                  "startLine": 564
-                }
+              "id": "generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token",
+              "name": "generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token"
+              },
+              "full_description": {
+                "text": "NPM registry authentication token detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token",
+              "help": {
+                "text": "NPM registry authentication token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "NPM registry authentication token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "053e4cfdf437f99f72ec1f0e42f356815f47f4d7d2f67f72e545de90ba8087f31ad164fc2710541a234bde977d11fcab4c47e91965df7697b8b1c12a1f933a8b_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 80,
-                  "endLine": 734,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef a1_broken_access(request):\n    if not request.user.is_authenticated:\n        return redirect('login')\n    \n    return render(request,\"Lab_2021/A1_BrokenAccessControl/broken_access.html\")"
-                  },
-                  "startColumn": 1,
-                  "startLine": 729
-                }
+              "id": "python.lang.compatibility.python37.python37-compatibility-ipv6network2",
+              "name": "python.lang.compatibility.python37.python37-compatibility-ipv6network2",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-ipv6network2"
+              },
+              "full_description": {
+                "text": "IPv6Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv6network2",
+              "help": {
+                "text": "IPv6Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "IPv6Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv6network2)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": []
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "ae88e3c7a96c5d511f6b2d99b57225570acf53d0e9749763c482a098af92b51f07b5c4a0c2878dca4469c83b48ab156ad3695f1286c7f3be4720357688067161_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 108,
-                  "endLine": 771,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef a1_broken_access_lab_1(request):\n    if request.user.is_authenticated:\n        pass\n    else:\n        return redirect('login')\n    \n    name = request.POST.get('name')\n    password = request.POST.get('pass')\n    print(password)\n    print(name)\n    if name:\n        if request.COOKIES.get('admin') == \"1\":\n            return render(\n                request, \n                'Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html', \n                {\n                    \"data\":\"0NLY_F0R_4DM1N5\",\n                    \"username\": \"admin\"\n                })\n        elif (name=='jack' and password=='jacktheripper'): # Will implement hashing here\n            html = render(\n            request, \n            'Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html', \n            {\n                \"not_admin\":\"No Secret key for this User\",\n                \"username\": name\n            })\n            html.set_cookie(\"admin\", \"0\",max_age=200)\n            return html\n        else:\n            return render(request, 'Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html', {\"data\": \"User Not Found\"})\n\n    else:\n        return render(request,'Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html',{\"no_creds\":True})"
-                  },
-                  "startColumn": 1,
-                  "startLine": 737
-                }
+              "id": "java.lang.security.audit.insecure-smtp-connection.insecure-smtp-connection",
+              "name": "java.lang.security.audit.insecure-smtp-connection.insecure-smtp-connection",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.insecure-smtp-connection.insecure-smtp-connection"
+              },
+              "full_description": {
+                "text": "Insecure SMTP connection detected. This connection will trust any SSL certificate. Enable certificate verification by setting 'email.setSSLCheckServerIdentity(true)'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.insecure-smtp-connection.insecure-smtp-connection",
+              "help": {
+                "text": "Insecure SMTP connection detected. This connection will trust any SSL certificate. Enable certificate verification by setting 'email.setSSLCheckServerIdentity(true)'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Insecure SMTP connection detected. This connection will trust any SSL certificate. Enable certificate verification by setting 'email.setSSLCheckServerIdentity(true)'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.insecure-smtp-connection.insecure-smtp-connection)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-297: Improper Validation of Certificate with Host Mismatch",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "98a8b7324fe6e9f14187c0cfe31ea0df3cb7a6f95e8fcc26ade85106c0170a7758e004e3fd4260241dd03f71c828104cee21273d8d2ec4e2242f60d544043168_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 108,
-                  "endLine": 811,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef a1_broken_access_lab_2(request):\n    if request.user.is_authenticated:\n        pass\n    else:\n        return redirect('login')\n    \n    name = request.POST.get('name')\n    password = request.POST.get('pass')\n    user_agent = request.META['HTTP_USER_AGENT']\n\n    # print(name)\n    # print(password)\n    print(user_agent)\n    if name :  \n        if (user_agent == \"pygoat_admin\"):\n            return render(\n                request, \n                'Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html', \n                {\n                    \"data\":\"0NLY_F0R_4DM1N5\",\n                    \"username\": \"admin\",\n                    \"status\": \"admin\"\n                })\n        elif ( name=='jack' and password=='jacktheripper'): # Will implement hashing here\n            html = render(\n            request, \n            'Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html', \n            {\n                \"not_admin\":\"No Secret key for this User\",\n                \"username\": name,\n                \"status\": \"not admin\"\n            })\n            return html\n        else:\n            return render(request, 'Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html', {\"data\": \"User Not Found\"})\n\n    else:\n        return render(request,'Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html',{\"no_creds\":True})"
-                  },
-                  "startColumn": 1,
-                  "startLine": 773
-                }
+              "id": "terraform.lang.security.eks-insufficient-control-plane-logging.eks-insufficient-control-plane-logging",
+              "name": "terraform.lang.security.eks-insufficient-control-plane-logging.eks-insufficient-control-plane-logging",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.eks-insufficient-control-plane-logging.eks-insufficient-control-plane-logging"
+              },
+              "full_description": {
+                "text": "Missing EKS control plane logging. It is recommended to enable at least Kubernetes API server component logs (\"api\") and audit logs (\"audit\") of the EKS control plane through the enabled_cluster_log_types attribute."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.eks-insufficient-control-plane-logging.eks-insufficient-control-plane-logging",
+              "help": {
+                "text": "Missing EKS control plane logging. It is recommended to enable at least Kubernetes API server component logs (\"api\") and audit logs (\"audit\") of the EKS control plane through the enabled_cluster_log_types attribute.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Missing EKS control plane logging. It is recommended to enable at least Kubernetes API server component logs (\"api\") and audit logs (\"audit\") of the EKS control plane through the enabled_cluster_log_types attribute.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.eks-insufficient-control-plane-logging.eks-insufficient-control-plane-logging)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#enabling-control-plane-logging](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#enabling-control-plane-logging)\n - [https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-778: Insufficient Logging",
+                  "LOW CONFIDENCE",
+                  "OWASP-A09:2021 - Security Logging and Monitoring Failures",
+                  "OWASP-A10:2017 - Insufficient Logging & Monitoring",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "cb3b6e19a7ccf9b18d05efab85c3dcf7842fb0dac8f4e92f653ef89b4e631d1222837291d3b61d925fb0149d4e551876f45675a82be51e6190a11678e879d311_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 66,
-                  "endLine": 842,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef injection(request):\n    if not request.user.is_authenticated:\n        return redirect('login')\n    \n    return render(request,\"Lab_2021/A3_Injection/injection.html\")"
-                  },
-                  "startColumn": 1,
-                  "startLine": 837
-                }
+              "id": "java.lang.security.audit.sqli.jdo-sqli.jdo-sqli",
+              "name": "java.lang.security.audit.sqli.jdo-sqli.jdo-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.sqli.jdo-sqli.jdo-sqli"
+              },
+              "full_description": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.sqli.jdo-sqli.jdo-sqli",
+              "help": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.jdo-sqli.jdo-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "75e13665e6b1a476924770be8daf36e57b8f0a22c9a06f203d24583e8cf80dd5e0b4d9fd3316ac525cbe37d81418354fc076286282f738620bcaadfe9d2239f1_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 33,
-                  "endLine": 895,
-                  "snippet": {
-                    "text": "@csrf_exempt\ndef injection_sql_lab(request):\n    if request.user.is_authenticated:\n\n        name=request.POST.get('name')\n        password=request.POST.get('pass')\n        print(name)\n        print(password)\n\n        if name:\n            sql_query = \"SELECT * FROM introduction_sql_lab_table WHERE id='\"+name+\"'AND password='\"+password+\"'\"\n\n            sql_instance = sql_lab_table(id=\"admin\", password=\"65079b006e85a7e798abecb99e47c154\")\n            sql_instance.save()\n            sql_instance = sql_lab_table(id=\"jack\", password=\"jack\")\n            sql_instance.save()\n            sql_instance = sql_lab_table(id=\"slinky\", password=\"b4f945433ea4c369c12741f62a23ccc0\")\n            sql_instance.save()\n            sql_instance = sql_lab_table(id=\"bloke\", password=\"f8d1ce191319ea8f4d1d26e65e130dd5\")\n            sql_instance.save()\n\n            print(sql_query)\n\n            try:\n                user = sql_lab_table.objects.raw(sql_query)\n                user = user[0].id\n                print(user)\n\n            except:\n                return render(\n                    request, \n                    'Lab_2021/A3_Injection/sql_lab.html',\n                    {\n                        \"wrongpass\":password,\n                        \"sql_error\":sql_query\n                    })\n\n            if user:\n                return render(request, 'Lab_2021/A3_Injection/sql_lab.html',{\"user1\":user})\n            else:\n                return render(\n                    request, \n                    'Lab_2021/A3_Injection/sql_lab.html',\n                    {\n                        \"wrongpass\":password,\n                        \"sql_error\":sql_query\n                    })\n        else:\n            return render(request, 'Lab_2021/A3_Injection/sql_lab.html')\n    else:\n        return redirect('login')"
-                  },
-                  "startColumn": 1,
-                  "startLine": 845
-                }
+              "id": "python.django.security.audit.raw-query.avoid-raw-sql",
+              "name": "python.django.security.audit.raw-query.avoid-raw-sql",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.raw-query.avoid-raw-sql"
+              },
+              "full_description": {
+                "text": "Detected the use of 'RawSQL' or 'raw' indicating the execution of a non-parameterized SQL query. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use Django ORM and parameterized queries before raw SQL. An example of using the Django ORM is: `People.objects.get(name='Bob')`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.raw-query.avoid-raw-sql",
+              "help": {
+                "text": "Detected the use of 'RawSQL' or 'raw' indicating the execution of a non-parameterized SQL query. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use Django ORM and parameterized queries before raw SQL. An example of using the Django ORM is: `People.objects.get(name='Bob')`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the use of 'RawSQL' or 'raw' indicating the execution of a non-parameterized SQL query. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use Django ORM and parameterized queries before raw SQL. An example of using the Django ORM is: `People.objects.get(name='Bob')`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.raw-query.avoid-raw-sql)\n - [https://docs.djangoproject.com/en/3.0/ref/models/expressions/#raw-sql-expressions](https://docs.djangoproject.com/en/3.0/ref/models/expressions/#raw-sql-expressions)\n - [https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/](https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "9e21762bc5f7655c701035adad830f7eccc703de33f338172065128e544218caded180f88d04afdc911793c2eb50334c93c8261a0025cec72c72d96159a2368c_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 114,
-                  "endLine": 855,
-                  "snippet": {
-                    "text": "            sql_query = \"SELECT * FROM introduction_sql_lab_table WHERE id='\"+name+\"'AND password='\"+password+\"'\""
-                  },
-                  "startColumn": 25,
-                  "startLine": 855
-                }
+              "id": "go.lang.security.audit.crypto.ssl.ssl-v3-is-insecure",
+              "name": "go.lang.security.audit.crypto.ssl.ssl-v3-is-insecure",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.ssl.ssl-v3-is-insecure"
+              },
+              "full_description": {
+                "text": "SSLv3 is insecure because it has known vulnerabilities. Starting with go1.14, SSLv3 will be removed. Instead, use 'tls.VersionTLS13'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.ssl.ssl-v3-is-insecure",
+              "help": {
+                "text": "SSLv3 is insecure because it has known vulnerabilities. Starting with go1.14, SSLv3 will be removed. Instead, use 'tls.VersionTLS13'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "SSLv3 is insecure because it has known vulnerabilities. Starting with go1.14, SSLv3 will be removed. Instead, use 'tls.VersionTLS13'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.ssl.ssl-v3-is-insecure)\n - [https://golang.org/doc/go1.14#crypto/tls](https://golang.org/doc/go1.14#crypto/tls)\n - [https://www.us-cert.gov/ncas/alerts/TA14-290A](https://www.us-cert.gov/ncas/alerts/TA14-290A)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using the Django object-relational mappers (ORM) instead of raw SQL queries."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.tainted-sql-string.tainted-sql-string"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "04824a9601d535bae3436c8fe648d9dce01924e4610c424aaba932649fea49db40f22f24d2c46f0403fff6b09c6e766d5ae7f5b0db0d19965809cc14fb876e31_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 60,
-                  "endLine": 869,
-                  "snippet": {
-                    "text": "                user = sql_lab_table.objects.raw(sql_query)"
-                  },
-                  "startColumn": 24,
-                  "startLine": 869
-                }
+              "id": "java.lang.security.audit.crlf-injection-logs.crlf-injection-logs",
+              "name": "java.lang.security.audit.crlf-injection-logs.crlf-injection-logs",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crlf-injection-logs.crlf-injection-logs"
+              },
+              "full_description": {
+                "text": "When data from an untrusted source is put into a logger and not neutralized correctly, an attacker could forge log entries or include malicious content."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crlf-injection-logs.crlf-injection-logs",
+              "help": {
+                "text": "When data from an untrusted source is put into a logger and not neutralized correctly, an attacker could forge log entries or include malicious content.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "When data from an untrusted source is put into a logger and not neutralized correctly, an attacker could forge log entries or include malicious content.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crlf-injection-logs.crlf-injection-logs)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected the use of 'RawSQL' or 'raw' indicating the execution of a non-parameterized SQL query. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use Django ORM and parameterized queries before raw SQL. An example of using the Django ORM is: `People.objects.get(name='Bob')`"
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.raw-query.avoid-raw-sql"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "d474e8df99720c4fd88d88d043d116b1387fd5984c26ac7e1b44fba8c67c1b10e9a5704c0107e87d968a04aeecc7eed80fa3a3ad90a8f5624ba62b82b44fa214_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 92,
-                  "endLine": 922,
-                  "snippet": {
-                    "text": "            file=request.POST[\"blog\"]\n            try :\n                dirname = os.path.dirname(__file__)\n                filename = os.path.join(dirname, file)\n                file = open(filename,\"r\")\n                data = file.read()\n                return render(request,\"Lab/ssrf/ssrf_lab.html\",{\"blog\":data})\n            except:\n                return render(request, \"Lab/ssrf/ssrf_lab.html\", {\"blog\": \"No blog found\"})"
-                  },
-                  "startColumn": 13,
-                  "startLine": 914
-                }
+              "id": "java.lang.security.audit.crypto.use-of-rc4.use-of-rc4",
+              "name": "java.lang.security.audit.crypto.use-of-rc4.use-of-rc4",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-rc4.use-of-rc4"
+              },
+              "full_description": {
+                "text": "Use of RC4 was detected. RC4 is vulnerable to several attacks, including stream cipher attacks and bit flipping attacks. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-rc4.use-of-rc4",
+              "help": {
+                "text": "Use of RC4 was detected. RC4 is vulnerable to several attacks, including stream cipher attacks and bit flipping attacks. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use of RC4 was detected. RC4 is vulnerable to several attacks, including stream cipher attacks and bit flipping attacks. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-rc4.use-of-rc4)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n - [https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html](https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Data from request is passed to os.path.join() and to open(). This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or Path library."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "0f2beffd9a3568dffdc80e464ecf3e85fb7232c5849472c0befc2409be86dbc9c48eda513a2ccd3a376f64dde7e6ed28d887dc37df0119d39337797efff63244_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 88,
-                  "endLine": 957,
-                  "snippet": {
-                    "text": "        url = request.POST[\"url\"]\n        try:\n            response = requests.get(url)\n            return render(request, \"Lab/ssrf/ssrf_lab2.html\", {\"response\": response.content.decode()})\n        except:\n            return render(request, \"Lab/ssrf/ssrf_lab2.html\", {\"error\": \"Invalid URL\"})"
-                  },
-                  "startColumn": 9,
-                  "startLine": 952
-                }
+              "id": "go.lang.security.audit.net.unescaped-data-in-js.unescaped-data-in-js",
+              "name": "go.lang.security.audit.net.unescaped-data-in-js.unescaped-data-in-js",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.unescaped-data-in-js.unescaped-data-in-js"
+              },
+              "full_description": {
+                "text": "Found a formatted template string passed to 'template.JS()'. 'template.JS()' does not escape contents. Be absolutely sure there is no user-controlled data in this template."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-js.unescaped-data-in-js",
+              "help": {
+                "text": "Found a formatted template string passed to 'template.JS()'. 'template.JS()' does not escape contents. Be absolutely sure there is no user-controlled data in this template.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a formatted template string passed to 'template.JS()'. 'template.JS()' does not escape contents. Be absolutely sure there is no user-controlled data in this template.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-js.unescaped-data-in-js)\n - [https://golang.org/pkg/html/template/#JS](https://golang.org/pkg/html/template/#JS)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request. See https://owasp.org/www-community/attacks/Server_Side_Request_Forgery to learn more about SSRF vulnerabilities."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "45bcccf9f3d684d1a90796c91e95155944b53add416cb551f1b78d9140a16c31efaa41abd308542c372eb113729fa98bebbfb41aee102fe83010b22de91c63ee_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 29,
-                  "endLine": 987,
-                  "snippet": {
-                    "text": "            blog = request.POST[\"blog\"]\n            id = str(uuid.uuid4()).split('-')[-1]\n\n            blog = filter_blog(blog)\n            prepend_code = \"{% extends 'introduction/base.html' %}\\\n                {% block content %}{% block title %}\\\n                <title>SSTI-Blogs</title>\\\n                {% endblock %}\"\n            \n            blog = prepend_code + blog + \"{% endblock %}\"\n            new_blog = Blogs.objects.create(author = request.user, blog_id = id)\n            new_blog.save() \n            dirname = os.path.dirname(__file__)\n            filename = os.path.join(dirname, f\"templates/Lab_2021/A3_Injection/Blogs/{id}.html\")\n            file = open(filename, \"w+\") \n            file.write(blog)"
-                  },
-                  "startColumn": 13,
-                  "startLine": 972
-                }
+              "id": "terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret",
+              "name": "terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret"
+              },
+              "full_description": {
+                "text": "Key vault Secret should have a content type set"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret",
+              "help": {
+                "text": "Key vault Secret should have a content type set\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Key vault Secret should have a content type set\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#content_type](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#content_type)\n - [https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets](https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": []
               }
-            }
-          ],
-          "message": {
-            "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.request-data-write.request-data-write"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "740ff47b0cfb52ecc996f3f50e4e830fe4b786021617f85d7c96a71fb45ed699c0f56419ddeb16813ba64412e7c9fe275b553c00979235a747fc6a05a2605a77_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 58,
-                  "endLine": 981,
-                  "snippet": {
-                    "text": "            blog = prepend_code + blog + \"{% endblock %}\""
-                  },
-                  "startColumn": 20,
-                  "startLine": 981
-                }
+              "id": "python.lang.security.audit.network.disabled-cert-validation.disabled-cert-validation",
+              "name": "python.lang.security.audit.network.disabled-cert-validation.disabled-cert-validation",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.network.disabled-cert-validation.disabled-cert-validation"
+              },
+              "full_description": {
+                "text": "certificate verification explicitly disabled, insecure connections possible"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.network.disabled-cert-validation.disabled-cert-validation",
+              "help": {
+                "text": "certificate verification explicitly disabled, insecure connections possible\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "certificate verification explicitly disabled, insecure connections possible\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.network.disabled-cert-validation.disabled-cert-validation)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-295: Improper Certificate Validation",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`django.shortcuts.render`) which will safely render HTML instead."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.injection.raw-html-format.raw-html-format"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "06bb8a25e7a16155ad42055562118ace8c0275270972a95202f4676519bc3d042cb65bdd50b7a3721d6d7180a478daa22daefa4cea837eb821f1ee84e51dcaef_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 62,
-                  "endLine": 1017,
-                  "snippet": {
-                    "text": "                password = md5(password.encode()).hexdigest()"
-                  },
-                  "startColumn": 28,
-                  "startLine": 1017
-                }
+              "id": "python.django.security.audit.xss.html-safe.html-safe",
+              "name": "python.django.security.audit.xss.html-safe.html-safe",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.html-safe.html-safe"
+              },
+              "full_description": {
+                "text": "`html_safe()` add the `__html__` magic method to the provided class. The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.html-safe.html-safe",
+              "help": {
+                "text": "`html_safe()` add the `__html__` magic method to the provided class. The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "`html_safe()` add the `__html__` magic method to the provided class. The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.html-safe.html-safe)\n - [https://docs.djangoproject.com/en/3.0/_modules/django/utils/html/#html_safe](https://docs.djangoproject.com/en/3.0/_modules/django/utils/html/#html_safe)\n - [https://gist.github.com/minusworld/7885d8a81dba3ea2d1e4b8fd3c218ef5](https://gist.github.com/minusworld/7885d8a81dba3ea2d1e4b8fd3c218ef5)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as scrypt. You can use `hashlib.scrypt`."
-          },
-          "properties": {},
-          "ruleId": "python.lang.security.audit.md5-used-as-password.md5-used-as-password"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_4"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 58,
-                  "endLine": 1067,
-                  "snippet": {
-                    "text": "                    response.set_cookie(\"cookie\", cookie)"
-                  },
-                  "startColumn": 21,
-                  "startLine": 1067
-                }
+              "id": "python.django.security.audit.xss.template-href-var.template-href-var",
+              "name": "python.django.security.audit.xss.template-href-var.template-href-var",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.template-href-var.template-href-var"
+              },
+              "full_description": {
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use the 'url' template tag to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.template-href-var.template-href-var",
+              "help": {
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use the 'url' template tag to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use the 'url' template tag to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.template-href-var.template-href-var)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss)\n - [https://docs.djangoproject.com/en/3.1/ref/templates/builtins/#url](https://docs.djangoproject.com/en/3.1/ref/templates/builtins/#url)\n - [https://content-security-policy.com/](https://content-security-policy.com/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.secure-cookies.django-secure-set-cookie"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_5"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 56,
-                  "endLine": 1072,
-                  "snippet": {
-                    "text": "                    response.set_cookie(\"cookie\", None)"
-                  },
-                  "startColumn": 21,
-                  "startLine": 1072
-                }
+              "id": "python.lang.security.audit.insecure-transport.ssl.no-set-ciphers.no-set-ciphers",
+              "name": "python.lang.security.audit.insecure-transport.ssl.no-set-ciphers.no-set-ciphers",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.ssl.no-set-ciphers.no-set-ciphers"
+              },
+              "full_description": {
+                "text": "The 'ssl' module disables insecure cipher suites by default. Therefore, use of 'set_ciphers()' should only be used when you have very specialized requirements. Otherwise, you risk lowering the security of the SSL channel."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.ssl.no-set-ciphers.no-set-ciphers",
+              "help": {
+                "text": "The 'ssl' module disables insecure cipher suites by default. Therefore, use of 'set_ciphers()' should only be used when you have very specialized requirements. Otherwise, you risk lowering the security of the SSL channel.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The 'ssl' module disables insecure cipher suites by default. Therefore, use of 'set_ciphers()' should only be used when you have very specialized requirements. Otherwise, you risk lowering the security of the SSL channel.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.ssl.no-set-ciphers.no-set-ciphers)\n - [https://docs.python.org/3/library/ssl.html#cipher-selection](https://docs.python.org/3/library/ssl.html#cipher-selection)\n - [https://docs.python.org/3/library/ssl.html#ssl.SSLContext.set_ciphers](https://docs.python.org/3/library/ssl.html#ssl.SSLContext.set_ciphers)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-326: Inadequate Encryption Strength",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.secure-cookies.django-secure-set-cookie"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_6"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 65,
-                  "endLine": 1099,
-                  "snippet": {
-                    "text": "        response.set_cookie(key = \"auth_cookie\", value = cookie)"
-                  },
-                  "startColumn": 9,
-                  "startLine": 1099
-                }
+              "id": "solidity.security.keeper-network-oracle-manipulation.keeper-network-oracle-manipulation",
+              "name": "solidity.security.keeper-network-oracle-manipulation.keeper-network-oracle-manipulation",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.keeper-network-oracle-manipulation.keeper-network-oracle-manipulation"
+              },
+              "full_description": {
+                "text": "Keep3rV2.current() call has high data freshness, but it has low security,  an exploiter simply needs to manipulate 2 data points to be able to impact the feed."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/solidity.security.keeper-network-oracle-manipulation.keeper-network-oracle-manipulation",
+              "help": {
+                "text": "Keep3rV2.current() call has high data freshness, but it has low security,  an exploiter simply needs to manipulate 2 data points to be able to impact the feed.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Keep3rV2.current() call has high data freshness, but it has low security,  an exploiter simply needs to manipulate 2 data points to be able to impact the feed.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.keeper-network-oracle-manipulation.keeper-network-oracle-manipulation)\n - [https://twitter.com/peckshield/status/1510232640338608131](https://twitter.com/peckshield/status/1510232640338608131)\n - [https://twitter.com/FrankResearcher/status/1510239094777032713](https://twitter.com/FrankResearcher/status/1510239094777032713)\n - [https://twitter.com/larry0x/status/1510263618180464644](https://twitter.com/larry0x/status/1510263618180464644)\n - [https://andrecronje.medium.com/keep3r-network-on-chain-oracle-price-feeds-3c67ed002a9](https://andrecronje.medium.com/keep3r-network-on-chain-oracle-price-feeds-3c67ed002a9)\n - [https://etherscan.io/address/0x210ac53b27f16e20a9aa7d16260f84693390258f](https://etherscan.io/address/0x210ac53b27f16e20a9aa7d16260f84693390258f)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-682: Incorrect Calculation",
+                  "HIGH CONFIDENCE",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.secure-cookies.django-secure-set-cookie"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "6640dab2585da31b2c2f95124473d0852a04da5476cddbb8f34d592925438668b49b6f21e9b2bc4a354f92b4ed5cafbf17b97187a2e23c8ea6bd9b2db9a00bea_0"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 28,
-                  "endLine": 1195,
-                  "snippet": {
-                    "text": "@authentication_decorator\n@csrf_exempt\ndef auth_failure_lab3(request):\n    if request.method == \"GET\":\n        try:\n            cookie = request.COOKIES[\"session_id\"]\n            session = AF_session_id.objects.get(session_id=cookie)\n            if session :\n                return render(request,\"Lab_2021/A7_auth_failure/lab3.html\", {\"username\":session.user,\"success\":True})\n        except:\n            pass\n        return render(request, \"Lab_2021/A7_auth_failure/lab3.html\")\n    elif request.method == \"POST\":\n        token = str(uuid.uuid4())\n        try:\n            username = request.POST[\"username\"]\n            password = request.POST[\"password\"]\n            password = hashlib.sha256(password.encode()).hexdigest()\n        except:\n            response = render(request, \"Lab_2021/A7_auth_failure/lab3.html\")\n            response.set_cookie(\"session_id\", None)\n            return response\n\n        if USER_A7_LAB3[username]['password'] == password:\n            session_data = AF_session_id.objects.create(session_id=token, user=USER_A7_LAB3[username]['username'])\n            session_data.save()\n            response = render(request, \"Lab_2021/A7_auth_failure/lab3.html\", {\"success\":True, \"failure\":False, \"username\":username})\n            response.set_cookie(\"session_id\", token)\n            return response"
-                  },
-                  "startColumn": 1,
-                  "startLine": 1167
-                }
+              "id": "javascript.vm2.security.audit.vm2-code-injection.vm2-code-injection",
+              "name": "javascript.vm2.security.audit.vm2-code-injection.vm2-code-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.vm2.security.audit.vm2-code-injection.vm2-code-injection"
+              },
+              "full_description": {
+                "text": "Make sure that unverified user data can not reach `vm2`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.vm2.security.audit.vm2-code-injection.vm2-code-injection",
+              "help": {
+                "text": "Make sure that unverified user data can not reach `vm2`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Make sure that unverified user data can not reach `vm2`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.vm2.security.audit.vm2-code-injection.vm2-code-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.csrf-exempt.no-csrf-exempt"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_7"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 52,
-                  "endLine": 1187,
-                  "snippet": {
-                    "text": "            response.set_cookie(\"session_id\", None)"
-                  },
-                  "startColumn": 13,
-                  "startLine": 1187
-                }
+              "id": "java.lang.security.audit.object-deserialization.object-deserialization",
+              "name": "java.lang.security.audit.object-deserialization.object-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.object-deserialization.object-deserialization"
+              },
+              "full_description": {
+                "text": "Found object deserialization using ObjectInputStream. Deserializing entire Java objects is dangerous because malicious actors can create Java object streams with unintended consequences. Ensure that the objects being deserialized are not user-controlled. If this must be done, consider using HMACs to sign the data stream to make sure it is not tampered with, or consider only transmitting object fields and populating a new object."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.object-deserialization.object-deserialization",
+              "help": {
+                "text": "Found object deserialization using ObjectInputStream. Deserializing entire Java objects is dangerous because malicious actors can create Java object streams with unintended consequences. Ensure that the objects being deserialized are not user-controlled. If this must be done, consider using HMACs to sign the data stream to make sure it is not tampered with, or consider only transmitting object fields and populating a new object.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found object deserialization using ObjectInputStream. Deserializing entire Java objects is dangerous because malicious actors can create Java object streams with unintended consequences. Ensure that the objects being deserialized are not user-controlled. If this must be done, consider using HMACs to sign the data stream to make sure it is not tampered with, or consider only transmitting object fields and populating a new object.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.object-deserialization.object-deserialization)\n - [https://www.owasp.org/index.php/Deserialization_of_untrusted_data](https://www.owasp.org/index.php/Deserialization_of_untrusted_data)\n - [https://www.oracle.com/java/technologies/javase/seccodeguide.html#8](https://www.oracle.com/java/technologies/javase/seccodeguide.html#8)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.secure-cookies.django-secure-set-cookie"
-        },
-        {
-          "fingerprints": {
-            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_8"
-          },
-          "locations": [
+            },
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "introduction/views.py",
-                  "uriBaseId": "%SRCROOT%"
-                },
-                "region": {
-                  "endColumn": 53,
-                  "endLine": 1194,
-                  "snippet": {
-                    "text": "            response.set_cookie(\"session_id\", token)"
-                  },
-                  "startColumn": 13,
-                  "startLine": 1194
-                }
+              "id": "json.aws.security.public-s3-bucket.public-s3-bucket",
+              "name": "json.aws.security.public-s3-bucket.public-s3-bucket",
+              "short_description": {
+                "text": "Semgrep Finding: json.aws.security.public-s3-bucket.public-s3-bucket"
+              },
+              "full_description": {
+                "text": "Detected public S3 bucket. This policy allows anyone to have some kind of access to the bucket. The exact level of access and types of actions allowed will depend on the configuration of bucket policy and ACLs. Please review the bucket configuration to make sure they are set with intended values."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/json.aws.security.public-s3-bucket.public-s3-bucket",
+              "help": {
+                "text": "Detected public S3 bucket. This policy allows anyone to have some kind of access to the bucket. The exact level of access and types of actions allowed will depend on the configuration of bucket policy and ACLs. Please review the bucket configuration to make sure they are set with intended values.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected public S3 bucket. This policy allows anyone to have some kind of access to the bucket. The exact level of access and types of actions allowed will depend on the configuration of bucket policy and ACLs. Please review the bucket configuration to make sure they are set with intended values.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/json.aws.security.public-s3-bucket.public-s3-bucket)\n - [https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-264: CWE CATEGORY: Permissions, Privileges, and Access Controls",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
-            }
-          ],
-          "message": {
-            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
-          },
-          "properties": {},
-          "ruleId": "python.django.security.audit.secure-cookies.django-secure-set-cookie"
-        }
-      ],
-      "tool": {
-        "driver": {
-          "name": "Semgrep OSS",
-          "rules": [
+            },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.md5-loose-equality.md5-loose-equality",
+              "name": "php.lang.security.md5-loose-equality.md5-loose-equality",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.md5-loose-equality.md5-loose-equality"
+              },
+              "full_description": {
+                "text": "Make sure comparisons involving md5 values are strict (use `===` not `==`) to avoid type juggling issues"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.md5-loose-equality.md5-loose-equality",
+              "help": {
+                "text": "Make sure comparisons involving md5 values are strict (use `===` not `==`) to avoid type juggling issues\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Make sure comparisons involving md5 values are strict (use `===` not `==`) to avoid type juggling issues\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.md5-loose-equality.md5-loose-equality)\n - [https://www.php.net/manual/en/types.comparisons.php](https://www.php.net/manual/en/types.comparisons.php)\n - [https://www.whitehatsec.com/blog/magic-hashes/](https://www.whitehatsec.com/blog/magic-hashes/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-697: Incorrect Comparison",
+                  "LOW CONFIDENCE",
+                  "security"
+                ]
+              }
+            },
+            {
+              "id": "python.aws-lambda.security.dangerous-asyncio-exec.dangerous-asyncio-exec",
+              "name": "python.aws-lambda.security.dangerous-asyncio-exec.dangerous-asyncio-exec",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-asyncio-exec.dangerous-asyncio-exec"
+              },
+              "full_description": {
+                "text": "Detected subprocess function '$LOOP.subprocess_exec' with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'."
               },
-              "fullDescription": {
-                "text": "Found user controlled content in `run_string`. This is dangerous because it allows a malicious actor to run arbitrary Python code."
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-exec.dangerous-asyncio-exec",
               "help": {
-                "markdown": "Found user controlled content in `run_string`. This is dangerous because it allows a malicious actor to run arbitrary Python code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-subinterpreters-run-string.dangerous-subinterpreters-run-string)\n - [https://bugs.python.org/issue43472](https://bugs.python.org/issue43472)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n",
-                "text": "Found user controlled content in `run_string`. This is dangerous because it allows a malicious actor to run arbitrary Python code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected subprocess function '$LOOP.subprocess_exec' with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected subprocess function '$LOOP.subprocess_exec' with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-exec.dangerous-asyncio-exec)\n - [https://docs.python.org/3/library/asyncio-eventloop.html#asyncio.loop.subprocess_exec](https://docs.python.org/3/library/asyncio-eventloop.html#asyncio.loop.subprocess_exec)\n - [https://docs.python.org/3/library/shlex.html](https://docs.python.org/3/library/shlex.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.dangerous-subinterpreters-run-string.dangerous-subinterpreters-run-string",
-              "id": "python.lang.security.dangerous-subinterpreters-run-string.dangerous-subinterpreters-run-string",
-              "name": "python.lang.security.dangerous-subinterpreters-run-string.dangerous-subinterpreters-run-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
+              }
+            },
+            {
+              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-secure",
+              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-secure",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-secure"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.dangerous-subinterpreters-run-string.dangerous-subinterpreters-run-string"
+              "full_description": {
+                "text": "Default session middleware settings: `secure` not set. It ensures the browser only sends the cookie over HTTPS."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-secure",
+              "help": {
+                "text": "Default session middleware settings: `secure` not set. It ensures the browser only sends the cookie over HTTPS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Default session middleware settings: `secure` not set. It ensures the browser only sends the cookie over HTTPS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-secure)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
+              "id": "python.lang.security.audit.formatted-sql-query.formatted-sql-query",
+              "name": "python.lang.security.audit.formatted-sql-query.formatted-sql-query",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.formatted-sql-query.formatted-sql-query"
+              },
+              "full_description": {
+                "text": "Detected possible formatted SQL query. Use parameterized queries instead."
+              },
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "Detection of $HTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use $HTML, consider using a sanitization library such as DOMPurify to sanitize your HTML."
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.formatted-sql-query.formatted-sql-query",
+              "help": {
+                "text": "Detected possible formatted SQL query. Use parameterized queries instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected possible formatted SQL query. Use parameterized queries instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.formatted-sql-query.formatted-sql-query)\n - [https://stackoverflow.com/questions/775296/mysql-parameterized-queries](https://stackoverflow.com/questions/775296/mysql-parameterized-queries)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
+              }
+            },
+            {
+              "id": "ruby.rails.security.audit.xss.manual-template-creation.manual-template-creation",
+              "name": "ruby.rails.security.audit.xss.manual-template-creation.manual-template-creation",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.manual-template-creation.manual-template-creation"
+              },
+              "full_description": {
+                "text": "Detected manual creation of an ERB template. Manual creation of templates may expose your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks if user input is used to create the template. Instead, create a '.erb' template file and use 'render'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.manual-template-creation.manual-template-creation",
               "help": {
-                "markdown": "Detection of $HTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use $HTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method)\n - [https://developer.mozilla.org/en-US/docs/Web/API/Document/writeln](https://developer.mozilla.org/en-US/docs/Web/API/Document/writeln)\n - [https://developer.mozilla.org/en-US/docs/Web/API/Document/write](https://developer.mozilla.org/en-US/docs/Web/API/Document/write)\n - [https://developer.mozilla.org/en-US/docs/Web/API/Element/insertAdjacentHTML](https://developer.mozilla.org/en-US/docs/Web/API/Element/insertAdjacentHTML)\n",
-                "text": "Detection of $HTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use $HTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected manual creation of an ERB template. Manual creation of templates may expose your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks if user input is used to create the template. Instead, create a '.erb' template file and use 'render'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected manual creation of an ERB template. Manual creation of templates may expose your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks if user input is used to create the template. Instead, create a '.erb' template file and use 'render'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.manual-template-creation.manual-template-creation)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/template_injection/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/template_injection/index.markdown)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method",
-              "id": "typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method",
-              "name": "typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.hashids-with-django-secret.hashids-with-django-secret",
+              "name": "python.django.security.hashids-with-django-secret.hashids-with-django-secret",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.hashids-with-django-secret.hashids-with-django-secret"
               },
-              "fullDescription": {
-                "text": "Detected file permissions that are overly permissive (read, write, and execute). It is generally a bad practices to set overly permissive file permission such as read+write+exec for all users. If the file affected is a configuration, a binary, a script or sensitive data, it can lead to privilege escalation or information leakage. Instead, follow the principle of least privilege and give users only the  permissions they need."
+              "full_description": {
+                "text": "The Django secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Django secret key can be obtained by attackers, through the HashIDs."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.hashids-with-django-secret.hashids-with-django-secret",
               "help": {
-                "markdown": "Detected file permissions that are overly permissive (read, write, and execute). It is generally a bad practices to set overly permissive file permission such as read+write+exec for all users. If the file affected is a configuration, a binary, a script or sensitive data, it can lead to privilege escalation or information leakage. Instead, follow the principle of least privilege and give users only the  permissions they need.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Detected file permissions that are overly permissive (read, write, and execute). It is generally a bad practices to set overly permissive file permission such as read+write+exec for all users. If the file affected is a configuration, a binary, a script or sensitive data, it can lead to privilege escalation or information leakage. Instead, follow the principle of least privilege and give users only the  permissions they need.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The Django secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Django secret key can be obtained by attackers, through the HashIDs.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The Django secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Django secret key can be obtained by attackers, through the HashIDs.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.hashids-with-django-secret.hashids-with-django-secret)\n - [https://docs.djangoproject.com/en/4.2/ref/settings/#std-setting-SECRET_KEY](https://docs.djangoproject.com/en/4.2/ref/settings/#std-setting-SECRET_KEY)\n - [http://carnage.github.io/2015/08/cryptanalysis-of-hashids](http://carnage.github.io/2015/08/cryptanalysis-of-hashids)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission",
-              "id": "java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission",
-              "name": "java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-276: Incorrect Default Permissions",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 – Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.overly-permissive-file-permission.overly-permissive-file-permission"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "dockerfile.security.missing-user.missing-user",
+              "name": "dockerfile.security.missing-user.missing-user",
+              "short_description": {
+                "text": "Semgrep Finding: dockerfile.security.missing-user.missing-user"
               },
-              "fullDescription": {
-                "text": "The ECR repository allows tag mutability. Image tags could be overwritten with compromised images. ECR images should be set to IMMUTABLE to prevent code injection through image mutation. This can be done by setting `image_tag_mutability` to IMMUTABLE."
+              "full_description": {
+                "text": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/dockerfile.security.missing-user.missing-user",
               "help": {
-                "markdown": "The ECR repository allows tag mutability. Image tags could be overwritten with compromised images. ECR images should be set to IMMUTABLE to prevent code injection through image mutation. This can be done by setting `image_tag_mutability` to IMMUTABLE.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ecr-mutable-image-tags.aws-ecr-mutable-image-tags)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#image_tag_mutability](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository#image_tag_mutability)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/)\n",
-                "text": "The ECR repository allows tag mutability. Image tags could be overwritten with compromised images. ECR images should be set to IMMUTABLE to prevent code injection through image mutation. This can be done by setting `image_tag_mutability` to IMMUTABLE.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/dockerfile.security.missing-user.missing-user)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-ecr-mutable-image-tags.aws-ecr-mutable-image-tags",
-              "id": "terraform.aws.security.aws-ecr-mutable-image-tags.aws-ecr-mutable-image-tags",
-              "name": "terraform.aws.security.aws-ecr-mutable-image-tags.aws-ecr-mutable-image-tags",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-345: Insufficient Verification of Data Authenticity",
+                  "CWE-269: Improper Privilege Management",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
+              }
+            },
+            {
+              "id": "terraform.aws.security.aws-subnet-has-public-ip-address.aws-subnet-has-public-ip-address",
+              "name": "terraform.aws.security.aws-subnet-has-public-ip-address.aws-subnet-has-public-ip-address",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-subnet-has-public-ip-address.aws-subnet-has-public-ip-address"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-ecr-mutable-image-tags.aws-ecr-mutable-image-tags"
+              "full_description": {
+                "text": "Resources in the AWS subnet are assigned a public IP address. Resources should not be exposed on the public internet, but should have access limited to consumers required for the function of your application. Set `map_public_ip_on_launch` to false so that resources are not publicly-accessible."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-subnet-has-public-ip-address.aws-subnet-has-public-ip-address",
+              "help": {
+                "text": "Resources in the AWS subnet are assigned a public IP address. Resources should not be exposed on the public internet, but should have access limited to consumers required for the function of your application. Set `map_public_ip_on_launch` to false so that resources are not publicly-accessible.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Resources in the AWS subnet are assigned a public IP address. Resources should not be exposed on the public internet, but should have access limited to consumers required for the function of your application. Set `map_public_ip_on_launch` to false so that resources are not publicly-accessible.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-subnet-has-public-ip-address.aws-subnet-has-public-ip-address)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control/](https://owasp.org/Top10/A01_2021-Broken_Access_Control/)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet#map_public_ip_on_launch](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet#map_public_ip_on_launch)\n - [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#concepts-public-addresses](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#concepts-public-addresses)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-284: Improper Access Control",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-fsx-windows-encrypted-with-cmk.aws-fsx-windows-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-fsx-windows-encrypted-with-cmk.aws-fsx-windows-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-fsx-windows-encrypted-with-cmk.aws-fsx-windows-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "Checks for strong parameter bypass through usage of create_with. Create_with bypasses strong parameter protection, which could allow attackers to set arbitrary attributes on models. To fix this vulnerability, either remove all create_with calls or use the permit function to specify tags that are allowed to be set."
+              "full_description": {
+                "text": "Ensure FSX Windows file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-fsx-windows-encrypted-with-cmk.aws-fsx-windows-encrypted-with-cmk",
               "help": {
-                "markdown": "Checks for strong parameter bypass through usage of create_with. Create_with bypasses strong parameter protection, which could allow attackers to set arbitrary attributes on models. To fix this vulnerability, either remove all create_with calls or use the permit function to specify tags that are allowed to be set.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.create-with.create-with)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_create_with.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_create_with.rb)\n - [https://groups.google.com/g/rubyonrails-security/c/M4chq5Sb540/m/CC1Fh0Y_NWwJ](https://groups.google.com/g/rubyonrails-security/c/M4chq5Sb540/m/CC1Fh0Y_NWwJ)\n",
-                "text": "Checks for strong parameter bypass through usage of create_with. Create_with bypasses strong parameter protection, which could allow attackers to set arbitrary attributes on models. To fix this vulnerability, either remove all create_with calls or use the permit function to specify tags that are allowed to be set.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure FSX Windows file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure FSX Windows file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-fsx-windows-encrypted-with-cmk.aws-fsx-windows-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.create-with.create-with",
-              "id": "ruby.lang.security.create-with.create-with",
-              "name": "ruby.lang.security.create-with.create-with",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.create-with.create-with"
               }
             },
             {
-              "defaultConfiguration": {
+              "id": "python.lang.security.dangerous-testcapi-run-in-subinterp.dangerous-testcapi-run-in-subinterp",
+              "name": "python.lang.security.dangerous-testcapi-run-in-subinterp.dangerous-testcapi-run-in-subinterp",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.dangerous-testcapi-run-in-subinterp.dangerous-testcapi-run-in-subinterp"
+              },
+              "full_description": {
+                "text": "Found user controlled content in `run_in_subinterp`. This is dangerous because it allows a malicious actor to run arbitrary Python code."
+              },
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "Detected use of express.csrf() middleware before express.methodOverride(). This can allow GET requests (which are not checked by csrf) to turn into POST requests later."
+              "help_uri": "https://semgrep.dev/r/python.lang.security.dangerous-testcapi-run-in-subinterp.dangerous-testcapi-run-in-subinterp",
+              "help": {
+                "text": "Found user controlled content in `run_in_subinterp`. This is dangerous because it allows a malicious actor to run arbitrary Python code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user controlled content in `run_in_subinterp`. This is dangerous because it allows a malicious actor to run arbitrary Python code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-testcapi-run-in-subinterp.dangerous-testcapi-run-in-subinterp)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
+              }
+            },
+            {
+              "id": "php.lang.security.unlink-use.unlink-use",
+              "name": "php.lang.security.unlink-use.unlink-use",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.unlink-use.unlink-use"
+              },
+              "full_description": {
+                "text": "Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.unlink-use.unlink-use",
               "help": {
-                "markdown": "Detected use of express.csrf() middleware before express.methodOverride(). This can allow GET requests (which are not checked by csrf) to turn into POST requests later.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-no-csrf-before-method-override.detect-no-csrf-before-method-override)\n - [https://github.com/nodesecurity/eslint-plugin-security/blob/master/docs/bypass-connect-csrf-protection-by-abusing.md](https://github.com/nodesecurity/eslint-plugin-security/blob/master/docs/bypass-connect-csrf-protection-by-abusing.md)\n",
-                "text": "Detected use of express.csrf() middleware before express.methodOverride(). This can allow GET requests (which are not checked by csrf) to turn into POST requests later.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.unlink-use.unlink-use)\n - [https://www.php.net/manual/en/function.unlink](https://www.php.net/manual/en/function.unlink)\n - [https://owasp.org/www-project-top-ten/2017/A5_2017-Broken_Access_Control.html](https://owasp.org/www-project-top-ten/2017/A5_2017-Broken_Access_Control.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.detect-no-csrf-before-method-override.detect-no-csrf-before-method-override",
-              "id": "javascript.lang.security.detect-no-csrf-before-method-override.detect-no-csrf-before-method-override",
-              "name": "javascript.lang.security.detect-no-csrf-before-method-override.detect-no-csrf-before-method-override",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "LOW CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
                   "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.detect-no-csrf-before-method-override.detect-no-csrf-before-method-override"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.no-slippage-check.no-slippage-check",
+              "name": "solidity.security.no-slippage-check.no-slippage-check",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.no-slippage-check.no-slippage-check"
               },
-              "fullDescription": {
-                "text": "By setting `allErrors: true` in `Ajv` library, all error objects will be allocated without limit. This allows the attacker to produce a huge number of errors which can lead to denial of service. Do not use `allErrors: true` in production."
+              "full_description": {
+                "text": "No slippage check in a Uniswap v2/v3 trade"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.no-slippage-check.no-slippage-check",
               "help": {
-                "markdown": "By setting `allErrors: true` in `Ajv` library, all error objects will be allocated without limit. This allows the attacker to produce a huge number of errors which can lead to denial of service. Do not use `allErrors: true` in production.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.ajv.security.audit.ajv-allerrors-true.ajv-allerrors-true)\n - [https://ajv.js.org/options.html#allerrors](https://ajv.js.org/options.html#allerrors)\n",
-                "text": "By setting `allErrors: true` in `Ajv` library, all error objects will be allocated without limit. This allows the attacker to produce a huge number of errors which can lead to denial of service. Do not use `allErrors: true` in production.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "No slippage check in a Uniswap v2/v3 trade\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "No slippage check in a Uniswap v2/v3 trade\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.no-slippage-check.no-slippage-check)\n - [https://uniswapv3book.com/docs/milestone_3/slippage-protection/](https://uniswapv3book.com/docs/milestone_3/slippage-protection/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.ajv.security.audit.ajv-allerrors-true.ajv-allerrors-true",
-              "id": "javascript.ajv.security.audit.ajv-allerrors-true.ajv-allerrors-true",
-              "name": "javascript.ajv.security.audit.ajv-allerrors-true.ajv-allerrors-true",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-400: Uncontrolled Resource Consumption",
-                  "LOW CONFIDENCE",
+                  "CWE-682: Incorrect Calculation",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.ajv.security.audit.ajv-allerrors-true.ajv-allerrors-true"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.injection.subprocess-injection.subprocess-injection",
+              "name": "python.flask.security.injection.subprocess-injection.subprocess-injection",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.injection.subprocess-injection.subprocess-injection"
               },
-              "fullDescription": {
-                "text": "'html_safe()' does not make the supplied string safe. 'html_safe()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here."
+              "full_description": {
+                "text": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.injection.subprocess-injection.subprocess-injection",
               "help": {
-                "markdown": "'html_safe()' does not make the supplied string safe. 'html_safe()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-html-safe.avoid-html-safe)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/cross_site_scripting/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/cross_site_scripting/index.markdown)\n - [https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/](https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/)\n",
-                "text": "'html_safe()' does not make the supplied string safe. 'html_safe()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.subprocess-injection.subprocess-injection)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-html-safe.avoid-html-safe",
-              "id": "ruby.rails.security.audit.xss.avoid-html-safe.avoid-html-safe",
-              "name": "ruby.rails.security.audit.xss.avoid-html-safe.avoid-html-safe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-html-safe.avoid-html-safe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.docker-compose.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
+              "name": "yaml.docker-compose.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.docker-compose.security.seccomp-confinement-disabled.seccomp-confinement-disabled"
               },
-              "fullDescription": {
-                "text": "X-XSS-Protection header is set to 0. This will disable the browser's XSS Filter."
+              "full_description": {
+                "text": "Service '$SERVICE' is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccomp:unconfined' to prevent this."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.docker-compose.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
               "help": {
-                "markdown": "X-XSS-Protection header is set to 0. This will disable the browser's XSS Filter.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-header-xss-disabled.nestjs-header-xss-disabled)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "X-XSS-Protection header is set to 0. This will disable the browser's XSS Filter.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Service '$SERVICE' is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccomp:unconfined' to prevent this.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Service '$SERVICE' is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccomp:unconfined' to prevent this.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.seccomp-confinement-disabled.seccomp-confinement-disabled)\n - [https://docs.docker.com/engine/security/seccomp/](https://docs.docker.com/engine/security/seccomp/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-header-xss-disabled.nestjs-header-xss-disabled",
-              "id": "typescript.nestjs.security.audit.nestjs-header-xss-disabled.nestjs-header-xss-disabled",
-              "name": "typescript.nestjs.security.audit.nestjs-header-xss-disabled.nestjs-header-xss-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-284: Improper Access Control",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.nestjs.security.audit.nestjs-header-xss-disabled.nestjs-header-xss-disabled"
               }
             },
             {
-              "defaultConfiguration": {
+              "id": "java.lang.security.audit.crypto.weak-random.weak-random",
+              "name": "java.lang.security.audit.crypto.weak-random.weak-random",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.weak-random.weak-random"
+              },
+              "full_description": {
+                "text": "Detected use of the functions `Math.random()` or `java.util.Random()`. These are both not cryptographically strong random number generators (RNGs). If you are using these RNGs to create passwords or secret tokens, use `java.security.SecureRandom` instead."
+              },
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "Detected public S3 bucket policy. This policy allows anyone to access certain properties of or items in the bucket. Do not do this unless you will never have sensitive data inside the bucket."
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.weak-random.weak-random",
+              "help": {
+                "text": "Detected use of the functions `Math.random()` or `java.util.Random()`. These are both not cryptographically strong random number generators (RNGs). If you are using these RNGs to create passwords or secret tokens, use `java.security.SecureRandom` instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of the functions `Math.random()` or `java.util.Random()`. These are both not cryptographically strong random number generators (RNGs). If you are using these RNGs to create passwords or secret tokens, use `java.security.SecureRandom` instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.weak-random.weak-random)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-330: Use of Insufficiently Random Values",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "security"
+                ]
+              }
+            },
+            {
+              "id": "go.lang.security.audit.net.wip-xss-using-responsewriter-and-printf.wip-xss-using-responsewriter-and-printf",
+              "name": "go.lang.security.audit.net.wip-xss-using-responsewriter-and-printf.wip-xss-using-responsewriter-and-printf",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.wip-xss-using-responsewriter-and-printf.wip-xss-using-responsewriter-and-printf"
               },
+              "full_description": {
+                "text": "Found data going from url query parameters into formatted data written to ResponseWriter. This could be XSS and should not be done. If you must do this, ensure your data is sanitized or escaped."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.wip-xss-using-responsewriter-and-printf.wip-xss-using-responsewriter-and-printf",
               "help": {
-                "markdown": "Detected public S3 bucket policy. This policy allows anyone to access certain properties of or items in the bucket. Do not do this unless you will never have sensitive data inside the bucket.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/json.aws.security.public-s3-policy-statement.public-s3-policy-statement)\n - [https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteAccessPermissionsReqd.html](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteAccessPermissionsReqd.html)\n",
-                "text": "Detected public S3 bucket policy. This policy allows anyone to access certain properties of or items in the bucket. Do not do this unless you will never have sensitive data inside the bucket.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found data going from url query parameters into formatted data written to ResponseWriter. This could be XSS and should not be done. If you must do this, ensure your data is sanitized or escaped.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found data going from url query parameters into formatted data written to ResponseWriter. This could be XSS and should not be done. If you must do this, ensure your data is sanitized or escaped.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.wip-xss-using-responsewriter-and-printf.wip-xss-using-responsewriter-and-printf)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/json.aws.security.public-s3-policy-statement.public-s3-policy-statement",
-              "id": "json.aws.security.public-s3-policy-statement.public-s3-policy-statement",
-              "name": "json.aws.security.public-s3-policy-statement.public-s3-policy-statement",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-264: CWE CATEGORY: Permissions, Privileges, and Access Controls",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: json.aws.security.public-s3-policy-statement.public-s3-policy-statement"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key",
+              "name": "generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key"
               },
-              "fullDescription": {
-                "text": "https://find-sec-bugs.github.io/bugs.htm#PERMISSIVE_CORS Permissive CORS policy will allow a malicious application to communicate with the victim application in an inappropriate way, leading to spoofing, data theft, relay and other attacks."
+              "full_description": {
+                "text": "Heroku API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key",
               "help": {
-                "markdown": "https://find-sec-bugs.github.io/bugs.htm#PERMISSIVE_CORS Permissive CORS policy will allow a malicious application to communicate with the victim application in an inappropriate way, leading to spoofing, data theft, relay and other attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.permissive-cors.permissive-cors)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "https://find-sec-bugs.github.io/bugs.htm#PERMISSIVE_CORS Permissive CORS policy will allow a malicious application to communicate with the victim application in an inappropriate way, leading to spoofing, data theft, relay and other attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Heroku API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Heroku API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.permissive-cors.permissive-cors",
-              "id": "java.lang.security.audit.permissive-cors.permissive-cors",
-              "name": "java.lang.security.audit.permissive-cors.permissive-cors",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-183: Permissive List of Allowed Inputs",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.permissive-cors.permissive-cors"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.azure.security.storage.storage-default-action-deny.storage-default-action-deny",
+              "name": "terraform.azure.security.storage.storage-default-action-deny.storage-default-action-deny",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.storage.storage-default-action-deny.storage-default-action-deny"
               },
-              "fullDescription": {
-                "text": "Possible writing outside of the destination, make sure that the target path is nested in the intended destination"
+              "full_description": {
+                "text": "Detected a Storage that was not configured to deny action by default. Add `default_action = \"Deny\"` in your resource block."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.storage.storage-default-action-deny.storage-default-action-deny",
               "help": {
-                "markdown": "Possible writing outside of the destination, make sure that the target path is nested in the intended destination\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n",
-                "text": "Possible writing outside of the destination, make sure that the target path is nested in the intended destination\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a Storage that was not configured to deny action by default. Add `default_action = \"Deny\"` in your resource block.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a Storage that was not configured to deny action by default. Add `default_action = \"Deny\"` in your resource block.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.storage.storage-default-action-deny.storage-default-action-deny)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#default_action](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#default_action)\n - [https://docs.microsoft.com/en-us/azure/firewall/rule-processing](https://docs.microsoft.com/en-us/azure/firewall/rule-processing)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal",
-              "id": "javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal",
-              "name": "javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "CWE-16: CWE CATEGORY: Configuration",
+                  "LOW CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.aws-cdk.security.audit.awscdk-sqs-unencryptedqueue.awscdk-sqs-unencryptedqueue",
+              "name": "typescript.aws-cdk.security.audit.awscdk-sqs-unencryptedqueue.awscdk-sqs-unencryptedqueue",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.aws-cdk.security.audit.awscdk-sqs-unencryptedqueue.awscdk-sqs-unencryptedqueue"
               },
-              "fullDescription": {
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              "full_description": {
+                "text": "Queue $X is missing encryption at rest. Add \"encryption: $Y.QueueEncryption.KMS\" or \"encryption: $Y.QueueEncryption.KMS_MANAGED\" to the queue props to enable encryption at rest for the queue."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-sqs-unencryptedqueue.awscdk-sqs-unencryptedqueue",
               "help": {
-                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm.insecure-hash-algorithm-sha1)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n",
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Queue $X is missing encryption at rest. Add \"encryption: $Y.QueueEncryption.KMS\" or \"encryption: $Y.QueueEncryption.KMS_MANAGED\" to the queue props to enable encryption at rest for the queue.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Queue $X is missing encryption at rest. Add \"encryption: $Y.QueueEncryption.KMS\" or \"encryption: $Y.QueueEncryption.KMS_MANAGED\" to the queue props to enable encryption at rest for the queue.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-sqs-unencryptedqueue.awscdk-sqs-unencryptedqueue)\n - [https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-data-protection.html](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-data-protection.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm.insecure-hash-algorithm-sha1",
-              "id": "python.pycryptodome.security.insecure-hash-algorithm.insecure-hash-algorithm-sha1",
-              "name": "python.pycryptodome.security.insecure-hash-algorithm.insecure-hash-algorithm-sha1",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-311: Missing Encryption of Sensitive Data",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insecure-hash-algorithm.insecure-hash-algorithm-sha1"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.go.waitgroup-wait-inside-loop.waitgroup-wait-inside-loop",
+              "name": "trailofbits.go.waitgroup-wait-inside-loop.waitgroup-wait-inside-loop",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.waitgroup-wait-inside-loop.waitgroup-wait-inside-loop"
               },
-              "fullDescription": {
-                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)"
+              "full_description": {
+                "text": "Calling `$WG.Wait()` inside a loop blocks the call to `$WG.Done()`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.waitgroup-wait-inside-loop.waitgroup-wait-inside-loop",
               "help": {
-                "markdown": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.jwt-scala.security.jwt-scala-hardcode.jwt-scala-hardcode)\n - [https://jwt-scala.github.io/jwt-scala/](https://jwt-scala.github.io/jwt-scala/)\n",
-                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Calling `$WG.Wait()` inside a loop blocks the call to `$WG.Done()`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Calling `$WG.Wait()` inside a loop blocks the call to `$WG.Done()`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.waitgroup-wait-inside-loop.waitgroup-wait-inside-loop)\n - [https://go101.org/article/concurrent-common-mistakes.html](https://go101.org/article/concurrent-common-mistakes.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.jwt-scala.security.jwt-scala-hardcode.jwt-scala-hardcode",
-              "id": "scala.jwt-scala.security.jwt-scala-hardcode.jwt-scala-hardcode",
-              "name": "scala.jwt-scala.security.jwt-scala-hardcode.jwt-scala-hardcode",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-667: Improper Locking",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.jwt-scala.security.jwt-scala-hardcode.jwt-scala-hardcode"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.vue.security.audit.xss.templates.avoid-v-html.avoid-v-html",
+              "name": "javascript.vue.security.audit.xss.templates.avoid-v-html.avoid-v-html",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.vue.security.audit.xss.templates.avoid-v-html.avoid-v-html"
               },
-              "fullDescription": {
-                "text": "Make sure that unverified user data can not reach `vm2`."
+              "full_description": {
+                "text": "Dynamically rendering arbitrary HTML on your website can be very dangerous because it can easily lead to XSS vulnerabilities. Only use HTML interpolation on trusted content and never on user-provided content."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.vue.security.audit.xss.templates.avoid-v-html.avoid-v-html",
               "help": {
-                "markdown": "Make sure that unverified user data can not reach `vm2`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.vm2.security.audit.vm2-context-injection.vm2-context-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Make sure that unverified user data can not reach `vm2`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Dynamically rendering arbitrary HTML on your website can be very dangerous because it can easily lead to XSS vulnerabilities. Only use HTML interpolation on trusted content and never on user-provided content.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Dynamically rendering arbitrary HTML on your website can be very dangerous because it can easily lead to XSS vulnerabilities. Only use HTML interpolation on trusted content and never on user-provided content.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.vue.security.audit.xss.templates.avoid-v-html.avoid-v-html)\n - [https://vuejs.org/v2/guide/syntax.html#Raw-HTML](https://vuejs.org/v2/guide/syntax.html#Raw-HTML)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.vm2.security.audit.vm2-context-injection.vm2-context-injection",
-              "id": "javascript.vm2.security.audit.vm2-context-injection.vm2-context-injection",
-              "name": "javascript.vm2.security.audit.vm2-context-injection.vm2-context-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.vm2.security.audit.vm2-context-injection.vm2-context-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve.insecure-urlretrieve",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve.insecure-urlretrieve",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve.insecure-urlretrieve"
               },
-              "fullDescription": {
-                "text": "Running flask app with host 0.0.0.0 could expose the server publicly."
+              "full_description": {
+                "text": "Detected 'urllib.urlretrieve()' using 'http://'. This request will not be encrypted. Use 'https://' instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve.insecure-urlretrieve",
               "help": {
-                "markdown": "Running flask app with host 0.0.0.0 could expose the server publicly.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.app-run-param-config.avoid_app_run_with_bad_host)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Running flask app with host 0.0.0.0 could expose the server publicly.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected 'urllib.urlretrieve()' using 'http://'. This request will not be encrypted. Use 'https://' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected 'urllib.urlretrieve()' using 'http://'. This request will not be encrypted. Use 'https://' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve.insecure-urlretrieve)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.urlretrieve](https://docs.python.org/3/library/urllib.request.html#urllib.request.urlretrieve)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.app-run-param-config.avoid_app_run_with_bad_host",
-              "id": "python.flask.security.audit.app-run-param-config.avoid_app_run_with_bad_host",
-              "name": "python.flask.security.audit.app-run-param-config.avoid_app_run_with_bad_host",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-668: Exposure of Resource to Wrong Sphere",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.app-run-param-config.avoid_app_run_with_bad_host"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.playwright.security.audit.playwright-evaluate-arg-injection.playwright-evaluate-arg-injection",
+              "name": "javascript.playwright.security.audit.playwright-evaluate-arg-injection.playwright-evaluate-arg-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-evaluate-arg-injection.playwright-evaluate-arg-injection"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: a(href='/'+url). You may also consider setting the Content Security Policy (CSP) header."
+              "full_description": {
+                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-evaluate-arg-injection.playwright-evaluate-arg-injection",
               "help": {
-                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: a(href='/'+url). You may also consider setting the Content Security Policy (CSP) header.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.pug.var-in-href.var-in-href)\n - [https://github.com/pugjs/pug/issues/2952](https://github.com/pugjs/pug/issues/2952)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI)\n",
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: a(href='/'+url). You may also consider setting the Content Security Policy (CSP) header.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-evaluate-arg-injection.playwright-evaluate-arg-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.pug.var-in-href.var-in-href",
-              "id": "javascript.express.security.audit.xss.pug.var-in-href.var-in-href",
-              "name": "javascript.express.security.audit.xss.pug.var-in-href.var-in-href",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.pug.var-in-href.var-in-href"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.httpurlconnection-http-request.httpurlconnection-http-request",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.httpurlconnection-http-request.httpurlconnection-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.httpurlconnection-http-request.httpurlconnection-http-request"
               },
-              "fullDescription": {
-                "text": "Detected use of dynamic execution of JavaScript which may come from user-input, which can lead to Cross-Site-Scripting (XSS). Where possible avoid including user-input in functions which dynamically execute user-input."
+              "full_description": {
+                "text": "Detected an HTTP request sent via HttpURLConnection. This could lead to sensitive information being sent over an insecure channel. Instead, it is recommended to send requests over HTTPS."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpurlconnection-http-request.httpurlconnection-http-request",
               "help": {
-                "markdown": "Detected use of dynamic execution of JavaScript which may come from user-input, which can lead to Cross-Site-Scripting (XSS). Where possible avoid including user-input in functions which dynamically execute user-input.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression)\n - [https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval#never_use_eval!](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval#never_use_eval!)\n",
-                "text": "Detected use of dynamic execution of JavaScript which may come from user-input, which can lead to Cross-Site-Scripting (XSS). Where possible avoid including user-input in functions which dynamically execute user-input.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an HTTP request sent via HttpURLConnection. This could lead to sensitive information being sent over an insecure channel. Instead, it is recommended to send requests over HTTPS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an HTTP request sent via HttpURLConnection. This could lead to sensitive information being sent over an insecure channel. Instead, it is recommended to send requests over HTTPS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpurlconnection-http-request.httpurlconnection-http-request)\n - [https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URLConnection.html](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URLConnection.html)\n - [https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URL.html#openConnection()](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URL.html#openConnection())\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression",
-              "id": "javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression",
-              "name": "javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.detect-eval-with-expression.detect-eval-with-expression"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.sqli.aiopg-sqli.aiopg-sqli",
+              "name": "python.lang.security.audit.sqli.aiopg-sqli.aiopg-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.sqli.aiopg-sqli.aiopg-sqli"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link =>'. You may also consider setting the Content Security Policy (CSP) header."
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in an aiopg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can create parameterized queries like so: 'cur.execute(\"SELECT %s FROM table\", (user_value,))'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.sqli.aiopg-sqli.aiopg-sqli",
               "help": {
-                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link =>'. You may also consider setting the Content Security Policy (CSP) header.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.var-in-href.var-in-href)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI)\n - [https://github.com/pugjs/pug/issues/2952](https://github.com/pugjs/pug/issues/2952)\n",
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link =>'. You may also consider setting the Content Security Policy (CSP) header.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in an aiopg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can create parameterized queries like so: 'cur.execute(\"SELECT %s FROM table\", (user_value,))'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in an aiopg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can create parameterized queries like so: 'cur.execute(\"SELECT %s FROM table\", (user_value,))'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.sqli.aiopg-sqli.aiopg-sqli)\n - [https://github.com/aio-libs/aiopg](https://github.com/aio-libs/aiopg)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.var-in-href.var-in-href",
-              "id": "ruby.rails.security.audit.xss.templates.var-in-href.var-in-href",
-              "name": "ruby.rails.security.audit.xss.templates.var-in-href.var-in-href",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.var-in-href.var-in-href"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.bad-hexa-conversion.bad-hexa-conversion",
+              "name": "java.lang.security.audit.bad-hexa-conversion.bad-hexa-conversion",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.bad-hexa-conversion.bad-hexa-conversion"
               },
-              "fullDescription": {
-                "text": "Ensure CloudTrail logs are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.bad-hexa-conversion.bad-hexa-conversion",
               "help": {
-                "markdown": "Ensure CloudTrail logs are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-cloudtrail-encrypted-with-cmk.aws-cloudtrail-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure CloudTrail logs are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.bad-hexa-conversion.bad-hexa-conversion)\n - [https://cwe.mitre.org/data/definitions/704.html](https://cwe.mitre.org/data/definitions/704.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-cloudtrail-encrypted-with-cmk.aws-cloudtrail-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-cloudtrail-encrypted-with-cmk.aws-cloudtrail-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-cloudtrail-encrypted-with-cmk.aws-cloudtrail-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "CWE-704: Incorrect Type Conversion or Cast",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-cloudtrail-encrypted-with-cmk.aws-cloudtrail-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.jax-rs.security.jax-rs-path-traversal.jax-rs-path-traversal",
+              "name": "java.jax-rs.security.jax-rs-path-traversal.jax-rs-path-traversal",
+              "short_description": {
+                "text": "Semgrep Finding: java.jax-rs.security.jax-rs-path-traversal.jax-rs-path-traversal"
               },
-              "fullDescription": {
-                "text": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'."
+              "full_description": {
+                "text": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.jax-rs.security.jax-rs-path-traversal.jax-rs-path-traversal",
               "help": {
-                "markdown": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.nan-injection.nan-injection)\n - [https://discuss.python.org/t/nan-breaks-min-max-and-sorting-functions-a-solution/2868](https://discuss.python.org/t/nan-breaks-min-max-and-sorting-functions-a-solution/2868)\n - [https://blog.bitdiscovery.com/2021/12/python-nan-injection/](https://blog.bitdiscovery.com/2021/12/python-nan-injection/)\n",
-                "text": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.jax-rs.security.jax-rs-path-traversal.jax-rs-path-traversal)\n - [https://www.owasp.org/index.php/Path_Traversal](https://www.owasp.org/index.php/Path_Traversal)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.injection.nan-injection.nan-injection",
-              "id": "python.flask.security.injection.nan-injection.nan-injection",
-              "name": "python.flask.security.injection.nan-injection.nan-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-704: Incorrect Type Conversion or Cast",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.injection.nan-injection.nan-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.raw-html-format.raw-html-format",
+              "name": "python.django.security.injection.raw-html-format.raw-html-format",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.raw-html-format.raw-html-format"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a asyncpg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.fetch(\"SELECT $1 FROM table\", value)'. You can also create prepared statements with 'Connection.prepare': 'stmt = conn.prepare(\"SELECT $1 FROM table\"); await stmt.fetch(user_value)'"
+              "full_description": {
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`django.shortcuts.render`) which will safely render HTML instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.raw-html-format.raw-html-format",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a asyncpg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.fetch(\"SELECT $1 FROM table\", value)'. You can also create prepared statements with 'Connection.prepare': 'stmt = conn.prepare(\"SELECT $1 FROM table\"); await stmt.fetch(user_value)'\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.sqli.asyncpg-sqli.asyncpg-sqli)\n - [https://github.com/MagicStack/asyncpg](https://github.com/MagicStack/asyncpg)\n - [https://magicstack.github.io/asyncpg/current/](https://magicstack.github.io/asyncpg/current/)\n",
-                "text": "Detected string concatenation with a non-literal variable in a asyncpg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.fetch(\"SELECT $1 FROM table\", value)'. You can also create prepared statements with 'Connection.prepare': 'stmt = conn.prepare(\"SELECT $1 FROM table\"); await stmt.fetch(user_value)'\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`django.shortcuts.render`) which will safely render HTML instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`django.shortcuts.render`) which will safely render HTML instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.raw-html-format.raw-html-format)\n - [https://docs.djangoproject.com/en/3.2/topics/http/shortcuts/#render](https://docs.djangoproject.com/en/3.2/topics/http/shortcuts/#render)\n - [https://docs.djangoproject.com/en/3.2/topics/security/#cross-site-scripting-xss-protection](https://docs.djangoproject.com/en/3.2/topics/security/#cross-site-scripting-xss-protection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.sqli.asyncpg-sqli.asyncpg-sqli",
-              "id": "python.lang.security.audit.sqli.asyncpg-sqli.asyncpg-sqli",
-              "name": "python.lang.security.audit.sqli.asyncpg-sqli.asyncpg-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.sqli.asyncpg-sqli.asyncpg-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-iam-admin-policy-ssoadmin.aws-iam-admin-policy-ssoadmin",
+              "name": "terraform.aws.security.aws-iam-admin-policy-ssoadmin.aws-iam-admin-policy-ssoadmin",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-iam-admin-policy-ssoadmin.aws-iam-admin-policy-ssoadmin"
               },
-              "fullDescription": {
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Instead, use a suitable password hashing function such as bcrypt. You can use the `bcrypt` gem."
+              "full_description": {
+                "text": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-iam-admin-policy-ssoadmin.aws-iam-admin-policy-ssoadmin",
               "help": {
-                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Instead, use a suitable password hashing function such as bcrypt. You can use the `bcrypt` gem.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html](https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html)\n - [https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n",
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Instead, use a suitable password hashing function such as bcrypt. You can use the `bcrypt` gem.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-iam-admin-policy-ssoadmin.aws-iam-admin-policy-ssoadmin)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.md5-used-as-password.md5-used-as-password",
-              "id": "ruby.lang.security.md5-used-as-password.md5-used-as-password",
-              "name": "ruby.lang.security.md5-used-as-password.md5-used-as-password",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.md5-used-as-password.md5-used-as-password"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-s3-bucket-object-encrypted-with-cmk.aws-s3-bucket-object-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-s3-bucket-object-encrypted-with-cmk.aws-s3-bucket-object-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-s3-bucket-object-encrypted-with-cmk.aws-s3-bucket-object-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "Detected non-static command inside Command. Audit the input to 'exec.Command'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              "full_description": {
+                "text": "Ensure S3 bucket object is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-s3-bucket-object-encrypted-with-cmk.aws-s3-bucket-object-encrypted-with-cmk",
               "help": {
-                "markdown": "Detected non-static command inside Command. Audit the input to 'exec.Command'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.dangerous-exec-command.dangerous-exec-command)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected non-static command inside Command. Audit the input to 'exec.Command'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure S3 bucket object is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure S3 bucket object is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-s3-bucket-object-encrypted-with-cmk.aws-s3-bucket-object-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.dangerous-exec-command.dangerous-exec-command",
-              "id": "go.lang.security.audit.dangerous-exec-command.dangerous-exec-command",
-              "name": "go.lang.security.audit.dangerous-exec-command.dangerous-exec-command",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.dangerous-exec-command.dangerous-exec-command"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.command.command-injection-os-system.command-injection-os-system",
+              "name": "python.django.security.injection.command.command-injection-os-system.command-injection-os-system",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.command.command-injection-os-system.command-injection-os-system"
               },
-              "fullDescription": {
-                "text": "This socket is not encrypted. The traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead"
+              "full_description": {
+                "text": "Request data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list. See https://owasp.org/www-community/attacks/Command_Injection for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.command.command-injection-os-system.command-injection-os-system",
               "help": {
-                "markdown": "This socket is not encrypted. The traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.unencrypted-socket.unencrypted-socket)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "This socket is not encrypted. The traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Request data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list. See https://owasp.org/www-community/attacks/Command_Injection for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Request data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list. See https://owasp.org/www-community/attacks/Command_Injection for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.command.command-injection-os-system.command-injection-os-system)\n - [https://owasp.org/www-community/attacks/Command_Injection](https://owasp.org/www-community/attacks/Command_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.unencrypted-socket.unencrypted-socket",
-              "id": "kotlin.lang.security.unencrypted-socket.unencrypted-socket",
-              "name": "kotlin.lang.security.unencrypted-socket.unencrypted-socket",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.unencrypted-socket.unencrypted-socket"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.secrets.security.detected-aws-session-token.detected-aws-session-token",
+              "name": "generic.secrets.security.detected-aws-session-token.detected-aws-session-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-aws-session-token.detected-aws-session-token"
+              },
+              "full_description": {
+                "text": "AWS Session Token detected"
               },
-              "fullDescription": {
-                "text": "DOCTYPE declarations are enabled for this SAXParserFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature `http://apache.org/xml/features/disallow-doctype-decl` to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features `http://xml.org/sax/features/external-general-entities` and `http://xml.org/sax/features/external-parameter-entities` to false. NOTE - The previous links are not meant to be clicked. They are the literal config key values that are supposed to be used to disable these features. For more information, see https://semgrep.dev/docs/cheat-sheets/java-xxe/#3a-documentbuilderfactory."
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-aws-session-token.detected-aws-session-token",
               "help": {
-                "markdown": "DOCTYPE declarations are enabled for this SAXParserFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature `http://apache.org/xml/features/disallow-doctype-decl` to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features `http://xml.org/sax/features/external-general-entities` and `http://xml.org/sax/features/external-parameter-entities` to false. NOTE - The previous links are not meant to be clicked. They are the literal config key values that are supposed to be used to disable these features. For more information, see https://semgrep.dev/docs/cheat-sheets/java-xxe/#3a-documentbuilderfactory.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.saxparserfactory-disallow-doctype-decl-missing.saxparserfactory-disallow-doctype-decl-missing)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n - [https://xerces.apache.org/xerces2-j/features.html](https://xerces.apache.org/xerces2-j/features.html)\n",
-                "text": "DOCTYPE declarations are enabled for this SAXParserFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature `http://apache.org/xml/features/disallow-doctype-decl` to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features `http://xml.org/sax/features/external-general-entities` and `http://xml.org/sax/features/external-parameter-entities` to false. NOTE - The previous links are not meant to be clicked. They are the literal config key values that are supposed to be used to disable these features. For more information, see https://semgrep.dev/docs/cheat-sheets/java-xxe/#3a-documentbuilderfactory.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "AWS Session Token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "AWS Session Token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-aws-session-token.detected-aws-session-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.xxe.saxparserfactory-disallow-doctype-decl-missing.saxparserfactory-disallow-doctype-decl-missing",
-              "id": "java.lang.security.audit.xxe.saxparserfactory-disallow-doctype-decl-missing.saxparserfactory-disallow-doctype-decl-missing",
-              "name": "java.lang.security.audit.xxe.saxparserfactory-disallow-doctype-decl-missing.saxparserfactory-disallow-doctype-decl-missing",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.xxe.saxparserfactory-disallow-doctype-decl-missing.saxparserfactory-disallow-doctype-decl-missing"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.sql.sql-injection-extra.sql-injection-using-extra-where",
+              "name": "python.django.security.injection.sql.sql-injection-extra.sql-injection-using-extra-where",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.sql.sql-injection-extra.sql-injection-using-extra-where"
               },
-              "fullDescription": {
-                "text": "File creation in shared tmp directory without using ioutil.Tempfile"
+              "full_description": {
+                "text": "User-controlled data from a request is passed to 'extra()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-extra.sql-injection-using-extra-where",
               "help": {
-                "markdown": "File creation in shared tmp directory without using ioutil.Tempfile\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.bad_tmp.bad-tmp-file-creation)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "File creation in shared tmp directory without using ioutil.Tempfile\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User-controlled data from a request is passed to 'extra()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User-controlled data from a request is passed to 'extra()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-extra.sql-injection-using-extra-where)\n - [https://docs.djangoproject.com/en/3.0/ref/models/expressions/#.objects.extra](https://docs.djangoproject.com/en/3.0/ref/models/expressions/#.objects.extra)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.bad_tmp.bad-tmp-file-creation",
-              "id": "go.lang.security.bad_tmp.bad-tmp-file-creation",
-              "name": "go.lang.security.bad_tmp.bad-tmp-file-creation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-377: Insecure Temporary File",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.bad_tmp.bad-tmp-file-creation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.dangerous-groovy-shell.dangerous-groovy-shell",
+              "name": "java.lang.security.audit.dangerous-groovy-shell.dangerous-groovy-shell",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.dangerous-groovy-shell.dangerous-groovy-shell"
               },
-              "fullDescription": {
-                "text": "The vpc_config resource inside the eks cluster has not explicitly disabled public endpoint access"
+              "full_description": {
+                "text": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.dangerous-groovy-shell.dangerous-groovy-shell",
               "help": {
-                "markdown": "The vpc_config resource inside the eks cluster has not explicitly disabled public endpoint access\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.eks-public-endpoint-enabled.eks-public-endpoint-enabled)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "The vpc_config resource inside the eks cluster has not explicitly disabled public endpoint access\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.dangerous-groovy-shell.dangerous-groovy-shell)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.eks-public-endpoint-enabled.eks-public-endpoint-enabled",
-              "id": "terraform.lang.security.eks-public-endpoint-enabled.eks-public-endpoint-enabled",
-              "name": "terraform.lang.security.eks-public-endpoint-enabled.eks-public-endpoint-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.eks-public-endpoint-enabled.eks-public-endpoint-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-redshift-cluster-encrypted-with-cmk.aws-redshift-cluster-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-redshift-cluster-encrypted-with-cmk.aws-redshift-cluster-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-redshift-cluster-encrypted-with-cmk.aws-redshift-cluster-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "The AWS EBS is unencrypted. The AWS EBS encryption protects data in the EBS."
+              "full_description": {
+                "text": "Ensure AWS Redshift cluster is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-redshift-cluster-encrypted-with-cmk.aws-redshift-cluster-encrypted-with-cmk",
               "help": {
-                "markdown": "The AWS EBS is unencrypted. The AWS EBS encryption protects data in the EBS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ebs-unencrypted.aws-ebs-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS EBS is unencrypted. The AWS EBS encryption protects data in the EBS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure AWS Redshift cluster is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure AWS Redshift cluster is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-redshift-cluster-encrypted-with-cmk.aws-redshift-cluster-encrypted-with-cmk)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-ebs-unencrypted.aws-ebs-unencrypted",
-              "id": "terraform.aws.security.aws-ebs-unencrypted.aws-ebs-unencrypted",
-              "name": "terraform.aws.security.aws-ebs-unencrypted.aws-ebs-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-284: Improper Access Control",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-ebs-unencrypted.aws-ebs-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization",
+              "name": "javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization"
               },
-              "fullDescription": {
-                "text": "The AWS Lambda permission has an AWS service principal but does not specify a source ARN. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function. Set the source_arn value to the ARN of the AWS resource that invokes the function, eg. an S3 bucket, CloudWatch Events Rule, API Gateway, or SNS topic."
+              "full_description": {
+                "text": "Detected a call to `$FUNC()` in an attempt to HTML escape the string `$STR`. Manually sanitizing input through a manually built list can be circumvented in many situations, and it's better to use a well known sanitization library such as `sanitize-html` or `DOMPurify`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization",
               "help": {
-                "markdown": "The AWS Lambda permission has an AWS service principal but does not specify a source ARN. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function. Set the source_arn value to the ARN of the AWS resource that invokes the function, eg. an S3 bucket, CloudWatch Events Rule, API Gateway, or SNS topic.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-lambda-permission-unrestricted-source-arn.aws-lambda-permission-unrestricted-source-arn)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission)\n - [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html)\n",
-                "text": "The AWS Lambda permission has an AWS service principal but does not specify a source ARN. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function. Set the source_arn value to the ARN of the AWS resource that invokes the function, eg. an S3 bucket, CloudWatch Events Rule, API Gateway, or SNS topic.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a call to `$FUNC()` in an attempt to HTML escape the string `$STR`. Manually sanitizing input through a manually built list can be circumvented in many situations, and it's better to use a well known sanitization library such as `sanitize-html` or `DOMPurify`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a call to `$FUNC()` in an attempt to HTML escape the string `$STR`. Manually sanitizing input through a manually built list can be circumvented in many situations, and it's better to use a well known sanitization library such as `sanitize-html` or `DOMPurify`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization)\n - [https://www.npmjs.com/package/dompurify](https://www.npmjs.com/package/dompurify)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-lambda-permission-unrestricted-source-arn.aws-lambda-permission-unrestricted-source-arn",
-              "id": "terraform.aws.security.aws-lambda-permission-unrestricted-source-arn.aws-lambda-permission-unrestricted-source-arn",
-              "name": "terraform.aws.security.aws-lambda-permission-unrestricted-source-arn.aws-lambda-permission-unrestricted-source-arn",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-lambda-permission-unrestricted-source-arn.aws-lambda-permission-unrestricted-source-arn"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.request-data-write.request-data-write",
+              "name": "python.django.security.injection.request-data-write.request-data-write",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.request-data-write.request-data-write"
               },
-              "fullDescription": {
-                "text": "The AWS CodeBuild Project is unencrypted. The AWS KMS encryption key protects projects in the CodeBuild. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              "full_description": {
+                "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.request-data-write.request-data-write",
               "help": {
-                "markdown": "The AWS CodeBuild Project is unencrypted. The AWS KMS encryption key protects projects in the CodeBuild. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-codebuild-project-unencrypted.aws-codebuild-project-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS CodeBuild Project is unencrypted. The AWS KMS encryption key protects projects in the CodeBuild. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.request-data-write.request-data-write)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-codebuild-project-unencrypted.aws-codebuild-project-unencrypted",
-              "id": "terraform.aws.security.aws-codebuild-project-unencrypted.aws-codebuild-project-unencrypted",
-              "name": "terraform.aws.security.aws-codebuild-project-unencrypted.aws-codebuild-project-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-codebuild-project-unencrypted.aws-codebuild-project-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "ruby.lang.security.cookie-serialization.cookie-serialization",
+              "name": "ruby.lang.security.cookie-serialization.cookie-serialization",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.cookie-serialization.cookie-serialization"
               },
-              "fullDescription": {
-                "text": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize."
+              "full_description": {
+                "text": "Checks if code allows cookies to be deserialized using Marshal. If the attacker can craft a valid cookie, this could lead to remote code execution. The hybrid check is just to warn users to migrate to :json for best practice."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.cookie-serialization.cookie-serialization",
               "help": {
-                "markdown": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-element-methods.detect-angular-element-methods)\n - [https://docs.angularjs.org/api/ng/function/angular.element](https://docs.angularjs.org/api/ng/function/angular.element)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks if code allows cookies to be deserialized using Marshal. If the attacker can craft a valid cookie, this could lead to remote code execution. The hybrid check is just to warn users to migrate to :json for best practice.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks if code allows cookies to be deserialized using Marshal. If the attacker can craft a valid cookie, this could lead to remote code execution. The hybrid check is just to warn users to migrate to :json for best practice.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.cookie-serialization.cookie-serialization)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_cookie_serialization.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_cookie_serialization.rb)\n - [https://robertheaton.com/2013/07/22/how-to-hack-a-rails-app-using-its-secret-token/](https://robertheaton.com/2013/07/22/how-to-hack-a-rails-app-using-its-secret-token/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-element-methods.detect-angular-element-methods",
-              "id": "javascript.angular.security.detect-angular-element-methods.detect-angular-element-methods",
-              "name": "javascript.angular.security.detect-angular-element-methods.detect-angular-element-methods",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-element-methods.detect-angular-element-methods"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.gorilla.security.audit.session-cookie-missing-secure.session-cookie-missing-secure",
+              "name": "go.gorilla.security.audit.session-cookie-missing-secure.session-cookie-missing-secure",
+              "short_description": {
+                "text": "Semgrep Finding: go.gorilla.security.audit.session-cookie-missing-secure.session-cookie-missing-secure"
               },
-              "fullDescription": {
-                "text": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk."
+              "full_description": {
+                "text": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.gorilla.security.audit.session-cookie-missing-secure.session-cookie-missing-secure",
               "help": {
-                "markdown": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-exposed-chrome-devtools.playwright-exposed-chrome-devtools)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.gorilla.security.audit.session-cookie-missing-secure.session-cookie-missing-secure)\n - [https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/user/session/session.go#L69](https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/user/session/session.go#L69)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-exposed-chrome-devtools.playwright-exposed-chrome-devtools",
-              "id": "javascript.playwright.security.audit.playwright-exposed-chrome-devtools.playwright-exposed-chrome-devtools",
-              "name": "javascript.playwright.security.audit.playwright-exposed-chrome-devtools.playwright-exposed-chrome-devtools",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-exposed-chrome-devtools.playwright-exposed-chrome-devtools"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key",
+              "name": "generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key"
               },
-              "fullDescription": {
-                "text": "Detected wildcard access granted in your KMS key. This means anyone with this policy can perform administrative actions over the keys. Instead, limit principals, actions and resources to what you need according to least privilege."
+              "full_description": {
+                "text": "Mailgun API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key",
               "help": {
-                "markdown": "Detected wildcard access granted in your KMS key. This means anyone with this policy can perform administrative actions over the keys. Instead, limit principals, actions and resources to what you need according to least privilege.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-kms-key-wildcard-principal.aws-kms-key-wildcard-principal)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n",
-                "text": "Detected wildcard access granted in your KMS key. This means anyone with this policy can perform administrative actions over the keys. Instead, limit principals, actions and resources to what you need according to least privilege.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Mailgun API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Mailgun API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-kms-key-wildcard-principal.aws-kms-key-wildcard-principal",
-              "id": "terraform.aws.security.aws-kms-key-wildcard-principal.aws-kms-key-wildcard-principal",
-              "name": "terraform.aws.security.aws-kms-key-wildcard-principal.aws-kms-key-wildcard-principal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-kms-key-wildcard-principal.aws-kms-key-wildcard-principal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "kotlin.lang.security.cookie-missing-httponly.cookie-missing-httponly",
+              "name": "kotlin.lang.security.cookie-missing-httponly.cookie-missing-httponly",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.cookie-missing-httponly.cookie-missing-httponly"
               },
-              "fullDescription": {
-                "text": "Use of 'ondoctype' in 'sax' library detected. By default, 'sax' won't do anything with custom DTD entity definitions. If you're implementing a custom DTD entity definition, be sure not to introduce XML External Entity (XXE) vulnerabilities, or be absolutely sure that external entities received from a trusted source while processing XML."
+              "full_description": {
+                "text": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.cookie-missing-httponly.cookie-missing-httponly",
               "help": {
-                "markdown": "Use of 'ondoctype' in 'sax' library detected. By default, 'sax' won't do anything with custom DTD entity definitions. If you're implementing a custom DTD entity definition, be sure not to introduce XML External Entity (XXE) vulnerabilities, or be absolutely sure that external entities received from a trusted source while processing XML.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sax.security.audit.sax-xxe.sax-xxe)\n - [https://github.com/Leonidas-from-XIV/node-xml2js/issues/415](https://github.com/Leonidas-from-XIV/node-xml2js/issues/415)\n - [https://github.com/isaacs/sax-js](https://github.com/isaacs/sax-js)\n",
-                "text": "Use of 'ondoctype' in 'sax' library detected. By default, 'sax' won't do anything with custom DTD entity definitions. If you're implementing a custom DTD entity definition, be sure not to introduce XML External Entity (XXE) vulnerabilities, or be absolutely sure that external entities received from a trusted source while processing XML.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.cookie-missing-httponly.cookie-missing-httponly)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.sax.security.audit.sax-xxe.sax-xxe",
-              "id": "javascript.sax.security.audit.sax-xxe.sax-xxe",
-              "name": "javascript.sax.security.audit.sax-xxe.sax-xxe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag",
                   "LOW CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
                   "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.sax.security.audit.sax-xxe.sax-xxe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.grpc.security.grpc-nodejs-insecure-connection.grpc-nodejs-insecure-connection",
+              "name": "javascript.grpc.security.grpc-nodejs-insecure-connection.grpc-nodejs-insecure-connection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.grpc.security.grpc-nodejs-insecure-connection.grpc-nodejs-insecure-connection"
               },
-              "fullDescription": {
-                "text": "Avoid 'gets()'. This function does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' or 'gets_s()' instead."
+              "full_description": {
+                "text": "Found an insecure gRPC connection. This creates a connection without encryption to a gRPC client/server. A malicious attacker could tamper with the gRPC message, which could compromise the machine."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.grpc.security.grpc-nodejs-insecure-connection.grpc-nodejs-insecure-connection",
               "help": {
-                "markdown": "Avoid 'gets()'. This function does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' or 'gets_s()' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/c.lang.security.insecure-use-gets-fn.insecure-use-gets-fn)\n - [https://us-cert.cisa.gov/bsi/articles/knowledge/coding-practices/fgets-and-gets_s](https://us-cert.cisa.gov/bsi/articles/knowledge/coding-practices/fgets-and-gets_s)\n",
-                "text": "Avoid 'gets()'. This function does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' or 'gets_s()' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found an insecure gRPC connection. This creates a connection without encryption to a gRPC client/server. A malicious attacker could tamper with the gRPC message, which could compromise the machine.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found an insecure gRPC connection. This creates a connection without encryption to a gRPC client/server. A malicious attacker could tamper with the gRPC message, which could compromise the machine.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.grpc.security.grpc-nodejs-insecure-connection.grpc-nodejs-insecure-connection)\n - [https://blog.gopheracademy.com/advent-2017/go-grpc-beyond-basics/#:~:text=disables%20transport%20security](https://blog.gopheracademy.com/advent-2017/go-grpc-beyond-basics/#:~:text=disables%20transport%20security)\n"
               },
-              "helpUri": "https://semgrep.dev/r/c.lang.security.insecure-use-gets-fn.insecure-use-gets-fn",
-              "id": "c.lang.security.insecure-use-gets-fn.insecure-use-gets-fn",
-              "name": "c.lang.security.insecure-use-gets-fn.insecure-use-gets-fn",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-676: Use of Potentially Dangerous Function",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: c.lang.security.insecure-use-gets-fn.insecure-use-gets-fn"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing",
+              "name": "javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing"
               },
-              "fullDescription": {
-                "text": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements."
+              "full_description": {
+                "text": "Directory listing/indexing is enabled, which may lead to disclosure of sensitive directories and files. It is recommended to disable directory listing unless it is a public resource. If you need directory listing, ensure that sensitive files are inaccessible when querying the resource."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing",
               "help": {
-                "markdown": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pyramid.security.sqlalchemy-sql-injection.pyramid-sqlalchemy-sql-injection)\n - [https://docs.sqlalchemy.org/en/14/tutorial/data_select.html#tutorial-selecting-data](https://docs.sqlalchemy.org/en/14/tutorial/data_select.html#tutorial-selecting-data)\n",
-                "text": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Directory listing/indexing is enabled, which may lead to disclosure of sensitive directories and files. It is recommended to disable directory listing unless it is a public resource. If you need directory listing, ensure that sensitive files are inaccessible when querying the resource.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Directory listing/indexing is enabled, which may lead to disclosure of sensitive directories and files. It is recommended to disable directory listing unless it is a public resource. If you need directory listing, ensure that sensitive files are inaccessible when querying the resource.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing)\n - [https://www.npmjs.com/package/serve-index](https://www.npmjs.com/package/serve-index)\n - [https://www.acunetix.com/blog/articles/directory-listing-information-disclosure/](https://www.acunetix.com/blog/articles/directory-listing-information-disclosure/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pyramid.security.sqlalchemy-sql-injection.pyramid-sqlalchemy-sql-injection",
-              "id": "python.pyramid.security.sqlalchemy-sql-injection.pyramid-sqlalchemy-sql-injection",
-              "name": "python.pyramid.security.sqlalchemy-sql-injection.pyramid-sqlalchemy-sql-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-548: Exposure of Information Through Directory Listing",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pyramid.security.sqlalchemy-sql-injection.pyramid-sqlalchemy-sql-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.cryptography.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
+              "name": "python.cryptography.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
+              "short_description": {
+                "text": "Semgrep Finding: python.cryptography.security.insufficient-dsa-key-size.insufficient-dsa-key-size"
               },
-              "fullDescription": {
-                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Use `Seq(...)` for dynamically generated commands."
+              "full_description": {
+                "text": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.cryptography.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
               "help": {
-                "markdown": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Use `Seq(...)` for dynamically generated commands.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.scala-dangerous-process-run.scala-dangerous-process-run)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Use `Seq(...)` for dynamically generated commands.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insufficient-dsa-key-size.insufficient-dsa-key-size)\n - [https://www.cosic.esat.kuleuven.be/ecrypt/ecrypt2/documents/D.SPA.20.pdf](https://www.cosic.esat.kuleuven.be/ecrypt/ecrypt2/documents/D.SPA.20.pdf)\n - [https://cryptography.io/en/latest/hazmat/primitives/asymmetric/dsa/](https://cryptography.io/en/latest/hazmat/primitives/asymmetric/dsa/)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.scala-dangerous-process-run.scala-dangerous-process-run",
-              "id": "scala.lang.security.audit.scala-dangerous-process-run.scala-dangerous-process-run",
-              "name": "scala.lang.security.audit.scala-dangerous-process-run.scala-dangerous-process-run",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.scala-dangerous-process-run.scala-dangerous-process-run"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.go-stdlib.http-customized-request.http-customized-request",
+              "name": "problem-based-packs.insecure-transport.go-stdlib.http-customized-request.http-customized-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.http-customized-request.http-customized-request"
               },
-              "fullDescription": {
-                "text": "Key vault should have purge protection enabled"
+              "full_description": {
+                "text": "Checks for requests sent via http.NewRequest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.http-customized-request.http-customized-request",
               "help": {
-                "markdown": "Key vault should have purge protection enabled\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-purge-enabled.keyvault-purge-enabled)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault#purge_protection_enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault#purge_protection_enabled)\n - [https://docs.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview#purge-protection](https://docs.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview#purge-protection)\n",
-                "text": "Key vault should have purge protection enabled\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests sent via http.NewRequest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests sent via http.NewRequest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.http-customized-request.http-customized-request)\n - [https://golang.org/pkg/net/http/#NewRequest](https://golang.org/pkg/net/http/#NewRequest)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-purge-enabled.keyvault-purge-enabled",
-              "id": "terraform.azure.security.keyvault.keyvault-purge-enabled.keyvault-purge-enabled",
-              "name": "terraform.azure.security.keyvault.keyvault-purge-enabled.keyvault-purge-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-693: Protection Mechanism Failure",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.keyvault.keyvault-purge-enabled.keyvault-purge-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "kotlin.lang.security.use-of-md5.use-of-md5",
+              "name": "kotlin.lang.security.use-of-md5.use-of-md5",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.use-of-md5.use-of-md5"
               },
-              "fullDescription": {
-                "text": "Provisioners are a tool of last resort and should be avoided where possible. Provisioner behavior cannot be mapped by Terraform as part of a plan, and execute arbitrary shell commands by design."
+              "full_description": {
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.use-of-md5.use-of-md5",
               "help": {
-                "markdown": "Provisioners are a tool of last resort and should be avoided where possible. Provisioner behavior cannot be mapped by Terraform as part of a plan, and execute arbitrary shell commands by design.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec)\n - [https://developer.hashicorp.com/terraform/language/resources/provisioners/remote-exec](https://developer.hashicorp.com/terraform/language/resources/provisioners/remote-exec)\n - [https://developer.hashicorp.com/terraform/language/resources/provisioners/local-exec](https://developer.hashicorp.com/terraform/language/resources/provisioners/local-exec)\n",
-                "text": "Provisioners are a tool of last resort and should be avoided where possible. Provisioner behavior cannot be mapped by Terraform as part of a plan, and execute arbitrary shell commands by design.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.use-of-md5.use-of-md5)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec",
-              "id": "terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec",
-              "name": "terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')",
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                "tags": [
+                  "CWE-328: Use of Weak Hash",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.rsa-no-padding.rsa-no-padding",
+              "name": "java.lang.security.audit.crypto.rsa-no-padding.rsa-no-padding",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.rsa-no-padding.rsa-no-padding"
               },
-              "fullDescription": {
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              "full_description": {
+                "text": "Using RSA without OAEP mode weakens the encryption."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.rsa-no-padding.rsa-no-padding",
               "help": {
-                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.use-of-sha1.use-of-sha1)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using RSA without OAEP mode weakens the encryption.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using RSA without OAEP mode weakens the encryption.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.rsa-no-padding.rsa-no-padding)\n - [https://rdist.root.org/2009/10/06/why-rsa-encryption-padding-is-critical/](https://rdist.root.org/2009/10/06/why-rsa-encryption-padding-is-critical/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.use-of-sha1.use-of-sha1",
-              "id": "kotlin.lang.security.use-of-sha1.use-of-sha1",
-              "name": "kotlin.lang.security.use-of-sha1.use-of-sha1",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "HIGH CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.use-of-sha1.use-of-sha1"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.injection.raw-html-format.raw-html-format",
+              "name": "ruby.rails.security.injection.raw-html-format.raw-html-format",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.injection.raw-html-format.raw-html-format"
               },
-              "fullDescription": {
-                "text": "Detected a request with potential user-input going into an `Ok()` response. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as Twirl which automatically escapes HTML views."
+              "full_description": {
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `render template` and make template files which will safely render HTML instead, or inspect that the HTML is absolutely rendered safely with a function like `sanitize`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.injection.raw-html-format.raw-html-format",
               "help": {
-                "markdown": "Detected a request with potential user-input going into an `Ok()` response. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as Twirl which automatically escapes HTML views.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.play.security.tainted-html-response.tainted-html-response)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected a request with potential user-input going into an `Ok()` response. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as Twirl which automatically escapes HTML views.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `render template` and make template files which will safely render HTML instead, or inspect that the HTML is absolutely rendered safely with a function like `sanitize`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `render template` and make template files which will safely render HTML instead, or inspect that the HTML is absolutely rendered safely with a function like `sanitize`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.injection.raw-html-format.raw-html-format)\n - [https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/](https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/)\n - [https://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html](https://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.play.security.tainted-html-response.tainted-html-response",
-              "id": "scala.play.security.tainted-html-response.tainted-html-response",
-              "name": "scala.play.security.tainted-html-response.tainted-html-response",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -4408,1245 +4935,1287 @@
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.play.security.tainted-html-response.tainted-html-response"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1",
+              "name": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1"
               },
-              "fullDescription": {
-                "text": "No token revoking configured for `express-jwt`. A leaked token could still be used and unable to be revoked. Consider using function as the `isRevoked` option."
+              "full_description": {
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1",
               "help": {
-                "markdown": "No token revoking configured for `express-jwt`. A leaked token could still be used and unable to be revoked. Consider using function as the `isRevoked` option.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-jwt-not-revoked.express-jwt-not-revoked)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "No token revoking configured for `express-jwt`. A leaked token could still be used and unable to be revoked. Consider using function as the `isRevoked` option.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-jwt-not-revoked.express-jwt-not-revoked",
-              "id": "javascript.express.security.audit.express-jwt-not-revoked.express-jwt-not-revoked",
-              "name": "javascript.express.security.audit.express-jwt-not-revoked.express-jwt-not-revoked",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
+                  "CWE-328: Use of Weak Hash",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-jwt-not-revoked.express-jwt-not-revoked"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.tls-renegotiation.tls-renegotiation",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.tls-renegotiation.tls-renegotiation",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.tls-renegotiation.tls-renegotiation"
               },
-              "fullDescription": {
-                "text": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
+              "full_description": {
+                "text": "Checks for cases where java applications are allowing unsafe renegotiation. This leaves the application vulnerable to a man-in-the-middle attack where chosen plain text is injected as prefix to a TLS connection."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.tls-renegotiation.tls-renegotiation",
               "help": {
-                "markdown": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.ognl-injection.ognl-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for cases where java applications are allowing unsafe renegotiation. This leaves the application vulnerable to a man-in-the-middle attack where chosen plain text is injected as prefix to a TLS connection.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for cases where java applications are allowing unsafe renegotiation. This leaves the application vulnerable to a man-in-the-middle attack where chosen plain text is injected as prefix to a TLS connection.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.tls-renegotiation.tls-renegotiation)\n - [https://www.oracle.com/java/technologies/javase/tlsreadme.html](https://www.oracle.com/java/technologies/javase/tlsreadme.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.ognl-injection.ognl-injection",
-              "id": "java.lang.security.audit.ognl-injection.ognl-injection",
-              "name": "java.lang.security.audit.ognl-injection.ognl-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.ognl-injection.ognl-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ocaml.lang.portability.crlf-support.broken-input-line",
+              "name": "ocaml.lang.portability.crlf-support.broken-input-line",
+              "short_description": {
+                "text": "Semgrep Finding: ocaml.lang.portability.crlf-support.broken-input-line"
               },
-              "fullDescription": {
-                "text": "IAM policies that allow full \"*-*\" admin privileges violates the principle of least privilege. This allows an attacker to take full control over all AWS account resources. Instead, give each user more fine-grained control with only the privileges they need. $TYPE"
+              "full_description": {
+                "text": "'input_line' leaves a '\\r' (CR) character when reading lines from a Windows text file, whose lines end in \"\\r\\n\" (CRLF). This is a problem for any Windows file that is being read either on a Unix-like platform or on Windows in binary mode. If the code already takes care of removing any trailing '\\r' after reading the line, add a '(* nosemgrep *)' comment to disable this warning."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ocaml.lang.portability.crlf-support.broken-input-line",
               "help": {
-                "markdown": "IAM policies that allow full \"*-*\" admin privileges violates the principle of least privilege. This allows an attacker to take full control over all AWS account resources. Instead, give each user more fine-grained control with only the privileges they need. $TYPE\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-admin-privileges.no-iam-admin-privileges)\n - [https://github.com/bridgecrewio/checkov/blob/master/checkov/terraform/checks/data/aws/AdminPolicyDocument.py](https://github.com/bridgecrewio/checkov/blob/master/checkov/terraform/checks/data/aws/AdminPolicyDocument.py)\n",
-                "text": "IAM policies that allow full \"*-*\" admin privileges violates the principle of least privilege. This allows an attacker to take full control over all AWS account resources. Instead, give each user more fine-grained control with only the privileges they need. $TYPE\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'input_line' leaves a '\\r' (CR) character when reading lines from a Windows text file, whose lines end in \"\\r\\n\" (CRLF). This is a problem for any Windows file that is being read either on a Unix-like platform or on Windows in binary mode. If the code already takes care of removing any trailing '\\r' after reading the line, add a '(* nosemgrep *)' comment to disable this warning.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'input_line' leaves a '\\r' (CR) character when reading lines from a Windows text file, whose lines end in \"\\r\\n\" (CRLF). This is a problem for any Windows file that is being read either on a Unix-like platform or on Windows in binary mode. If the code already takes care of removing any trailing '\\r' after reading the line, add a '(* nosemgrep *)' comment to disable this warning.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.portability.crlf-support.broken-input-line)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-admin-privileges.no-iam-admin-privileges",
-              "id": "terraform.lang.security.iam.no-iam-admin-privileges.no-iam-admin-privileges",
-              "name": "terraform.lang.security.iam.no-iam-admin-privileges.no-iam-admin-privileges",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-269: Improper Privilege Management",
-                  "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-admin-privileges.no-iam-admin-privileges"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-os1",
+              "name": "python.lang.compatibility.python37.python37-compatibility-os1",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-os1"
               },
-              "fullDescription": {
-                "text": "Detected an insecure transmission channel. 'URLopener.retrieve(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP."
+              "full_description": {
+                "text": "os.preadv() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use a combination of os.readv() and os.pread()."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-os1",
               "help": {
-                "markdown": "Detected an insecure transmission channel. 'URLopener.retrieve(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve-ftp.insecure-urlopener-retrieve-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.retrieve](https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.retrieve)\n",
-                "text": "Detected an insecure transmission channel. 'URLopener.retrieve(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "os.preadv() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use a combination of os.readv() and os.pread().\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "os.preadv() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use a combination of os.readv() and os.pread().\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-os1)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve-ftp.insecure-urlopener-retrieve-ftp",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve-ftp.insecure-urlopener-retrieve-ftp",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve-ftp.insecure-urlopener-retrieve-ftp",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve-ftp.insecure-urlopener-retrieve-ftp"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key",
+              "name": "generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key"
               },
-              "fullDescription": {
-                "text": "The use of $sce.trustAsResourceUrl can be dangerous if unsanitized user input flows through this API."
+              "full_description": {
+                "text": "Telegram Bot API Key detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key",
               "help": {
-                "markdown": "The use of $sce.trustAsResourceUrl can be dangerous if unsanitized user input flows through this API.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-resourceurl-method.detect-angular-trust-as-resourceurl-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsResourceUrl](https://docs.angularjs.org/api/ng/service/$sce#trustAsResourceUrl)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "The use of $sce.trustAsResourceUrl can be dangerous if unsanitized user input flows through this API.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Telegram Bot API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Telegram Bot API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-resourceurl-method.detect-angular-trust-as-resourceurl-method",
-              "id": "javascript.angular.security.detect-angular-trust-as-resourceurl-method.detect-angular-trust-as-resourceurl-method",
-              "name": "javascript.angular.security.detect-angular-trust-as-resourceurl-method.detect-angular-trust-as-resourceurl-method",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-resourceurl-method.detect-angular-trust-as-resourceurl-method"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.nginx.security.dynamic-proxy-scheme.dynamic-proxy-scheme",
+              "name": "generic.nginx.security.dynamic-proxy-scheme.dynamic-proxy-scheme",
+              "short_description": {
+                "text": "Semgrep Finding: generic.nginx.security.dynamic-proxy-scheme.dynamic-proxy-scheme"
               },
-              "fullDescription": {
-                "text": "The password on '$MODEL' is being set without validating the password. Call django.contrib.auth.password_validation.validate_password() with validation functions before setting the password. See https://docs.djangoproject.com/en/3.0/topics/auth/passwords/ for more information."
+              "full_description": {
+                "text": "The protocol scheme for this proxy is dynamically determined. This can be dangerous if the scheme can be injected by an attacker because it may forcibly alter the connection scheme. Consider hardcoding a scheme for this proxy."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.nginx.security.dynamic-proxy-scheme.dynamic-proxy-scheme",
               "help": {
-                "markdown": "The password on '$MODEL' is being set without validating the password. Call django.contrib.auth.password_validation.validate_password() with validation functions before setting the password. See https://docs.djangoproject.com/en/3.0/topics/auth/passwords/ for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.unvalidated-password.unvalidated-password)\n - [https://docs.djangoproject.com/en/3.0/topics/auth/passwords/#module-django.contrib.auth.password_validation](https://docs.djangoproject.com/en/3.0/topics/auth/passwords/#module-django.contrib.auth.password_validation)\n",
-                "text": "The password on '$MODEL' is being set without validating the password. Call django.contrib.auth.password_validation.validate_password() with validation functions before setting the password. See https://docs.djangoproject.com/en/3.0/topics/auth/passwords/ for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The protocol scheme for this proxy is dynamically determined. This can be dangerous if the scheme can be injected by an attacker because it may forcibly alter the connection scheme. Consider hardcoding a scheme for this proxy.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The protocol scheme for this proxy is dynamically determined. This can be dangerous if the scheme can be injected by an attacker because it may forcibly alter the connection scheme. Consider hardcoding a scheme for this proxy.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.dynamic-proxy-scheme.dynamic-proxy-scheme)\n - [https://github.com/yandex/gixy/blob/master/docs/en/plugins/ssrf.md](https://github.com/yandex/gixy/blob/master/docs/en/plugins/ssrf.md)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.unvalidated-password.unvalidated-password",
-              "id": "python.django.security.audit.unvalidated-password.unvalidated-password",
-              "name": "python.django.security.audit.unvalidated-password.unvalidated-password",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-521: Weak Password Requirements",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-16: CWE CATEGORY: Configuration",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.unvalidated-password.unvalidated-password"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.injection.tainted-sql-string.tainted-sql-string",
+              "name": "php.lang.security.injection.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.injection.tainted-sql-string.tainted-sql-string"
               },
-              "fullDescription": {
-                "text": "Detected explicitly unescaped content using 'Markup()'. This permits the unescaped data to include unescaped HTML which could result in cross-site scripting. Ensure this data is not externally controlled, or consider rewriting to not use 'Markup()'."
+              "full_description": {
+                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli->prepare(\"INSERT INTO test(id, label) VALUES (?, ?)\");`) or a safe library."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.injection.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "Detected explicitly unescaped content using 'Markup()'. This permits the unescaped data to include unescaped HTML which could result in cross-site scripting. Ensure this data is not externally controlled, or consider rewriting to not use 'Markup()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup)\n - [https://tedboy.github.io/flask/generated/generated/flask.Markup.html](https://tedboy.github.io/flask/generated/generated/flask.Markup.html)\n",
-                "text": "Detected explicitly unescaped content using 'Markup()'. This permits the unescaped data to include unescaped HTML which could result in cross-site scripting. Ensure this data is not externally controlled, or consider rewriting to not use 'Markup()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli->prepare(\"INSERT INTO test(id, label) VALUES (?, ?)\");`) or a safe library.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli->prepare(\"INSERT INTO test(id, label) VALUES (?, ?)\");`) or a safe library.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup",
-              "id": "python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup",
-              "name": "python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "name": "javascript.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.tainted-sql-string.tainted-sql-string"
               },
-              "fullDescription": {
-                "text": "os.pwritev() is only available on Python 3.3+ and is therefore not backwards compatible. Instead, use a combination of pwrite() and writev()."
+              "full_description": {
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "os.pwritev() is only available on Python 3.3+ and is therefore not backwards compatible. Instead, use a combination of pwrite() and writev().\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-os2-ok2)\n",
-                "text": "os.pwritev() is only available on Python 3.3+ and is therefore not backwards compatible. Instead, use a combination of pwrite() and writev().\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-os2-ok2",
-              "id": "python.lang.compatibility.python37.python37-compatibility-os2-ok2",
-              "name": "python.lang.compatibility.python37.python37-compatibility-os2-ok2",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-os2-ok2"
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.dangerous-subprocess-use.dangerous-subprocess-use",
+              "name": "python.aws-lambda.security.dangerous-subprocess-use.dangerous-subprocess-use",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-subprocess-use.dangerous-subprocess-use"
               },
-              "fullDescription": {
-                "text": "Detected the decoding of a JWT token without a verify step. Don't use `ParseUnverified` unless you know what you're doing This method parses the token but doesn't validate the signature. It's only ever useful in cases where you know the signature is valid (because it has been checked previously in the stack) and you want to extract values from it."
+              "full_description": {
+                "text": "Detected subprocess function with argument tainted by an `event` object.  If this data can be controlled by a malicious actor, it may be an instance of command injection. The default option for `shell` is False, and this is secure by default. Consider removing the `shell=True` or setting it to False explicitely. Using `shell=False` means you have to split the command string into an array of strings for the command and its arguments. You may consider using 'shlex.split()' for this purpose."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-subprocess-use.dangerous-subprocess-use",
               "help": {
-                "markdown": "Detected the decoding of a JWT token without a verify step. Don't use `ParseUnverified` unless you know what you're doing This method parses the token but doesn't validate the signature. It's only ever useful in cases where you know the signature is valid (because it has been checked previously in the stack) and you want to extract values from it.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.jwt-go.security.audit.jwt-parse-unverified.jwt-go-parse-unverified)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n",
-                "text": "Detected the decoding of a JWT token without a verify step. Don't use `ParseUnverified` unless you know what you're doing This method parses the token but doesn't validate the signature. It's only ever useful in cases where you know the signature is valid (because it has been checked previously in the stack) and you want to extract values from it.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected subprocess function with argument tainted by an `event` object.  If this data can be controlled by a malicious actor, it may be an instance of command injection. The default option for `shell` is False, and this is secure by default. Consider removing the `shell=True` or setting it to False explicitely. Using `shell=False` means you have to split the command string into an array of strings for the command and its arguments. You may consider using 'shlex.split()' for this purpose.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected subprocess function with argument tainted by an `event` object.  If this data can be controlled by a malicious actor, it may be an instance of command injection. The default option for `shell` is False, and this is secure by default. Consider removing the `shell=True` or setting it to False explicitely. Using `shell=False` means you have to split the command string into an array of strings for the command and its arguments. You may consider using 'shlex.split()' for this purpose.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-subprocess-use.dangerous-subprocess-use)\n - [https://docs.python.org/3/library/subprocess.html](https://docs.python.org/3/library/subprocess.html)\n - [https://docs.python.org/3/library/shlex.html](https://docs.python.org/3/library/shlex.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.jwt-go.security.audit.jwt-parse-unverified.jwt-go-parse-unverified",
-              "id": "go.jwt-go.security.audit.jwt-parse-unverified.jwt-go-parse-unverified",
-              "name": "go.jwt-go.security.audit.jwt-parse-unverified.jwt-go-parse-unverified",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-345: Insufficient Verification of Data Authenticity",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.jwt-go.security.audit.jwt-parse-unverified.jwt-go-parse-unverified"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.use-of-aes-ecb.use-of-aes-ecb",
+              "name": "java.lang.security.audit.crypto.use-of-aes-ecb.use-of-aes-ecb",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-aes-ecb.use-of-aes-ecb"
               },
-              "fullDescription": {
-                "text": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel."
+              "full_description": {
+                "text": "Use of AES with ECB mode detected. ECB doesn't provide message confidentiality and  is not semantically secure so should not be used. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-aes-ecb.use-of-aes-ecb",
               "help": {
-                "markdown": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open.insecure-openerdirector-open)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.OpenerDirector.open](https://docs.python.org/3/library/urllib.request.html#urllib.request.OpenerDirector.open)\n",
-                "text": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Use of AES with ECB mode detected. ECB doesn't provide message confidentiality and  is not semantically secure so should not be used. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use of AES with ECB mode detected. ECB doesn't provide message confidentiality and  is not semantically secure so should not be used. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-aes-ecb.use-of-aes-ecb)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n - [https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html](https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open.insecure-openerdirector-open",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open.insecure-openerdirector-open",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open.insecure-openerdirector-open",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open.insecure-openerdirector-open"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine",
+              "name": "csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine"
               },
-              "fullDescription": {
-                "text": "Flags the use of a predictable random value from `scala.util.Random`. This can lead to vulnerabilities when used in security contexts, such as in a CSRF token, password reset token, or any other secret value. To fix this, use java.security.SecureRandom instead."
+              "full_description": {
+                "text": "String argument $A is used to read or write data from a file via Path.Combine without direct sanitization via Path.GetFileName. If the path is user-supplied data this can lead to path traversal."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine",
               "help": {
-                "markdown": "Flags the use of a predictable random value from `scala.util.Random`. This can lead to vulnerabilities when used in security contexts, such as in a CSRF token, password reset token, or any other secret value. To fix this, use java.security.SecureRandom instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.insecure-random.insecure-random)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Flags the use of a predictable random value from `scala.util.Random`. This can lead to vulnerabilities when used in security contexts, such as in a CSRF token, password reset token, or any other secret value. To fix this, use java.security.SecureRandom instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "String argument $A is used to read or write data from a file via Path.Combine without direct sanitization via Path.GetFileName. If the path is user-supplied data this can lead to path traversal.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "String argument $A is used to read or write data from a file via Path.Combine without direct sanitization via Path.GetFileName. If the path is user-supplied data this can lead to path traversal.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine)\n - [https://www.praetorian.com/blog/pathcombine-security-issues-in-aspnet-applications/](https://www.praetorian.com/blog/pathcombine-security-issues-in-aspnet-applications/)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.io.path.combine?view=net-6.0#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.io.path.combine?view=net-6.0#remarks)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.insecure-random.insecure-random",
-              "id": "scala.lang.security.audit.insecure-random.insecure-random",
-              "name": "scala.lang.security.audit.insecure-random.insecure-random",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-330: Use of Insufficiently Random Values",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.insecure-random.insecure-random"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli",
+              "name": "javascript.lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli"
               },
-              "fullDescription": {
-                "text": "Detected a tainted SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using using user input for generating SQL strings."
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a node-postgres JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `client.query('SELECT $1 from table', [userinput])`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli",
               "help": {
-                "markdown": "Detected a tainted SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using using user input for generating SQL strings.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.play.security.tainted-slick-sqli.tainted-slick-sqli)\n - [https://scala-slick.org/doc/3.3.3/sql.html#splicing-literal-values](https://scala-slick.org/doc/3.3.3/sql.html#splicing-literal-values)\n - [https://scala-slick.org/doc/3.2.0/sql-to-slick.html#non-optimal-sql-code](https://scala-slick.org/doc/3.2.0/sql-to-slick.html#non-optimal-sql-code)\n",
-                "text": "Detected a tainted SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using using user input for generating SQL strings.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in a node-postgres JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `client.query('SELECT $1 from table', [userinput])`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a node-postgres JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `client.query('SELECT $1 from table', [userinput])`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli)\n - [https://node-postgres.com/features/queries](https://node-postgres.com/features/queries)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.play.security.tainted-slick-sqli.tainted-slick-sqli",
-              "id": "scala.play.security.tainted-slick-sqli.tainted-slick-sqli",
-              "name": "scala.play.security.tainted-slick-sqli.tainted-slick-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.play.security.tainted-slick-sqli.tainted-slick-sqli"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.audit.xss.template-blocktranslate-no-escape.template-blocktranslate-no-escape",
+              "name": "python.django.security.audit.xss.template-blocktranslate-no-escape.template-blocktranslate-no-escape",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.template-blocktranslate-no-escape.template-blocktranslate-no-escape"
               },
-              "fullDescription": {
-                "text": "Pervasives is deprecated and will not be available after 4.10. Use Stdlib."
+              "full_description": {
+                "text": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.template-blocktranslate-no-escape.template-blocktranslate-no-escape",
               "help": {
-                "markdown": "Pervasives is deprecated and will not be available after 4.10. Use Stdlib.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.compatibility.deprecated.deprecated-pervasives)\n",
-                "text": "Pervasives is deprecated and will not be available after 4.10. Use Stdlib.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.template-blocktranslate-no-escape.template-blocktranslate-no-escape)\n - [https://edx.readthedocs.io/projects/edx-developer-guide/en/latest/preventing_xss/preventing_xss_in_django_templates.html#html-escaping-translations-in-django-templates](https://edx.readthedocs.io/projects/edx-developer-guide/en/latest/preventing_xss/preventing_xss_in_django_templates.html#html-escaping-translations-in-django-templates)\n - [https://docs.djangoproject.com/en/3.1/topics/i18n/translation/#internationalization-in-template-code](https://docs.djangoproject.com/en/3.1/topics/i18n/translation/#internationalization-in-template-code)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ocaml.lang.compatibility.deprecated.deprecated-pervasives",
-              "id": "ocaml.lang.compatibility.deprecated.deprecated-pervasives",
-              "name": "ocaml.lang.compatibility.deprecated.deprecated-pervasives",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ocaml.lang.compatibility.deprecated.deprecated-pervasives"
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.insecure-deserialization.fs-pickler.insecure-fspickler-deserialization",
+              "name": "csharp.lang.security.insecure-deserialization.fs-pickler.insecure-fspickler-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.fs-pickler.insecure-fspickler-deserialization"
               },
-              "fullDescription": {
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as scrypt. You can use `hashlib.scrypt`."
+              "full_description": {
+                "text": "The FsPickler is dangerous and is not recommended for data processing. Default configuration tend to insecure deserialization vulnerability."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.fs-pickler.insecure-fspickler-deserialization",
               "help": {
-                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as scrypt. You can use `hashlib.scrypt`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/html/rfc6151](https://tools.ietf.org/html/rfc6151)\n - [https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision](https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n - [https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n - [https://docs.python.org/3/library/hashlib.html#hashlib.scrypt](https://docs.python.org/3/library/hashlib.html#hashlib.scrypt)\n",
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as scrypt. You can use `hashlib.scrypt`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The FsPickler is dangerous and is not recommended for data processing. Default configuration tend to insecure deserialization vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The FsPickler is dangerous and is not recommended for data processing. Default configuration tend to insecure deserialization vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.fs-pickler.insecure-fspickler-deserialization)\n - [https://mbraceproject.github.io/FsPickler/tutorial.html#Disabling-Subtype-Resolution](https://mbraceproject.github.io/FsPickler/tutorial.html#Disabling-Subtype-Resolution)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.md5-used-as-password.md5-used-as-password",
-              "id": "python.lang.security.audit.md5-used-as-password.md5-used-as-password",
-              "name": "python.lang.security.audit.md5-used-as-password.md5-used-as-password",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.md5-used-as-password.md5-used-as-password"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.sequelize.security.audit.sequelize-enforce-tls.sequelize-enforce-tls",
+              "name": "javascript.sequelize.security.audit.sequelize-enforce-tls.sequelize-enforce-tls",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.sequelize.security.audit.sequelize-enforce-tls.sequelize-enforce-tls"
               },
-              "fullDescription": {
-                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request. See https://owasp.org/www-community/attacks/Server_Side_Request_Forgery to learn more about SSRF vulnerabilities."
+              "full_description": {
+                "text": "If TLS is disabled on server side (Postgresql server), Sequelize establishes connection without TLS and no error will be thrown. To prevent MITN (Man In The Middle) attack, TLS must be enforce by Sequelize. Set \"ssl: true\" or define settings \"ssl: {...}\""
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-enforce-tls.sequelize-enforce-tls",
               "help": {
-                "markdown": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request. See https://owasp.org/www-community/attacks/Server_Side_Request_Forgery to learn more about SSRF vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests)\n - [https://owasp.org/www-community/attacks/Server_Side_Request_Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n",
-                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request. See https://owasp.org/www-community/attacks/Server_Side_Request_Forgery to learn more about SSRF vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If TLS is disabled on server side (Postgresql server), Sequelize establishes connection without TLS and no error will be thrown. To prevent MITN (Man In The Middle) attack, TLS must be enforce by Sequelize. Set \"ssl: true\" or define settings \"ssl: {...}\"\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If TLS is disabled on server side (Postgresql server), Sequelize establishes connection without TLS and no error will be thrown. To prevent MITN (Man In The Middle) attack, TLS must be enforce by Sequelize. Set \"ssl: true\" or define settings \"ssl: {...}\"\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-enforce-tls.sequelize-enforce-tls)\n - [https://node-postgres.com/features/ssl](https://node-postgres.com/features/ssl)\n - [https://nodejs.org/api/tls.html#tls_class_tls_tlssocket](https://nodejs.org/api/tls.html#tls_class_tls_tlssocket)\n - [https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options](https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options)\n - [https://nodejs.org/api/tls.html#tls_tls_default_min_version](https://nodejs.org/api/tls.html#tls_tls_default_min_version)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests",
-              "id": "python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests",
-              "name": "python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "rust.lang.security.ssl-verify-none.ssl-verify-none",
+              "name": "rust.lang.security.ssl-verify-none.ssl-verify-none",
+              "short_description": {
+                "text": "Semgrep Finding: rust.lang.security.ssl-verify-none.ssl-verify-none"
               },
-              "fullDescription": {
-                "text": "Azure Storage currently supports three versions of the TLS protocol: 1.0, 1.1, and 1.2. Azure Storage uses TLS 1.2 on public HTTPS endpoints, but TLS 1.0 and TLS 1.1 are still supported for backward compatibility. This check will warn if the minimum TLS is not set to TLS1_2."
+              "full_description": {
+                "text": "SSL verification disabled, this allows for MitM attacks"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/rust.lang.security.ssl-verify-none.ssl-verify-none",
               "help": {
-                "markdown": "Azure Storage currently supports three versions of the TLS protocol: 1.0, 1.1, and 1.2. Azure Storage uses TLS 1.2 on public HTTPS endpoints, but TLS 1.0 and TLS 1.1 are still supported for backward compatibility. This check will warn if the minimum TLS is not set to TLS1_2.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.storage.storage-use-secure-tls-policy.storage-use-secure-tls-policy)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#min_tls_version](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#min_tls_version)\n - [https://docs.microsoft.com/en-us/azure/storage/common/transport-layer-security-configure-minimum-version](https://docs.microsoft.com/en-us/azure/storage/common/transport-layer-security-configure-minimum-version)\n",
-                "text": "Azure Storage currently supports three versions of the TLS protocol: 1.0, 1.1, and 1.2. Azure Storage uses TLS 1.2 on public HTTPS endpoints, but TLS 1.0 and TLS 1.1 are still supported for backward compatibility. This check will warn if the minimum TLS is not set to TLS1_2.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "SSL verification disabled, this allows for MitM attacks\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "SSL verification disabled, this allows for MitM attacks\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/rust.lang.security.ssl-verify-none.ssl-verify-none)\n - [https://docs.rs/openssl/latest/openssl/ssl/struct.SslContextBuilder.html#method.set_verify](https://docs.rs/openssl/latest/openssl/ssl/struct.SslContextBuilder.html#method.set_verify)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.storage.storage-use-secure-tls-policy.storage-use-secure-tls-policy",
-              "id": "terraform.azure.security.storage.storage-use-secure-tls-policy.storage-use-secure-tls-policy",
-              "name": "terraform.azure.security.storage.storage-use-secure-tls-policy.storage-use-secure-tls-policy",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-295: Improper Certificate Validation",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.storage.storage-use-secure-tls-policy.storage-use-secure-tls-policy"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion",
+              "name": "go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion"
               },
-              "fullDescription": {
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
+              "full_description": {
+                "text": "`MinVersion` is missing from this TLS configuration.  By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled.  Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. Add `MinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion",
               "help": {
-                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.jwt.security.jwt-none-alg.jwt-python-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "`MinVersion` is missing from this TLS configuration.  By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled.  Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. Add `MinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "`MinVersion` is missing from this TLS configuration.  By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled.  Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. Add `MinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion)\n - [https://golang.org/doc/go1.14#crypto/tls](https://golang.org/doc/go1.14#crypto/tls)\n - [https://golang.org/pkg/crypto/tls/#:~:text=MinVersion](https://golang.org/pkg/crypto/tls/#:~:text=MinVersion)\n - [https://www.us-cert.gov/ncas/alerts/TA14-290A](https://www.us-cert.gov/ncas/alerts/TA14-290A)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.jwt.security.jwt-none-alg.jwt-python-none-alg",
-              "id": "python.jwt.security.jwt-none-alg.jwt-python-none-alg",
-              "name": "python.jwt.security.jwt-none-alg.jwt-python-none-alg",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
+                  "HIGH CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.jwt.security.jwt-none-alg.jwt-python-none-alg"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.kubernetes.security.hostipc-pod.hostipc-pod",
+              "name": "yaml.kubernetes.security.hostipc-pod.hostipc-pod",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.hostipc-pod.hostipc-pod"
               },
-              "fullDescription": {
-                "text": "CORS policy allows any origin (using wildcard '*'). This is insecure and should be avoided."
+              "full_description": {
+                "text": "Pod is sharing the host IPC namespace. This allows container processes to communicate with processes on the host which reduces isolation and bypasses container protection models. Remove the 'hostIPC' key to disable this functionality."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.hostipc-pod.hostipc-pod",
               "help": {
-                "markdown": "CORS policy allows any origin (using wildcard '*'). This is insecure and should be avoided.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.fastapi.security.wildcard-cors.wildcard-cors)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n - [https://cwe.mitre.org/data/definitions/942.html](https://cwe.mitre.org/data/definitions/942.html)\n",
-                "text": "CORS policy allows any origin (using wildcard '*'). This is insecure and should be avoided.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Pod is sharing the host IPC namespace. This allows container processes to communicate with processes on the host which reduces isolation and bypasses container protection models. Remove the 'hostIPC' key to disable this functionality.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Pod is sharing the host IPC namespace. This allows container processes to communicate with processes on the host which reduces isolation and bypasses container protection models. Remove the 'hostIPC' key to disable this functionality.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.hostipc-pod.hostipc-pod)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.fastapi.security.wildcard-cors.wildcard-cors",
-              "id": "python.fastapi.security.wildcard-cors.wildcard-cors",
-              "name": "python.fastapi.security.wildcard-cors.wildcard-cors",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-942: Permissive Cross-domain Policy with Untrusted Domains",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-693: Protection Mechanism Failure",
+                  "LOW CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.fastapi.security.wildcard-cors.wildcard-cors"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.audit.templates.debug-template-tag.debug-template-tag",
+              "name": "python.django.security.audit.templates.debug-template-tag.debug-template-tag",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.templates.debug-template-tag.debug-template-tag"
               },
-              "fullDescription": {
-                "text": "Snyk API Key detected"
+              "full_description": {
+                "text": "Detected a debug template tag in a Django template. This dumps debugging information to the page when debug mode is enabled. Showing debug information to users is dangerous because it may reveal information about your environment that malicious actors can use to gain access to the system. Remove the debug tag."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.templates.debug-template-tag.debug-template-tag",
               "help": {
-                "markdown": "Snyk API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-snyk-api-key.detected-snyk-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Snyk API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a debug template tag in a Django template. This dumps debugging information to the page when debug mode is enabled. Showing debug information to users is dangerous because it may reveal information about your environment that malicious actors can use to gain access to the system. Remove the debug tag.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a debug template tag in a Django template. This dumps debugging information to the page when debug mode is enabled. Showing debug information to users is dangerous because it may reveal information about your environment that malicious actors can use to gain access to the system. Remove the debug tag.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.templates.debug-template-tag.debug-template-tag)\n - [https://docs.djangoproject.com/en/4.2/ref/templates/builtins/#debug](https://docs.djangoproject.com/en/4.2/ref/templates/builtins/#debug)\n - [https://stackoverflow.com/questions/2213977/django-debug-display-all-variables-of-a-page](https://stackoverflow.com/questions/2213977/django-debug-display-all-variables-of-a-page)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-snyk-api-key.detected-snyk-api-key",
-              "id": "generic.secrets.security.detected-snyk-api-key.detected-snyk-api-key",
-              "name": "generic.secrets.security.detected-snyk-api-key.detected-snyk-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-489: Active Debug Code",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-snyk-api-key.detected-snyk-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.kubernetes.security.hostnetwork-pod.hostnetwork-pod",
+              "name": "yaml.kubernetes.security.hostnetwork-pod.hostnetwork-pod",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.hostnetwork-pod.hostnetwork-pod"
               },
-              "fullDescription": {
-                "text": "Ensure that actions that can result in privilege escalation are not used. These actions could potentially result in an attacker gaining full administrator access of an AWS account. Try not to use these actions."
+              "full_description": {
+                "text": "Pod may use the node network namespace. This gives the pod access to the loopback device, services listening on localhost, and could be used to snoop on network activity of other pods on the same node. Remove the 'hostNetwork' key to disable this functionality."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.hostnetwork-pod.hostnetwork-pod",
               "help": {
-                "markdown": "Ensure that actions that can result in privilege escalation are not used. These actions could potentially result in an attacker gaining full administrator access of an AWS account. Try not to use these actions.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-funcs.no-iam-priv-esc-funcs)\n - [https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/](https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/](https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/)\n",
-                "text": "Ensure that actions that can result in privilege escalation are not used. These actions could potentially result in an attacker gaining full administrator access of an AWS account. Try not to use these actions.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Pod may use the node network namespace. This gives the pod access to the loopback device, services listening on localhost, and could be used to snoop on network activity of other pods on the same node. Remove the 'hostNetwork' key to disable this functionality.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Pod may use the node network namespace. This gives the pod access to the loopback device, services listening on localhost, and could be used to snoop on network activity of other pods on the same node. Remove the 'hostNetwork' key to disable this functionality.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.hostnetwork-pod.hostnetwork-pod)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-funcs.no-iam-priv-esc-funcs",
-              "id": "terraform.lang.security.iam.no-iam-priv-esc-funcs.no-iam-priv-esc-funcs",
-              "name": "terraform.lang.security.iam.no-iam-priv-esc-funcs.no-iam-priv-esc-funcs",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-250: Execution with Unnecessary Privileges",
+                  "CWE-406: Insufficient Control of Network Message Volume (Network Amplification)",
                   "LOW CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-priv-esc-funcs.no-iam-priv-esc-funcs"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.secrets.security.detected-picatic-api-key.detected-picatic-api-key",
+              "name": "generic.secrets.security.detected-picatic-api-key.detected-picatic-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-picatic-api-key.detected-picatic-api-key"
               },
-              "fullDescription": {
-                "text": "$VAR.getRate() call on a Balancer pool is not protected from the read-only reentrancy."
+              "full_description": {
+                "text": "Picatic API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-picatic-api-key.detected-picatic-api-key",
               "help": {
-                "markdown": "$VAR.getRate() call on a Balancer pool is not protected from the read-only reentrancy.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.balancer-readonly-reentrancy-getrate.balancer-readonly-reentrancy-getrate)\n - [https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345](https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345)\n",
-                "text": "$VAR.getRate() call on a Balancer pool is not protected from the read-only reentrancy.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Picatic API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Picatic API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-picatic-api-key.detected-picatic-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.balancer-readonly-reentrancy-getrate.balancer-readonly-reentrancy-getrate",
-              "id": "solidity.security.balancer-readonly-reentrancy-getrate.balancer-readonly-reentrancy-getrate",
-              "name": "solidity.security.balancer-readonly-reentrancy-getrate.balancer-readonly-reentrancy-getrate",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-841: Improper Enforcement of Behavioral Workflow",
-                  "HIGH CONFIDENCE",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.balancer-readonly-reentrancy-getrate.balancer-readonly-reentrancy-getrate"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "terraform.azure.security.appservice.appservice-authentication-enabled.appservice-authentication-enabled",
+              "name": "terraform.azure.security.appservice.appservice-authentication-enabled.appservice-authentication-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-authentication-enabled.appservice-authentication-enabled"
               },
-              "fullDescription": {
-                "text": "The AWS Lambda function does not have active X-Ray tracing enabled. X-Ray tracing enables end-to-end debugging and analysis of all function activity. This makes it easier to trace the flow of logs and identify bottlenecks, slow downs and timeouts."
+              "full_description": {
+                "text": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-authentication-enabled.appservice-authentication-enabled",
               "help": {
-                "markdown": "The AWS Lambda function does not have active X-Ray tracing enabled. X-Ray tracing enables end-to-end debugging and analysis of all function activity. This makes it easier to trace the flow of logs and identify bottlenecks, slow downs and timeouts.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active)\n - [https://cwe.mitre.org/data/definitions/778.html](https://cwe.mitre.org/data/definitions/778.html)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#mode](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#mode)\n - [https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html)\n",
-                "text": "The AWS Lambda function does not have active X-Ray tracing enabled. X-Ray tracing enables end-to-end debugging and analysis of all function activity. This makes it easier to trace the flow of logs and identify bottlenecks, slow downs and timeouts.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-authentication-enabled.appservice-authentication-enabled)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#auth_settings](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#auth_settings)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active",
-              "id": "terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active",
-              "name": "terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-778: Insufficient Logging",
+                  "CWE-287: Improper Authentication",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A09:2021 Security Logging and Monitoring Failures",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.decompression_bomb.potential-dos-via-decompression-bomb",
+              "name": "go.lang.security.decompression_bomb.potential-dos-via-decompression-bomb",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.decompression_bomb.potential-dos-via-decompression-bomb"
               },
-              "fullDescription": {
-                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions."
+              "full_description": {
+                "text": "Detected a possible denial-of-service via a zip bomb attack. By limiting the max bytes read, you can mitigate this attack. `io.CopyN()` can specify a size. "
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.decompression_bomb.potential-dos-via-decompression-bomb",
               "help": {
-                "markdown": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-header-cors-any.nestjs-header-cors-any)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a possible denial-of-service via a zip bomb attack. By limiting the max bytes read, you can mitigate this attack. `io.CopyN()` can specify a size. \n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a possible denial-of-service via a zip bomb attack. By limiting the max bytes read, you can mitigate this attack. `io.CopyN()` can specify a size. \n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.decompression_bomb.potential-dos-via-decompression-bomb)\n - [https://golang.org/pkg/io/#CopyN](https://golang.org/pkg/io/#CopyN)\n - [https://github.com/securego/gosec/blob/master/rules/decompression-bomb.go](https://github.com/securego/gosec/blob/master/rules/decompression-bomb.go)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-header-cors-any.nestjs-header-cors-any",
-              "id": "typescript.nestjs.security.audit.nestjs-header-cors-any.nestjs-header-cors-any",
-              "name": "typescript.nestjs.security.audit.nestjs-header-cors-any.nestjs-header-cors-any",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-183: Permissive List of Allowed Inputs",
+                  "CWE-400: Uncontrolled Resource Consumption",
                   "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.nestjs.security.audit.nestjs-header-cors-any.nestjs-header-cors-any"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "solidity.security.erc721-arbitrary-transferfrom.erc721-arbitrary-transferfrom",
+              "name": "solidity.security.erc721-arbitrary-transferfrom.erc721-arbitrary-transferfrom",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.erc721-arbitrary-transferfrom.erc721-arbitrary-transferfrom"
               },
-              "fullDescription": {
-                "text": "Storing JWT tokens in localStorage known to be a bad practice, consider moving your tokens from localStorage to a HTTP cookie."
+              "full_description": {
+                "text": "Custom ERC721 implementation lacks access control checks in _transfer()"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/solidity.security.erc721-arbitrary-transferfrom.erc721-arbitrary-transferfrom",
               "help": {
-                "markdown": "Storing JWT tokens in localStorage known to be a bad practice, consider moving your tokens from localStorage to a HTTP cookie.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.audit.react-jwt-in-localstorage.react-jwt-in-localstorage)\n - [https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies)\n",
-                "text": "Storing JWT tokens in localStorage known to be a bad practice, consider moving your tokens from localStorage to a HTTP cookie.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Custom ERC721 implementation lacks access control checks in _transfer()\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Custom ERC721 implementation lacks access control checks in _transfer()\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.erc721-arbitrary-transferfrom.erc721-arbitrary-transferfrom)\n - [https://twitter.com/BlockSecAlert/status/1516289618605654024](https://twitter.com/BlockSecAlert/status/1516289618605654024)\n - [https://etherscan.io/address/0xf3821adaceb6500c0a202971aecf840a033f236b](https://etherscan.io/address/0xf3821adaceb6500c0a202971aecf840a033f236b)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.react.security.audit.react-jwt-in-localstorage.react-jwt-in-localstorage",
-              "id": "typescript.react.security.audit.react-jwt-in-localstorage.react-jwt-in-localstorage",
-              "name": "typescript.react.security.audit.react-jwt-in-localstorage.react-jwt-in-localstorage",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-922: Insecure Storage of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-284: Improper Access Control",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.react.security.audit.react-jwt-in-localstorage.react-jwt-in-localstorage"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.s3-cors-all-origins.all-origins-allowed",
+              "name": "terraform.lang.security.s3-cors-all-origins.all-origins-allowed",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.s3-cors-all-origins.all-origins-allowed"
               },
-              "fullDescription": {
-                "text": "Detected non-static command inside $PIPE. Audit the input to '$PIPE'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              "full_description": {
+                "text": "CORS rule on bucket permits any origin"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.s3-cors-all-origins.all-origins-allowed",
               "help": {
-                "markdown": "Detected non-static command inside $PIPE. Audit the input to '$PIPE'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.dangerous-open3-pipeline.dangerous-open3-pipeline)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected non-static command inside $PIPE. Audit the input to '$PIPE'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "CORS rule on bucket permits any origin\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "CORS rule on bucket permits any origin\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.s3-cors-all-origins.all-origins-allowed)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#using-cors](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#using-cors)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.dangerous-open3-pipeline.dangerous-open3-pipeline",
-              "id": "ruby.lang.security.dangerous-open3-pipeline.dangerous-open3-pipeline",
-              "name": "ruby.lang.security.dangerous-open3-pipeline.dangerous-open3-pipeline",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-942: Permissive Cross-domain Policy with Untrusted Domains",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.dangerous-open3-pipeline.dangerous-open3-pipeline"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.express-libxml-noent.express-libxml-noent",
+              "name": "javascript.express.security.audit.express-libxml-noent.express-libxml-noent",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-libxml-noent.express-libxml-noent"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead."
+              "full_description": {
+                "text": "The libxml library processes user-input with the `noent` attribute is set to `true` which can lead to being vulnerable to XML External Entities (XXE) type attacks. It is recommended to set `noent` to `false` when using this feature to ensure you are protected."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-libxml-noent.express-libxml-noent",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.aws-lambda.security.tainted-sqli.tainted-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The libxml library processes user-input with the `noent` attribute is set to `true` which can lead to being vulnerable to XML External Entities (XXE) type attacks. It is recommended to set `noent` to `false` when using this feature to ensure you are protected.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The libxml library processes user-input with the `noent` attribute is set to `true` which can lead to being vulnerable to XML External Entities (XXE) type attacks. It is recommended to set `noent` to `false` when using this feature to ensure you are protected.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-libxml-noent.express-libxml-noent)\n - [https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.aws-lambda.security.tainted-sqli.tainted-sqli",
-              "id": "java.aws-lambda.security.tainted-sqli.tainted-sqli",
-              "name": "java.aws-lambda.security.tainted-sqli.tainted-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.aws-lambda.security.tainted-sqli.tainted-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.detect-disable-mustache-escape.detect-disable-mustache-escape",
+              "name": "javascript.lang.security.detect-disable-mustache-escape.detect-disable-mustache-escape",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.detect-disable-mustache-escape.detect-disable-mustache-escape"
               },
-              "fullDescription": {
-                "text": "Detected use of a Java socket that is not encrypted. As a result, the traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead."
+              "full_description": {
+                "text": "Markup escaping disabled. This can be used with some template engines to escape disabling of HTML entities, which can lead to XSS attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.detect-disable-mustache-escape.detect-disable-mustache-escape",
               "help": {
-                "markdown": "Detected use of a Java socket that is not encrypted. As a result, the traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.unencrypted-socket.unencrypted-socket)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected use of a Java socket that is not encrypted. As a result, the traffic could be read by an attacker intercepting the network traffic. Use an SSLSocket created by 'SSLSocketFactory' or 'SSLServerSocketFactory' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Markup escaping disabled. This can be used with some template engines to escape disabling of HTML entities, which can lead to XSS attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Markup escaping disabled. This can be used with some template engines to escape disabling of HTML entities, which can lead to XSS attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-disable-mustache-escape.detect-disable-mustache-escape)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.unencrypted-socket.unencrypted-socket",
-              "id": "java.lang.security.audit.crypto.unencrypted-socket.unencrypted-socket",
-              "name": "java.lang.security.audit.crypto.unencrypted-socket.unencrypted-socket",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-116: Improper Encoding or Escaping of Output",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.unencrypted-socket.unencrypted-socket"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.go-stdlib.sling-http-request.sling-http-request",
+              "name": "problem-based-packs.insecure-transport.go-stdlib.sling-http-request.sling-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.sling-http-request.sling-http-request"
               },
-              "fullDescription": {
-                "text": "Detected usage of crypto.pseudoRandomBytes, which does not produce secure random numbers."
+              "full_description": {
+                "text": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.sling-http-request.sling-http-request",
               "help": {
-                "markdown": "Detected usage of crypto.pseudoRandomBytes, which does not produce secure random numbers.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-pseudorandombytes.detect-pseudoRandomBytes)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected usage of crypto.pseudoRandomBytes, which does not produce secure random numbers.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.sling-http-request.sling-http-request)\n - [https://godoc.org/github.com/dghubble/sling#Sling.Add](https://godoc.org/github.com/dghubble/sling#Sling.Add)\n - [https://github.com/dghubble/sling](https://github.com/dghubble/sling)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.detect-pseudorandombytes.detect-pseudoRandomBytes",
-              "id": "javascript.lang.security.detect-pseudorandombytes.detect-pseudoRandomBytes",
-              "name": "javascript.lang.security.detect-pseudorandombytes.detect-pseudoRandomBytes",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.detect-pseudorandombytes.detect-pseudoRandomBytes"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "trailofbits.python.tarfile-extractall-traversal.tarfile-extractall-traversal",
+              "name": "trailofbits.python.tarfile-extractall-traversal.tarfile-extractall-traversal",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.python.tarfile-extractall-traversal.tarfile-extractall-traversal"
               },
-              "fullDescription": {
-                "text": "Detected user input controlling a file path. An attacker could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path."
+              "full_description": {
+                "text": "Possible path traversal through `tarfile.open($PATH).extractall()` if the source tar is controlled by an attacker"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/trailofbits.python.tarfile-extractall-traversal.tarfile-extractall-traversal",
               "help": {
-                "markdown": "Detected user input controlling a file path. An attacker could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.injection.tainted-file-path.tainted-file-path)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n",
-                "text": "Detected user input controlling a file path. An attacker could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Possible path traversal through `tarfile.open($PATH).extractall()` if the source tar is controlled by an attacker\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Possible path traversal through `tarfile.open($PATH).extractall()` if the source tar is controlled by an attacker\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.tarfile-extractall-traversal.tarfile-extractall-traversal)\n - [https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extractall](https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extractall)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.injection.tainted-file-path.tainted-file-path",
-              "id": "java.spring.security.injection.tainted-file-path.tainted-file-path",
-              "name": "java.spring.security.injection.tainted-file-path.tainted-file-path",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-23: Relative Path Traversal",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.injection.tainted-file-path.tainted-file-path"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.system-wildcard-detected.system-wildcard-detected",
+              "name": "python.lang.security.audit.system-wildcard-detected.system-wildcard-detected",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.system-wildcard-detected.system-wildcard-detected"
               },
-              "fullDescription": {
-                "text": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'"
+              "full_description": {
+                "text": "Detected use of the wildcard character in a system call that spawns a shell. This subjects the wildcard to normal shell expansion, which can have unintended consequences if there exist any non-standard file names. Consider a file named '-e sh script.sh' -- this will execute a script when 'rsync' is called. See https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.system-wildcard-detected.system-wildcard-detected",
               "help": {
-                "markdown": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.cookie-missing-secure-flag.cookie-missing-secure-flag)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n",
-                "text": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected use of the wildcard character in a system call that spawns a shell. This subjects the wildcard to normal shell expansion, which can have unintended consequences if there exist any non-standard file names. Consider a file named '-e sh script.sh' -- this will execute a script when 'rsync' is called. See https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of the wildcard character in a system call that spawns a shell. This subjects the wildcard to normal shell expansion, which can have unintended consequences if there exist any non-standard file names. Consider a file named '-e sh script.sh' -- this will execute a script when 'rsync' is called. See https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.system-wildcard-detected.system-wildcard-detected)\n - [https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt](https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.cookie-missing-secure-flag.cookie-missing-secure-flag",
-              "id": "kotlin.lang.security.cookie-missing-secure-flag.cookie-missing-secure-flag",
-              "name": "kotlin.lang.security.cookie-missing-secure-flag.cookie-missing-secure-flag",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A01:2017 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.cookie-missing-secure-flag.cookie-missing-secure-flag"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.compatibility.python36.python36-compatibility-Popen1",
+              "name": "python.lang.compatibility.python36.python36-compatibility-Popen1",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python36.python36-compatibility-Popen1"
               },
-              "fullDescription": {
-                "text": "Missing mutex unlock (`$T` variable) before returning from a function.  This could result in panics resulting from double lock operations"
+              "full_description": {
+                "text": "the `errors` argument to Popen is only available on Python 3.6+"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-Popen1",
               "help": {
-                "markdown": "Missing mutex unlock (`$T` variable) before returning from a function.  This could result in panics resulting from double lock operations\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.missing-unlock-before-return.missing-unlock-before-return)\n - [https://pkg.go.dev/sync#Mutex](https://pkg.go.dev/sync#Mutex)\n - [https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/](https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/)\n",
-                "text": "Missing mutex unlock (`$T` variable) before returning from a function.  This could result in panics resulting from double lock operations\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "the `errors` argument to Popen is only available on Python 3.6+\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "the `errors` argument to Popen is only available on Python 3.6+\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-Popen1)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.missing-unlock-before-return.missing-unlock-before-return",
-              "id": "trailofbits.go.missing-unlock-before-return.missing-unlock-before-return",
-              "name": "trailofbits.go.missing-unlock-before-return.missing-unlock-before-return",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-667: Improper Locking",
-                  "MEDIUM CONFIDENCE",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.missing-unlock-before-return.missing-unlock-before-return"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape",
+              "name": "javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape"
               },
-              "fullDescription": {
-                "text": "$POOL.get_virtual_price() call on a Curve pool is not protected from the read-only reentrancy."
+              "full_description": {
+                "text": "Detected an explicit unescape in an EJS template, using '<%- ... %>' If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. Use '<%= ... %>' to escape this data. If you need escaping, ensure no external data can reach this location."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape",
               "help": {
-                "markdown": "$POOL.get_virtual_price() call on a Curve pool is not protected from the read-only reentrancy.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.curve-readonly-reentrancy.curve-readonly-reentrancy)\n - [https://chainsecurity.com/heartbreaks-curve-lp-oracles/](https://chainsecurity.com/heartbreaks-curve-lp-oracles/)\n - [https://chainsecurity.com/curve-lp-oracle-manipulation-post-mortem/](https://chainsecurity.com/curve-lp-oracle-manipulation-post-mortem/)\n",
-                "text": "$POOL.get_virtual_price() call on a Curve pool is not protected from the read-only reentrancy.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an explicit unescape in an EJS template, using '<%- ... %>' If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. Use '<%= ... %>' to escape this data. If you need escaping, ensure no external data can reach this location.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an explicit unescape in an EJS template, using '<%- ... %>' If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. Use '<%= ... %>' to escape this data. If you need escaping, ensure no external data can reach this location.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape)\n - [http://www.managerjs.com/blog/2015/05/will-ejs-escape-save-me-from-xss-sorta/](http://www.managerjs.com/blog/2015/05/will-ejs-escape-save-me-from-xss-sorta/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.curve-readonly-reentrancy.curve-readonly-reentrancy",
-              "id": "solidity.security.curve-readonly-reentrancy.curve-readonly-reentrancy",
-              "name": "solidity.security.curve-readonly-reentrancy.curve-readonly-reentrancy",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-841: Improper Enforcement of Behavioral Workflow",
-                  "HIGH CONFIDENCE",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.curve-readonly-reentrancy.curve-readonly-reentrancy"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.avoid-tainted-ftp-call.avoid-tainted-ftp-call",
+              "name": "ruby.rails.security.audit.avoid-tainted-ftp-call.avoid-tainted-ftp-call",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.avoid-tainted-ftp-call.avoid-tainted-ftp-call"
               },
-              "fullDescription": {
-                "text": "In Kubernetes, each pod runs in its own isolated environment with its own  set of security policies. However, certain container images may contain  `setuid` or `setgid` binaries that could allow an attacker to perform  privilege escalation and gain access to sensitive resources. To mitigate  this risk, it's recommended to add a `securityContext` to the container in  the pod, with the parameter `allowPrivilegeEscalation` set to `false`.  This will prevent the container from running any privileged processes and  limit the impact of any potential attacks.  In the container `$CONTAINER` this parameter is set to `true` which makes this container much more vulnerable to privelege escalation attacks."
+              "full_description": {
+                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-ftp-call.avoid-tainted-ftp-call",
               "help": {
-                "markdown": "In Kubernetes, each pod runs in its own isolated environment with its own  set of security policies. However, certain container images may contain  `setuid` or `setgid` binaries that could allow an attacker to perform  privilege escalation and gain access to sensitive resources. To mitigate  this risk, it's recommended to add a `securityContext` to the container in  the pod, with the parameter `allowPrivilegeEscalation` set to `false`.  This will prevent the container from running any privileged processes and  limit the impact of any potential attacks.  In the container `$CONTAINER` this parameter is set to `true` which makes this container much more vulnerable to privelege escalation attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation-true.allow-privilege-escalation-true)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n - [https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag)\n",
-                "text": "In Kubernetes, each pod runs in its own isolated environment with its own  set of security policies. However, certain container images may contain  `setuid` or `setgid` binaries that could allow an attacker to perform  privilege escalation and gain access to sensitive resources. To mitigate  this risk, it's recommended to add a `securityContext` to the container in  the pod, with the parameter `allowPrivilegeEscalation` set to `false`.  This will prevent the container from running any privileged processes and  limit the impact of any potential attacks.  In the container `$CONTAINER` this parameter is set to `true` which makes this container much more vulnerable to privelege escalation attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-ftp-call.avoid-tainted-ftp-call)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation-true.allow-privilege-escalation-true",
-              "id": "yaml.kubernetes.security.allow-privilege-escalation-true.allow-privilege-escalation-true",
-              "name": "yaml.kubernetes.security.allow-privilege-escalation-true.allow-privilege-escalation-true",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.allow-privilege-escalation-true.allow-privilege-escalation-true"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.crypto.ssl.avoid-implementing-custom-digests.avoid-implementing-custom-digests",
+              "name": "java.lang.security.audit.crypto.ssl.avoid-implementing-custom-digests.avoid-implementing-custom-digests",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.ssl.avoid-implementing-custom-digests.avoid-implementing-custom-digests"
               },
-              "fullDescription": {
-                "text": "Found 'subprocess' function '$FUNC' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead."
+              "full_description": {
+                "text": "Cryptographic algorithms are notoriously difficult to get right. By implementing a custom message digest, you risk introducing security issues into your program. Use one of the many sound message digests already available to you: MessageDigest sha256Digest = MessageDigest.getInstance(\"SHA256\");"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.avoid-implementing-custom-digests.avoid-implementing-custom-digests",
               "help": {
-                "markdown": "Found 'subprocess' function '$FUNC' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.subprocess-shell-true.subprocess-shell-true)\n - [https://stackoverflow.com/questions/3172470/actual-meaning-of-shell-true-in-subprocess](https://stackoverflow.com/questions/3172470/actual-meaning-of-shell-true-in-subprocess)\n - [https://docs.python.org/3/library/subprocess.html](https://docs.python.org/3/library/subprocess.html)\n",
-                "text": "Found 'subprocess' function '$FUNC' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Cryptographic algorithms are notoriously difficult to get right. By implementing a custom message digest, you risk introducing security issues into your program. Use one of the many sound message digests already available to you: MessageDigest sha256Digest = MessageDigest.getInstance(\"SHA256\");\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Cryptographic algorithms are notoriously difficult to get right. By implementing a custom message digest, you risk introducing security issues into your program. Use one of the many sound message digests already available to you: MessageDigest sha256Digest = MessageDigest.getInstance(\"SHA256\");\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.avoid-implementing-custom-digests.avoid-implementing-custom-digests)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#custom-algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#custom-algorithms)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.subprocess-shell-true.subprocess-shell-true",
-              "id": "python.lang.security.audit.subprocess-shell-true.subprocess-shell-true",
-              "name": "python.lang.security.audit.subprocess-shell-true.subprocess-shell-true",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.subprocess-shell-true.subprocess-shell-true"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.conn_recv.multiprocessing-recv",
+              "name": "python.lang.security.audit.conn_recv.multiprocessing-recv",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.conn_recv.multiprocessing-recv"
               },
-              "fullDescription": {
-                "text": "No validation of origin is done by the addEventListener API. It may be possible to exploit this flaw to perform Cross Origin attacks such as Cross-Site Scripting(XSS)."
+              "full_description": {
+                "text": "The Connection.recv() method automatically unpickles the data it receives, which can be a security risk unless you can trust the process which sent the message. Therefore, unless the connection object was produced using Pipe() you should only use the recv() and send() methods after performing some sort of authentication. See more dettails: https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.conn_recv.multiprocessing-recv",
               "help": {
-                "markdown": "No validation of origin is done by the addEventListener API. It may be possible to exploit this flaw to perform Cross Origin attacks such as Cross-Site Scripting(XSS).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.insufficient-postmessage-origin-validation.insufficient-postmessage-origin-validation)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n",
-                "text": "No validation of origin is done by the addEventListener API. It may be possible to exploit this flaw to perform Cross Origin attacks such as Cross-Site Scripting(XSS).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The Connection.recv() method automatically unpickles the data it receives, which can be a security risk unless you can trust the process which sent the message. Therefore, unless the connection object was produced using Pipe() you should only use the recv() and send() methods after performing some sort of authentication. See more dettails: https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The Connection.recv() method automatically unpickles the data it receives, which can be a security risk unless you can trust the process which sent the message. Therefore, unless the connection object was produced using Pipe() you should only use the recv() and send() methods after performing some sort of authentication. See more dettails: https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.conn_recv.multiprocessing-recv)\n - [https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection](https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.browser.security.insufficient-postmessage-origin-validation.insufficient-postmessage-origin-validation",
-              "id": "javascript.browser.security.insufficient-postmessage-origin-validation.insufficient-postmessage-origin-validation",
-              "name": "javascript.browser.security.insufficient-postmessage-origin-validation.insufficient-postmessage-origin-validation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-345: Insufficient Verification of Data Authenticity",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "LOW CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
                   "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.browser.security.insufficient-postmessage-origin-validation.insufficient-postmessage-origin-validation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.hardcoded-http-auth-in-controller.hardcoded-http-auth-in-controller",
+              "name": "ruby.lang.security.hardcoded-http-auth-in-controller.hardcoded-http-auth-in-controller",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.hardcoded-http-auth-in-controller.hardcoded-http-auth-in-controller"
               },
-              "fullDescription": {
-                "text": "RSA keys should be at least 2048 bits based on NIST recommendation."
+              "full_description": {
+                "text": "Detected hardcoded password used in basic authentication in a controller class. Including this password in version control could expose this credential. Consider refactoring to use environment variables or configuration files."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.hardcoded-http-auth-in-controller.hardcoded-http-auth-in-controller",
               "help": {
-                "markdown": "RSA keys should be at least 2048 bits based on NIST recommendation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.weak-rsa.use-of-weak-rsa-key)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms)\n",
-                "text": "RSA keys should be at least 2048 bits based on NIST recommendation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected hardcoded password used in basic authentication in a controller class. Including this password in version control could expose this credential. Consider refactoring to use environment variables or configuration files.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected hardcoded password used in basic authentication in a controller class. Including this password in version control could expose this credential. Consider refactoring to use environment variables or configuration files.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.hardcoded-http-auth-in-controller.hardcoded-http-auth-in-controller)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.weak-rsa.use-of-weak-rsa-key",
-              "id": "kotlin.lang.security.weak-rsa.use-of-weak-rsa-key",
-              "name": "kotlin.lang.security.weak-rsa.use-of-weak-rsa-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.weak-rsa.use-of-weak-rsa-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.rds-insecure-password-storage-in-source-code.rds-insecure-password-storage-in-source-code",
+              "name": "terraform.lang.security.rds-insecure-password-storage-in-source-code.rds-insecure-password-storage-in-source-code",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.rds-insecure-password-storage-in-source-code.rds-insecure-password-storage-in-source-code"
               },
-              "fullDescription": {
-                "text": "Detected template variable interpolation in a JavaScript template string. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over JavaScript but without the need to use escaped characters. Instead, obtain this variable outside of the template string and ensure your template is properly escaped."
+              "full_description": {
+                "text": "RDS instance or cluster with hardcoded credentials in source code. It is recommended to pass the credentials at runtime, or generate random credentials using the random_password resource."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.rds-insecure-password-storage-in-source-code.rds-insecure-password-storage-in-source-code",
               "help": {
-                "markdown": "Detected template variable interpolation in a JavaScript template string. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over JavaScript but without the need to use escaped characters. Instead, obtain this variable outside of the template string and ensure your template is properly escaped.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-interpolation-js-template-string.no-interpolation-js-template-string)\n - [https://github.com/golang/go/issues/9200#issuecomment-66100328](https://github.com/golang/go/issues/9200#issuecomment-66100328)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n",
-                "text": "Detected template variable interpolation in a JavaScript template string. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over JavaScript but without the need to use escaped characters. Instead, obtain this variable outside of the template string and ensure your template is properly escaped.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "RDS instance or cluster with hardcoded credentials in source code. It is recommended to pass the credentials at runtime, or generate random credentials using the random_password resource.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "RDS instance or cluster with hardcoded credentials in source code. It is recommended to pass the credentials at runtime, or generate random credentials using the random_password resource.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.rds-insecure-password-storage-in-source-code.rds-insecure-password-storage-in-source-code)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#master_password](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#master_password)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#master_password](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#master_password)\n - [https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-interpolation-js-template-string.no-interpolation-js-template-string",
-              "id": "go.lang.security.audit.xss.no-interpolation-js-template-string.no-interpolation-js-template-string",
-              "name": "go.lang.security.audit.xss.no-interpolation-js-template-string.no-interpolation-js-template-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.xss.no-interpolation-js-template-string.no-interpolation-js-template-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.detailed-exceptions.detailed-exceptions",
+              "name": "ruby.rails.security.audit.detailed-exceptions.detailed-exceptions",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.detailed-exceptions.detailed-exceptions"
               },
-              "fullDescription": {
-                "text": "By default, AWS CloudWatch Log Group is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your log group in CloudWatch. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so."
+              "full_description": {
+                "text": "Found that the setting for providing detailed exception reports in Rails is set to true. This can lead to information exposure, where sensitive system or internal information is displayed to the end user. Instead, turn this setting off."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.detailed-exceptions.detailed-exceptions",
               "help": {
-                "markdown": "By default, AWS CloudWatch Log Group is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your log group in CloudWatch. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-cloudwatch-log-group-unencrypted.aws-cloudwatch-log-group-unencrypted)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n",
-                "text": "By default, AWS CloudWatch Log Group is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your log group in CloudWatch. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found that the setting for providing detailed exception reports in Rails is set to true. This can lead to information exposure, where sensitive system or internal information is displayed to the end user. Instead, turn this setting off.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found that the setting for providing detailed exception reports in Rails is set to true. This can lead to information exposure, where sensitive system or internal information is displayed to the end user. Instead, turn this setting off.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.detailed-exceptions.detailed-exceptions)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-cloudwatch-log-group-unencrypted.aws-cloudwatch-log-group-unencrypted",
-              "id": "terraform.aws.security.aws-cloudwatch-log-group-unencrypted.aws-cloudwatch-log-group-unencrypted",
-              "name": "terraform.aws.security.aws-cloudwatch-log-group-unencrypted.aws-cloudwatch-log-group-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-cloudwatch-log-group-unencrypted.aws-cloudwatch-log-group-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-domain",
+              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-domain",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-domain"
               },
-              "fullDescription": {
-                "text": "Found request data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'."
+              "full_description": {
+                "text": "Default session middleware settings: `domain` not set. It indicates the domain of the cookie; use it to compare against the domain of the server in which the URL is being requested. If they match, then check the path attribute next."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-domain",
               "help": {
-                "markdown": "Found request data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.code.globals-misuse-code-execution.globals-misuse-code-execution)\n - [https://github.com/mpirnat/lets-be-bad-guys/blob/d92768fb3ade32956abd53bd6bb06e19d634a084/badguys/vulnerable/views.py#L181-L186](https://github.com/mpirnat/lets-be-bad-guys/blob/d92768fb3ade32956abd53bd6bb06e19d634a084/badguys/vulnerable/views.py#L181-L186)\n",
-                "text": "Found request data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Default session middleware settings: `domain` not set. It indicates the domain of the cookie; use it to compare against the domain of the server in which the URL is being requested. If they match, then check the path attribute next.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Default session middleware settings: `domain` not set. It indicates the domain of the cookie; use it to compare against the domain of the server in which the URL is being requested. If they match, then check the path attribute next.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-domain)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.code.globals-misuse-code-execution.globals-misuse-code-execution",
-              "id": "python.django.security.injection.code.globals-misuse-code-execution.globals-misuse-code-execution",
-              "name": "python.django.security.injection.code.globals-misuse-code-execution.globals-misuse-code-execution",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.code.globals-misuse-code-execution.globals-misuse-code-execution"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.azure.security.appservice.appservice-account-identity-registered.appservice-account-identity-registered",
+              "name": "terraform.azure.security.appservice.appservice-account-identity-registered.appservice-account-identity-registered",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-account-identity-registered.appservice-account-identity-registered"
               },
-              "fullDescription": {
-                "text": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities"
+              "full_description": {
+                "text": "Registering the identity used by an App with AD allows it to interact with other services without using username and password. Set the `identity` block in your appservice."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-account-identity-registered.appservice-account-identity-registered",
               "help": {
-                "markdown": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-xml2json-xxe.express-xml2json-xxe)\n - [https://www.npmjs.com/package/xml2json](https://www.npmjs.com/package/xml2json)\n",
-                "text": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Registering the identity used by an App with AD allows it to interact with other services without using username and password. Set the `identity` block in your appservice.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Registering the identity used by an App with AD allows it to interact with other services without using username and password. Set the `identity` block in your appservice.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-account-identity-registered.appservice-account-identity-registered)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#identity](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#identity)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-xml2json-xxe.express-xml2json-xxe",
-              "id": "javascript.express.security.express-xml2json-xxe.express-xml2json-xxe",
-              "name": "javascript.express.security.express-xml2json-xxe.express-xml2json-xxe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-287: Improper Authentication",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-xml2json-xxe.express-xml2json-xxe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.injection.tainted-url-host.tainted-url-host",
+              "name": "ruby.rails.security.injection.tainted-url-host.tainted-url-host",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.injection.tainted-url-host.tainted-url-host"
               },
-              "fullDescription": {
-                "text": "Detected use of parseXml() function with the `noent` field set to `true`. This can lead to an XML External Entities (XXE) attack if untrusted data is passed into it."
+              "full_description": {
+                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Use the `ssrf_filter` gem and guard the url construction with `SsrfFilter(...)`, or create an allowlist for approved hosts."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.injection.tainted-url-host.tainted-url-host",
               "help": {
-                "markdown": "Detected use of parseXml() function with the `noent` field set to `true`. This can lead to an XML External Entities (XXE) attack if untrusted data is passed into it.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent)\n - [https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html)\n",
-                "text": "Detected use of parseXml() function with the `noent` field set to `true`. This can lead to an XML External Entities (XXE) attack if untrusted data is passed into it.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Use the `ssrf_filter` gem and guard the url construction with `SsrfFilter(...)`, or create an allowlist for approved hosts.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Use the `ssrf_filter` gem and guard the url construction with `SsrfFilter(...)`, or create an allowlist for approved hosts.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.injection.tainted-url-host.tainted-url-host)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n - [https://github.com/arkadiyt/ssrf_filter](https://github.com/arkadiyt/ssrf_filter)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent",
-              "id": "javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent",
-              "name": "javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "LOW CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.dotnet.security.audit.mass-assignment.mass-assignment",
+              "name": "csharp.dotnet.security.audit.mass-assignment.mass-assignment",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.dotnet.security.audit.mass-assignment.mass-assignment"
               },
-              "fullDescription": {
-                "text": "Service '$SERVICE' is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability."
+              "full_description": {
+                "text": "Mass assignment or Autobinding vulnerability in code allows an attacker to execute over-posting attacks, which could create a new parameter in the binding request and manipulate the underlying object in the application."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.dotnet.security.audit.mass-assignment.mass-assignment",
               "help": {
-                "markdown": "Service '$SERVICE' is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.privileged-service.privileged-service)\n - [https://www.trendmicro.com/en_us/research/19/l/why-running-a-privileged-container-in-docker-is-a-bad-idea.html](https://www.trendmicro.com/en_us/research/19/l/why-running-a-privileged-container-in-docker-is-a-bad-idea.html)\n - [https://containerjournal.com/topics/container-security/why-running-a-privileged-container-is-not-a-good-idea/](https://containerjournal.com/topics/container-security/why-running-a-privileged-container-is-not-a-good-idea/)\n",
-                "text": "Service '$SERVICE' is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Mass assignment or Autobinding vulnerability in code allows an attacker to execute over-posting attacks, which could create a new parameter in the binding request and manipulate the underlying object in the application.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Mass assignment or Autobinding vulnerability in code allows an attacker to execute over-posting attacks, which could create a new parameter in the binding request and manipulate the underlying object in the application.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.audit.mass-assignment.mass-assignment)\n - [https://cwe.mitre.org/data/definitions/915.html](https://cwe.mitre.org/data/definitions/915.html)\n - [https://github.com/OWASP/API-Security/blob/master/2019/en/src/0xa6-mass-assignment.md](https://github.com/OWASP/API-Security/blob/master/2019/en/src/0xa6-mass-assignment.md)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.docker-compose.security.privileged-service.privileged-service",
-              "id": "yaml.docker-compose.security.privileged-service.privileged-service",
-              "name": "yaml.docker-compose.security.privileged-service.privileged-service",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-250: Execution with Unnecessary Privileges",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.docker-compose.security.privileged-service.privileged-service"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.express-wkhtml-injection.express-wkhtmltoimage-injection",
+              "name": "javascript.express.security.express-wkhtml-injection.express-wkhtmltoimage-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-wkhtml-injection.express-wkhtmltoimage-injection"
               },
-              "fullDescription": {
-                "text": "Detects potential Google Maps API keys in code"
+              "full_description": {
+                "text": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-wkhtml-injection.express-wkhtmltoimage-injection",
               "help": {
-                "markdown": "Detects potential Google Maps API keys in code\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.google-maps-apikeyleak.google-maps-apikeyleak)\n - [https://ozguralp.medium.com/unauthorized-google-maps-api-key-usage-cases-and-why-you-need-to-care-1ccb28bf21e](https://ozguralp.medium.com/unauthorized-google-maps-api-key-usage-cases-and-why-you-need-to-care-1ccb28bf21e)\n",
-                "text": "Detects potential Google Maps API keys in code\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-wkhtml-injection.express-wkhtmltoimage-injection)\n - [https://www.npmjs.com/package/wkhtmltopdf](https://www.npmjs.com/package/wkhtmltopdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.google-maps-apikeyleak.google-maps-apikeyleak",
-              "id": "generic.secrets.security.google-maps-apikeyleak.google-maps-apikeyleak",
-              "name": "generic.secrets.security.google-maps-apikeyleak.google-maps-apikeyleak",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A3:2017 Sensitive Data Exposure",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.google-maps-apikeyleak.google-maps-apikeyleak"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key",
+              "name": "python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key"
               },
-              "fullDescription": {
-                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself."
+              "full_description": {
+                "text": "Detected a paramiko host key policy that implicitly trusts a server's host key. Host keys should be verified to ensure the connection is not to a malicious server. Use RejectPolicy or a custom subclass instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key",
               "help": {
-                "markdown": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.ssrf.web-client.ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n",
-                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a paramiko host key policy that implicitly trusts a server's host key. Host keys should be verified to ensure the connection is not to a malicious server. Use RejectPolicy or a custom subclass instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a paramiko host key policy that implicitly trusts a server's host key. Host keys should be verified to ensure the connection is not to a malicious server. Use RejectPolicy or a custom subclass instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key)\n - [http://docs.paramiko.org/en/stable/api/client.html#paramiko.client.AutoAddPolicy](http://docs.paramiko.org/en/stable/api/client.html#paramiko.client.AutoAddPolicy)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.ssrf.web-client.ssrf",
-              "id": "csharp.lang.security.ssrf.web-client.ssrf",
-              "name": "csharp.lang.security.ssrf.web-client.ssrf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-322: Key Exchange without Entity Authentication",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.ssrf.web-client.ssrf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service",
+              "name": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service"
               },
-              "fullDescription": {
-                "text": "RegExp() called with a `$ARG` function argument, this might allow an attacker to cause a Regular Expression Denial-of-Service (ReDoS) within your application as RegExP blocks the main thread. For this reason, it is recommended to use hardcoded regexes instead. If your regex is run on user-controlled input, consider performing input validation or use a regex checking/sanitization library such as https://www.npmjs.com/package/recheck to verify that the regex does not appear vulnerable to ReDoS."
+              "full_description": {
+                "text": "Service '$SERVICE' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service",
               "help": {
-                "markdown": "RegExp() called with a `$ARG` function argument, this might allow an attacker to cause a Regular Expression Denial-of-Service (ReDoS) within your application as RegExP blocks the main thread. For this reason, it is recommended to use hardcoded regexes instead. If your regex is run on user-controlled input, consider performing input validation or use a regex checking/sanitization library such as https://www.npmjs.com/package/recheck to verify that the regex does not appear vulnerable to ReDoS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp)\n - [https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)\n",
-                "text": "RegExp() called with a `$ARG` function argument, this might allow an attacker to cause a Regular Expression Denial-of-Service (ReDoS) within your application as RegExP blocks the main thread. For this reason, it is recommended to use hardcoded regexes instead. If your regex is run on user-controlled input, consider performing input validation or use a regex checking/sanitization library such as https://www.npmjs.com/package/recheck to verify that the regex does not appear vulnerable to ReDoS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Service '$SERVICE' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Service '$SERVICE' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service)\n - [https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir](https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir)\n - [https://blog.atomist.com/security-of-docker-kubernetes/](https://blog.atomist.com/security-of-docker-kubernetes/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-8-set-filesystem-and-volumes-to-read-only](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-8-set-filesystem-and-volumes-to-read-only)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp",
-              "id": "javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp",
-              "name": "javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1333: Inefficient Regular Expression Complexity",
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
                   "LOW CONFIDENCE",
                   "OWASP-A05:2021 - Security Misconfiguration",
                   "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "name": "ruby.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.aws-lambda.security.tainted-sql-string.tainted-sql-string"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`"
+              "full_description": {
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.aws-lambda.security.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.pg-sqli.pg-sqli)\n - [https://node-postgres.com/features/queries](https://node-postgres.com/features/queries)\n",
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.tainted-sql-string.tainted-sql-string)\n - [https://rorsecurity.info/portfolio/ruby-on-rails-sql-injection-cheat-sheet](https://rorsecurity.info/portfolio/ruby-on-rails-sql-injection-cheat-sheet)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.pg-sqli.pg-sqli",
-              "id": "javascript.aws-lambda.security.pg-sqli.pg-sqli",
-              "name": "javascript.aws-lambda.security.pg-sqli.pg-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -5656,245 +6225,256 @@
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.pg-sqli.pg-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.sqli.node-mssql-sqli.node-mssql-sqli",
+              "name": "javascript.lang.security.audit.sqli.node-mssql-sqli.node-mssql-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.sqli.node-mssql-sqli.node-mssql-sqli"
               },
-              "fullDescription": {
-                "text": "Ensure Kinesis video stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a `mssql` JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `$REQ.input('USER_ID', mssql.Int, id);`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-mssql-sqli.node-mssql-sqli",
               "help": {
-                "markdown": "Ensure Kinesis video stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-kinesis-video-stream-encrypted-with-cmk.aws-kinesis-video-stream-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure Kinesis video stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in a `mssql` JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `$REQ.input('USER_ID', mssql.Int, id);`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a `mssql` JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `$REQ.input('USER_ID', mssql.Int, id);`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-mssql-sqli.node-mssql-sqli)\n - [https://www.npmjs.com/package/mssql](https://www.npmjs.com/package/mssql)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-kinesis-video-stream-encrypted-with-cmk.aws-kinesis-video-stream-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-kinesis-video-stream-encrypted-with-cmk.aws-kinesis-video-stream-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-kinesis-video-stream-encrypted-with-cmk.aws-kinesis-video-stream-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-kinesis-video-stream-encrypted-with-cmk.aws-kinesis-video-stream-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.tainted-html-string.tainted-html-string",
+              "name": "python.aws-lambda.security.tainted-html-string.tainted-html-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.tainted-html-string.tainted-html-string"
               },
-              "fullDescription": {
-                "text": "When using Jackson to marshall/unmarshall JSON to Java objects, enabling default typing is dangerous and can lead to RCE. If an attacker can control `$JSON` it might be possible to provide a malicious JSON which can be used to exploit unsecure deserialization. In order to prevent this issue, avoid to enable default typing (globally or by using \"Per-class\" annotations) and avoid using `Object` and other dangerous types for member variable declaration which creating classes for Jackson based deserialization."
+              "full_description": {
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.tainted-html-string.tainted-html-string",
               "help": {
-                "markdown": "When using Jackson to marshall/unmarshall JSON to Java objects, enabling default typing is dangerous and can lead to RCE. If an attacker can control `$JSON` it might be possible to provide a malicious JSON which can be used to exploit unsecure deserialization. In order to prevent this issue, avoid to enable default typing (globally or by using \"Per-class\" annotations) and avoid using `Object` and other dangerous types for member variable declaration which creating classes for Jackson based deserialization.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.jackson-unsafe-deserialization.jackson-unsafe-deserialization)\n - [https://swapneildash.medium.com/understanding-insecure-implementation-of-jackson-deserialization-7b3d409d2038](https://swapneildash.medium.com/understanding-insecure-implementation-of-jackson-deserialization-7b3d409d2038)\n - [https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062](https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062)\n - [https://adamcaudill.com/2017/10/04/exploiting-jackson-rce-cve-2017-7525/](https://adamcaudill.com/2017/10/04/exploiting-jackson-rce-cve-2017-7525/)\n",
-                "text": "When using Jackson to marshall/unmarshall JSON to Java objects, enabling default typing is dangerous and can lead to RCE. If an attacker can control `$JSON` it might be possible to provide a malicious JSON which can be used to exploit unsecure deserialization. In order to prevent this issue, avoid to enable default typing (globally or by using \"Per-class\" annotations) and avoid using `Object` and other dangerous types for member variable declaration which creating classes for Jackson based deserialization.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.tainted-html-string.tainted-html-string)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.jackson-unsafe-deserialization.jackson-unsafe-deserialization",
-              "id": "java.lang.security.jackson-unsafe-deserialization.jackson-unsafe-deserialization",
-              "name": "java.lang.security.jackson-unsafe-deserialization.jackson-unsafe-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A8:2017 Insecure Deserialization",
-                  "OWASP-A8:2021 Software and Data Integrity Failures",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.jackson-unsafe-deserialization.jackson-unsafe-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-generic-secret.detected-generic-secret",
+              "name": "generic.secrets.security.detected-generic-secret.detected-generic-secret",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-generic-secret.detected-generic-secret"
               },
-              "fullDescription": {
-                "text": "The Mustache escape function is being overwritten. This could bypass HTML escaping safety measures built into the rendering engine, exposing your application to cross-site scripting (XSS) vulnerabilities. If you need unescaped HTML, use the triple brace operator in your template: '{{{ ... }}}'."
+              "full_description": {
+                "text": "Generic Secret detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-generic-secret.detected-generic-secret",
               "help": {
-                "markdown": "The Mustache escape function is being overwritten. This could bypass HTML escaping safety measures built into the rendering engine, exposing your application to cross-site scripting (XSS) vulnerabilities. If you need unescaped HTML, use the triple brace operator in your template: '{{{ ... }}}'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.escape-function-overwrite.escape-function-overwrite)\n - [https://github.com/janl/mustache.js/#variables](https://github.com/janl/mustache.js/#variables)\n",
-                "text": "The Mustache escape function is being overwritten. This could bypass HTML escaping safety measures built into the rendering engine, exposing your application to cross-site scripting (XSS) vulnerabilities. If you need unescaped HTML, use the triple brace operator in your template: '{{{ ... }}}'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Generic Secret detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Generic Secret detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-generic-secret.detected-generic-secret)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.escape-function-overwrite.escape-function-overwrite",
-              "id": "javascript.express.security.audit.xss.mustache.escape-function-overwrite.escape-function-overwrite",
-              "name": "javascript.express.security.audit.xss.mustache.escape-function-overwrite.escape-function-overwrite",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.mustache.escape-function-overwrite.escape-function-overwrite"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.pycryptodome.security.insecure-cipher-algorithm.insecure-cipher-algorithm-xor",
+              "name": "python.pycryptodome.security.insecure-cipher-algorithm.insecure-cipher-algorithm-xor",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insecure-cipher-algorithm.insecure-cipher-algorithm-xor"
               },
-              "fullDescription": {
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              "full_description": {
+                "text": "Detected XOR cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm.insecure-cipher-algorithm-xor",
               "help": {
-                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.jwt-go.security.jwt.hardcoded-jwt-key)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n",
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected XOR cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected XOR cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm.insecure-cipher-algorithm-xor)\n - [https://stackoverflow.com/questions/1135186/whats-wrong-with-xor-encryption](https://stackoverflow.com/questions/1135186/whats-wrong-with-xor-encryption)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.jwt-go.security.jwt.hardcoded-jwt-key",
-              "id": "go.jwt-go.security.jwt.hardcoded-jwt-key",
-              "name": "go.jwt-go.security.jwt.hardcoded-jwt-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.jwt-go.security.jwt.hardcoded-jwt-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.unescaped-template-extension.unescaped-template-extension",
+              "name": "python.flask.security.unescaped-template-extension.unescaped-template-extension",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.unescaped-template-extension.unescaped-template-extension"
               },
-              "fullDescription": {
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`flask.render_template`) which will safely render HTML instead."
+              "full_description": {
+                "text": "Flask does not automatically escape Jinja templates unless they have .html, .htm, .xml, or .xhtml extensions. This could lead to XSS attacks. Use .html, .htm, .xml, or .xhtml for your template extensions. See https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.unescaped-template-extension.unescaped-template-extension",
               "help": {
-                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`flask.render_template`) which will safely render HTML instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.raw-html-concat.raw-html-format)\n - [https://flask.palletsprojects.com/en/2.0.x/security/#cross-site-scripting-xss](https://flask.palletsprojects.com/en/2.0.x/security/#cross-site-scripting-xss)\n",
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`flask.render_template`) which will safely render HTML instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Flask does not automatically escape Jinja templates unless they have .html, .htm, .xml, or .xhtml extensions. This could lead to XSS attacks. Use .html, .htm, .xml, or .xhtml for your template extensions. See https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Flask does not automatically escape Jinja templates unless they have .html, .htm, .xml, or .xhtml extensions. This could lead to XSS attacks. Use .html, .htm, .xml, or .xhtml for your template extensions. See https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.unescaped-template-extension.unescaped-template-extension)\n - [https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup](https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup)\n - [https://semgrep.dev/blog/2020/bento-check-unescaped-template-extensions-in-flask/](https://semgrep.dev/blog/2020/bento-check-unescaped-template-extensions-in-flask/)\n - [https://bento.dev/checks/flask/unescaped-file-extension/](https://bento.dev/checks/flask/unescaped-file-extension/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.injection.raw-html-concat.raw-html-format",
-              "id": "python.flask.security.injection.raw-html-concat.raw-html-format",
-              "name": "python.flask.security.injection.raw-html-concat.raw-html-format",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.injection.raw-html-concat.raw-html-format"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.insecure-deserialization.binary-formatter.insecure-binaryformatter-deserialization",
+              "name": "csharp.lang.security.insecure-deserialization.binary-formatter.insecure-binaryformatter-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.binary-formatter.insecure-binaryformatter-deserialization"
               },
-              "fullDescription": {
-                "text": "The AWS CodeBuild Project Artifacts are unencrypted. The AWS KMS encryption key protects artifacts in the CodeBuild Projects. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              "full_description": {
+                "text": "The BinaryFormatter type is dangerous and is not recommended for data processing. Applications should stop using BinaryFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. BinaryFormatter is insecure and can't be made secure"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.binary-formatter.insecure-binaryformatter-deserialization",
               "help": {
-                "markdown": "The AWS CodeBuild Project Artifacts are unencrypted. The AWS KMS encryption key protects artifacts in the CodeBuild Projects. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-codebuild-project-artifacts-unencrypted.aws-codebuild-project-artifacts-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS CodeBuild Project Artifacts are unencrypted. The AWS KMS encryption key protects artifacts in the CodeBuild Projects. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The BinaryFormatter type is dangerous and is not recommended for data processing. Applications should stop using BinaryFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. BinaryFormatter is insecure and can't be made secure\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The BinaryFormatter type is dangerous and is not recommended for data processing. Applications should stop using BinaryFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. BinaryFormatter is insecure and can't be made secure\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.binary-formatter.insecure-binaryformatter-deserialization)\n - [https://docs.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide](https://docs.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-codebuild-project-artifacts-unencrypted.aws-codebuild-project-artifacts-unencrypted",
-              "id": "terraform.aws.security.aws-codebuild-project-artifacts-unencrypted.aws-codebuild-project-artifacts-unencrypted",
-              "name": "terraform.aws.security.aws-codebuild-project-artifacts-unencrypted.aws-codebuild-project-artifacts-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-codebuild-project-artifacts-unencrypted.aws-codebuild-project-artifacts-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.spring.security.audit.spring-sqli.spring-sqli",
+              "name": "java.spring.security.audit.spring-sqli.spring-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.audit.spring-sqli.spring-sqli"
               },
-              "fullDescription": {
-                "text": "Checks for attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted."
+              "full_description": {
+                "text": "Detected a string argument from a public method contract in a raw SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.audit.spring-sqli.spring-sqli",
               "help": {
-                "markdown": "Checks for attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.telnet-request.telnet-request)\n - [https://commons.apache.org/proper/commons-net/javadocs/api-3.6/org/apache/commons/net/telnet/TelnetClient.html](https://commons.apache.org/proper/commons-net/javadocs/api-3.6/org/apache/commons/net/telnet/TelnetClient.html)\n",
-                "text": "Checks for attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a string argument from a public method contract in a raw SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a string argument from a public method contract in a raw SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spring-sqli.spring-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.telnet-request.telnet-request",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.telnet-request.telnet-request",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.telnet-request.telnet-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.telnet-request.telnet-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.http-response-splitting.http-response-splitting",
+              "name": "java.lang.security.audit.http-response-splitting.http-response-splitting",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.http-response-splitting.http-response-splitting"
               },
-              "fullDescription": {
-                "text": "The use of $sce.trustAsCss can be dangerous if unsanitized user input flows through this API."
+              "full_description": {
+                "text": "Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters. This finding is reported for completeness; it is recommended to ensure your environment is not affected by testing this yourself."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.http-response-splitting.http-response-splitting",
               "help": {
-                "markdown": "The use of $sce.trustAsCss can be dangerous if unsanitized user input flows through this API.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-css.detect-angular-trust-as-css-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsCss](https://docs.angularjs.org/api/ng/service/$sce#trustAsCss)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "The use of $sce.trustAsCss can be dangerous if unsanitized user input flows through this API.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters. This finding is reported for completeness; it is recommended to ensure your environment is not affected by testing this yourself.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters. This finding is reported for completeness; it is recommended to ensure your environment is not affected by testing this yourself.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.http-response-splitting.http-response-splitting)\n - [https://www.owasp.org/index.php/HTTP_Response_Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-css.detect-angular-trust-as-css-method",
-              "id": "javascript.angular.security.detect-angular-trust-as-css.detect-angular-trust-as-css-method",
-              "name": "javascript.angular.security.detect-angular-trust-as-css.detect-angular-trust-as-css-method",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-css.detect-angular-trust-as-css-method"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.xss.templates.avoid-raw.avoid-raw",
+              "name": "ruby.rails.security.audit.xss.templates.avoid-raw.avoid-raw",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.avoid-raw.avoid-raw"
               },
-              "fullDescription": {
-                "text": "'render text: ...' actually sets the content-type to 'text/html'. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Instead, use 'render plain: ...' to render non-HTML text."
+              "full_description": {
+                "text": "'raw' renders raw HTML, as the name implies. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-raw.avoid-raw",
               "help": {
-                "markdown": "'render text: ...' actually sets the content-type to 'text/html'. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Instead, use 'render plain: ...' to render non-HTML text.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-text.avoid-render-text)\n - [https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#inline-renders---even-worse-than-xss](https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#inline-renders---even-worse-than-xss)\n",
-                "text": "'render text: ...' actually sets the content-type to 'text/html'. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Instead, use 'render plain: ...' to render non-HTML text.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'raw' renders raw HTML, as the name implies. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'raw' renders raw HTML, as the name implies. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-raw.avoid-raw)\n - [https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===](https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===)\n - [https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027](https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-text.avoid-render-text",
-              "id": "ruby.rails.security.audit.xss.avoid-render-text.avoid-render-text",
-              "name": "ruby.rails.security.audit.xss.avoid-render-text.avoid-render-text",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -5904,3074 +6484,3171 @@
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
+              }
+            },
+            {
+              "id": "javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage",
+              "name": "javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-render-text.avoid-render-text"
+              "full_description": {
+                "text": "A CSRF middleware was not detected in your express application. Ensure you are either using one such as `csurf` or `csrf` (see rule references) and/or you are properly doing CSRF validation in your routes with a token or cookies."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage",
+              "help": {
+                "text": "A CSRF middleware was not detected in your express application. Ensure you are either using one such as `csurf` or `csrf` (see rule references) and/or you are properly doing CSRF validation in your routes with a token or cookies.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A CSRF middleware was not detected in your express application. Ensure you are either using one such as `csurf` or `csrf` (see rule references) and/or you are properly doing CSRF validation in your routes with a token or cookies.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage)\n - [https://www.npmjs.com/package/csurf](https://www.npmjs.com/package/csurf)\n - [https://www.npmjs.com/package/csrf](https://www.npmjs.com/package/csrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.xml-decoder.xml-decoder",
+              "name": "java.lang.security.audit.xml-decoder.xml-decoder",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.xml-decoder.xml-decoder"
+              },
+              "full_description": {
+                "text": "XMLDecoder should not be used to parse untrusted data. Deserializing user input can lead to arbitrary code execution. Use an alternative and explicitly disable external entities. See https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html for alternatives and vulnerability prevention."
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.xml-decoder.xml-decoder",
               "help": {
-                "markdown": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-goto-injection.playwright-goto-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "XMLDecoder should not be used to parse untrusted data. Deserializing user input can lead to arbitrary code execution. Use an alternative and explicitly disable external entities. See https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html for alternatives and vulnerability prevention.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "XMLDecoder should not be used to parse untrusted data. Deserializing user input can lead to arbitrary code execution. Use an alternative and explicitly disable external entities. See https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html for alternatives and vulnerability prevention.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xml-decoder.xml-decoder)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-goto-injection.playwright-goto-injection",
-              "id": "javascript.playwright.security.audit.playwright-goto-injection.playwright-goto-injection",
-              "name": "javascript.playwright.security.audit.playwright-goto-injection.playwright-goto-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-goto-injection.playwright-goto-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.docker.security.audit.docker-arbitrary-container-run.docker-arbitrary-container-run",
+              "name": "python.docker.security.audit.docker-arbitrary-container-run.docker-arbitrary-container-run",
+              "short_description": {
+                "text": "Semgrep Finding: python.docker.security.audit.docker-arbitrary-container-run.docker-arbitrary-container-run"
               },
-              "fullDescription": {
-                "text": "Detected an AWS CloudFront Distribution with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `minimum_protocol_version` to `\"TLSv1.2_2018\", \"TLSv1.2_2019\" or \"TLSv1.2_2021\"`."
+              "full_description": {
+                "text": "If unverified user data can reach the `run` or `create` method it can result in running arbitrary container."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.docker.security.audit.docker-arbitrary-container-run.docker-arbitrary-container-run",
               "help": {
-                "markdown": "Detected an AWS CloudFront Distribution with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `minimum_protocol_version` to `\"TLSv1.2_2018\", \"TLSv1.2_2019\" or \"TLSv1.2_2021\"`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-cloudfront-insecure-tls.aws-insecure-cloudfront-distribution-tls-version)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected an AWS CloudFront Distribution with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `minimum_protocol_version` to `\"TLSv1.2_2018\", \"TLSv1.2_2019\" or \"TLSv1.2_2021\"`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `run` or `create` method it can result in running arbitrary container.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `run` or `create` method it can result in running arbitrary container.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.docker.security.audit.docker-arbitrary-container-run.docker-arbitrary-container-run)\n - [https://cwe.mitre.org/data/definitions/250.html](https://cwe.mitre.org/data/definitions/250.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-cloudfront-insecure-tls.aws-insecure-cloudfront-distribution-tls-version",
-              "id": "terraform.aws.security.aws-cloudfront-insecure-tls.aws-insecure-cloudfront-distribution-tls-version",
-              "name": "terraform.aws.security.aws-cloudfront-insecure-tls.aws-insecure-cloudfront-distribution-tls-version",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-250: Execution with Unnecessary Privileges",
+                  "LOW CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-cloudfront-insecure-tls.aws-insecure-cloudfront-distribution-tls-version"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.sqli.pg-orm-sqli.pg-orm-sqli",
+              "name": "go.lang.security.audit.sqli.pg-orm-sqli.pg-orm-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.sqli.pg-orm-sqli.pg-orm-sqli"
               },
-              "fullDescription": {
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a go-pg ORM SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, do not use strings concatenated with user-controlled input. Instead, use parameterized statements."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.sqli.pg-orm-sqli.pg-orm-sqli",
               "help": {
-                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.aws-lambda.security.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n",
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in a go-pg ORM SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, do not use strings concatenated with user-controlled input. Instead, use parameterized statements.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a go-pg ORM SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, do not use strings concatenated with user-controlled input. Instead, use parameterized statements.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.sqli.pg-orm-sqli.pg-orm-sqli)\n - [https://pg.uptrace.dev/queries/](https://pg.uptrace.dev/queries/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.aws-lambda.security.tainted-sql-string.tainted-sql-string",
-              "id": "java.aws-lambda.security.tainted-sql-string.tainted-sql-string",
-              "name": "java.aws-lambda.security.tainted-sql-string.tainted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.aws-lambda.security.tainted-sql-string.tainted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.eval-detected.eval-detected",
+              "name": "python.lang.security.audit.eval-detected.eval-detected",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.eval-detected.eval-detected"
               },
-              "fullDescription": {
-                "text": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities"
+              "full_description": {
+                "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.eval-detected.eval-detected",
               "help": {
-                "markdown": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.insecure-document-method.insecure-document-method)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.eval-detected.eval-detected)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.browser.security.insecure-document-method.insecure-document-method",
-              "id": "javascript.browser.security.insecure-document-method.insecure-document-method",
-              "name": "javascript.browser.security.insecure-document-method.insecure-document-method",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.browser.security.insecure-document-method.insecure-document-method"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.play.security.conf-insecure-cookie-settings.conf-insecure-cookie-settings",
+              "name": "scala.play.security.conf-insecure-cookie-settings.conf-insecure-cookie-settings",
+              "short_description": {
+                "text": "Semgrep Finding: scala.play.security.conf-insecure-cookie-settings.conf-insecure-cookie-settings"
               },
-              "fullDescription": {
-                "text": "An object-returning LDAP search will allow attackers to control the LDAP response. This could lead to Remote Code Execution."
+              "full_description": {
+                "text": "Session cookie `Secure` flag is explicitly disabled. The `secure` flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the `Secure` flag by setting `secure` to `true` in configuration file."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/scala.play.security.conf-insecure-cookie-settings.conf-insecure-cookie-settings",
               "help": {
-                "markdown": "An object-returning LDAP search will allow attackers to control the LDAP response. This could lead to Remote Code Execution.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.ldap-entry-poisoning.ldap-entry-poisoning)\n - [https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf](https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html)\n",
-                "text": "An object-returning LDAP search will allow attackers to control the LDAP response. This could lead to Remote Code Execution.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Session cookie `Secure` flag is explicitly disabled. The `secure` flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the `Secure` flag by setting `secure` to `true` in configuration file.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Session cookie `Secure` flag is explicitly disabled. The `secure` flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the `Secure` flag by setting `secure` to `true` in configuration file.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.play.security.conf-insecure-cookie-settings.conf-insecure-cookie-settings)\n - [https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#security](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#security)\n - [https://www.playframework.com/documentation/2.8.x/SettingsSession#Session-Configuration](https://www.playframework.com/documentation/2.8.x/SettingsSession#Session-Configuration)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.ldap-entry-poisoning.ldap-entry-poisoning",
-              "id": "java.lang.security.audit.ldap-entry-poisoning.ldap-entry-poisoning",
-              "name": "java.lang.security.audit.ldap-entry-poisoning.ldap-entry-poisoning",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.ldap-entry-poisoning.ldap-entry-poisoning"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.scala-jwt.security.jwt-hardcode.scala-jwt-hardcoded-secret",
+              "name": "scala.scala-jwt.security.jwt-hardcode.scala-jwt-hardcoded-secret",
+              "short_description": {
+                "text": "Semgrep Finding: scala.scala-jwt.security.jwt-hardcode.scala-jwt-hardcoded-secret"
               },
-              "fullDescription": {
-                "text": "`serialize-javascript` used with `unsafe` parameter, this could be vulnerable to XSS."
+              "full_description": {
+                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/scala.scala-jwt.security.jwt-hardcode.scala-jwt-hardcoded-secret",
               "help": {
-                "markdown": "`serialize-javascript` used with `unsafe` parameter, this could be vulnerable to XSS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.serialize-javascript.security.audit.unsafe-serialize-javascript.unsafe-serialize-javascript)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "`serialize-javascript` used with `unsafe` parameter, this could be vulnerable to XSS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.scala-jwt.security.jwt-hardcode.scala-jwt-hardcoded-secret)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.serialize-javascript.security.audit.unsafe-serialize-javascript.unsafe-serialize-javascript",
-              "id": "javascript.serialize-javascript.security.audit.unsafe-serialize-javascript.unsafe-serialize-javascript",
-              "name": "javascript.serialize-javascript.security.audit.unsafe-serialize-javascript.unsafe-serialize-javascript",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.serialize-javascript.security.audit.unsafe-serialize-javascript.unsafe-serialize-javascript"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "rust.lang.security.rustls-dangerous.rustls-dangerous",
+              "name": "rust.lang.security.rustls-dangerous.rustls-dangerous",
+              "short_description": {
+                "text": "Semgrep Finding: rust.lang.security.rustls-dangerous.rustls-dangerous"
               },
-              "fullDescription": {
-                "text": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized."
+              "full_description": {
+                "text": "Dangerous client config used, ensure SSL verification"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/rust.lang.security.rustls-dangerous.rustls-dangerous",
               "help": {
-                "markdown": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Dangerous client config used, ensure SSL verification\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Dangerous client config used, ensure SSL verification\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/rust.lang.security.rustls-dangerous.rustls-dangerous)\n - [https://docs.rs/rustls/latest/rustls/client/struct.DangerousClientConfig.html](https://docs.rs/rustls/latest/rustls/client/struct.DangerousClientConfig.html)\n - [https://docs.rs/rustls/latest/rustls/client/struct.ClientConfig.html#method.dangerous](https://docs.rs/rustls/latest/rustls/client/struct.ClientConfig.html#method.dangerous)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
-              "id": "java.lang.security.audit.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
-              "name": "java.lang.security.audit.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-295: Improper Certificate Validation",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.xss.global-autoescape-off.global-autoescape-off",
+              "name": "python.django.security.audit.xss.global-autoescape-off.global-autoescape-off",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.global-autoescape-off.global-autoescape-off"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a psycopg2 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements by creating a 'sql.SQL' string. You can also use the pyformat binding style to create parameterized queries. For example: 'cur.execute(SELECT * FROM table WHERE name=%s, user_input)'"
+              "full_description": {
+                "text": "Autoescape is globally disbaled for this Django application. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.global-autoescape-off.global-autoescape-off",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a psycopg2 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements by creating a 'sql.SQL' string. You can also use the pyformat binding style to create parameterized queries. For example: 'cur.execute(SELECT * FROM table WHERE name=%s, user_input)'\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli)\n - [https://www.psycopg.org/docs/sql.html](https://www.psycopg.org/docs/sql.html)\n",
-                "text": "Detected string concatenation with a non-literal variable in a psycopg2 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements by creating a 'sql.SQL' string. You can also use the pyformat binding style to create parameterized queries. For example: 'cur.execute(SELECT * FROM table WHERE name=%s, user_input)'\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Autoescape is globally disbaled for this Django application. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Autoescape is globally disbaled for this Django application. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.global-autoescape-off.global-autoescape-off)\n - [https://docs.djangoproject.com/en/3.1/ref/settings/#templates](https://docs.djangoproject.com/en/3.1/ref/settings/#templates)\n - [https://docs.djangoproject.com/en/3.1/topics/templates/#django.template.backends.django.DjangoTemplates](https://docs.djangoproject.com/en/3.1/topics/templates/#django.template.backends.django.DjangoTemplates)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli",
-              "id": "python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli",
-              "name": "python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.nan-injection.nan-injection",
+              "name": "python.django.security.nan-injection.nan-injection",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.nan-injection.nan-injection"
               },
-              "fullDescription": {
-                "text": "RSA keys should be at least 2048 bits"
+              "full_description": {
+                "text": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.nan-injection.nan-injection",
               "help": {
-                "markdown": "RSA keys should be at least 2048 bits\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_rsa_key.use-of-weak-rsa-key)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms)\n",
-                "text": "RSA keys should be at least 2048 bits\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.nan-injection.nan-injection)\n - [https://discuss.python.org/t/nan-breaks-min-max-and-sorting-functions-a-solution/2868](https://discuss.python.org/t/nan-breaks-min-max-and-sorting-functions-a-solution/2868)\n - [https://blog.bitdiscovery.com/2021/12/python-nan-injection/](https://blog.bitdiscovery.com/2021/12/python-nan-injection/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_rsa_key.use-of-weak-rsa-key",
-              "id": "go.lang.security.audit.crypto.use_of_weak_rsa_key.use-of-weak-rsa-key",
-              "name": "go.lang.security.audit.crypto.use_of_weak_rsa_key.use-of-weak-rsa-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-704: Incorrect Type Conversion or Cast",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.use_of_weak_rsa_key.use-of-weak-rsa-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret",
+              "name": "python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret",
+              "short_description": {
+                "text": "Semgrep Finding: python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret"
               },
-              "fullDescription": {
-                "text": "Spring Boot Actuator is fully enabled. This exposes sensitive endpoints such as /actuator/env, /actuator/logfile, /actuator/heapdump and others. Unless you have Spring Security enabled or another means to protect these endpoints, this functionality is available without authentication, causing a significant security risk."
+              "full_description": {
+                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret",
               "help": {
-                "markdown": "Spring Boot Actuator is fully enabled. This exposes sensitive endpoints such as /actuator/env, /actuator/logfile, /actuator/heapdump and others. Unless you have Spring Security enabled or another means to protect these endpoints, this functionality is available without authentication, causing a significant security risk.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spring-actuator-fully-enabled.spring-actuator-fully-enabled)\n - [https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-features.html#production-ready-endpoints-exposing-endpoints](https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-features.html#production-ready-endpoints-exposing-endpoints)\n - [https://medium.com/walmartglobaltech/perils-of-spring-boot-actuators-misconfiguration-185c43a0f785](https://medium.com/walmartglobaltech/perils-of-spring-boot-actuators-misconfiguration-185c43a0f785)\n - [https://blog.maass.xyz/spring-actuator-security-part-1-stealing-secrets-using-spring-actuators](https://blog.maass.xyz/spring-actuator-security-part-1-stealing-secrets-using-spring-actuators)\n",
-                "text": "Spring Boot Actuator is fully enabled. This exposes sensitive endpoints such as /actuator/env, /actuator/logfile, /actuator/heapdump and others. Unless you have Spring Security enabled or another means to protect these endpoints, this functionality is available without authentication, causing a significant security risk.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret)\n - [https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/](https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.audit.spring-actuator-fully-enabled.spring-actuator-fully-enabled",
-              "id": "java.spring.security.audit.spring-actuator-fully-enabled.spring-actuator-fully-enabled",
-              "name": "java.spring.security.audit.spring-actuator-fully-enabled.spring-actuator-fully-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.audit.spring-actuator-fully-enabled.spring-actuator-fully-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.sandbox.security.audit.sandbox-code-injection.sandbox-code-injection",
+              "name": "javascript.sandbox.security.audit.sandbox-code-injection.sandbox-code-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.sandbox.security.audit.sandbox-code-injection.sandbox-code-injection"
               },
-              "fullDescription": {
-                "text": "NPM registry authentication token detected"
+              "full_description": {
+                "text": "Make sure that unverified user data can not reach `sandbox`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.sandbox.security.audit.sandbox-code-injection.sandbox-code-injection",
               "help": {
-                "markdown": "NPM registry authentication token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "NPM registry authentication token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Make sure that unverified user data can not reach `sandbox`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Make sure that unverified user data can not reach `sandbox`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sandbox.security.audit.sandbox-code-injection.sandbox-code-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token",
-              "id": "generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token",
-              "name": "generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.jose.security.jwt-hardcode.hardcoded-jwt-secret",
+              "name": "javascript.jose.security.jwt-hardcode.hardcoded-jwt-secret",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.jose.security.jwt-hardcode.hardcoded-jwt-secret"
               },
-              "fullDescription": {
-                "text": "IPv6Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'."
+              "full_description": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.jose.security.jwt-hardcode.hardcoded-jwt-secret",
               "help": {
-                "markdown": "IPv6Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv6network2)\n",
-                "text": "IPv6Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jose.security.jwt-hardcode.hardcoded-jwt-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv6network2",
-              "id": "python.lang.compatibility.python37.python37-compatibility-ipv6network2",
-              "name": "python.lang.compatibility.python37.python37-compatibility-ipv6network2",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-ipv6network2"
+                "tags": [
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.go-stdlib.ftp-request.ftp-request",
+              "name": "problem-based-packs.insecure-transport.go-stdlib.ftp-request.ftp-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.ftp-request.ftp-request"
               },
-              "fullDescription": {
-                "text": "Insecure SMTP connection detected. This connection will trust any SSL certificate. Enable certificate verification by setting 'email.setSSLCheckServerIdentity(true)'."
+              "full_description": {
+                "text": "Checks for outgoing connections to ftp servers with the ftp package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.ftp-request.ftp-request",
               "help": {
-                "markdown": "Insecure SMTP connection detected. This connection will trust any SSL certificate. Enable certificate verification by setting 'email.setSSLCheckServerIdentity(true)'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.insecure-smtp-connection.insecure-smtp-connection)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Insecure SMTP connection detected. This connection will trust any SSL certificate. Enable certificate verification by setting 'email.setSSLCheckServerIdentity(true)'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for outgoing connections to ftp servers with the ftp package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for outgoing connections to ftp servers with the ftp package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.ftp-request.ftp-request)\n - [https://godoc.org/github.com/jlaffaye/ftp#Dial](https://godoc.org/github.com/jlaffaye/ftp#Dial)\n - [https://github.com/jlaffaye/ftp](https://github.com/jlaffaye/ftp)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.insecure-smtp-connection.insecure-smtp-connection",
-              "id": "java.lang.security.audit.insecure-smtp-connection.insecure-smtp-connection",
-              "name": "java.lang.security.audit.insecure-smtp-connection.insecure-smtp-connection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-297: Improper Validation of Certificate with Host Mismatch",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.insecure-smtp-connection.insecure-smtp-connection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.xss.context-autoescape-off.context-autoescape-off",
+              "name": "python.django.security.audit.xss.context-autoescape-off.context-autoescape-off",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.context-autoescape-off.context-autoescape-off"
               },
-              "fullDescription": {
-                "text": "Missing EKS control plane logging. It is recommended to enable at least Kubernetes API server component logs (\"api\") and audit logs (\"audit\") of the EKS control plane through the enabled_cluster_log_types attribute."
+              "full_description": {
+                "text": "Detected a Context with autoescape disabled. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.context-autoescape-off.context-autoescape-off",
               "help": {
-                "markdown": "Missing EKS control plane logging. It is recommended to enable at least Kubernetes API server component logs (\"api\") and audit logs (\"audit\") of the EKS control plane through the enabled_cluster_log_types attribute.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.eks-insufficient-control-plane-logging.eks-insufficient-control-plane-logging)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#enabling-control-plane-logging](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#enabling-control-plane-logging)\n - [https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html)\n",
-                "text": "Missing EKS control plane logging. It is recommended to enable at least Kubernetes API server component logs (\"api\") and audit logs (\"audit\") of the EKS control plane through the enabled_cluster_log_types attribute.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a Context with autoescape disabled. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a Context with autoescape disabled. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.context-autoescape-off.context-autoescape-off)\n - [https://docs.djangoproject.com/en/3.1/ref/settings/#templates](https://docs.djangoproject.com/en/3.1/ref/settings/#templates)\n - [https://docs.djangoproject.com/en/3.1/topics/templates/#django.template.backends.django.DjangoTemplates](https://docs.djangoproject.com/en/3.1/topics/templates/#django.template.backends.django.DjangoTemplates)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.eks-insufficient-control-plane-logging.eks-insufficient-control-plane-logging",
-              "id": "terraform.lang.security.eks-insufficient-control-plane-logging.eks-insufficient-control-plane-logging",
-              "name": "terraform.lang.security.eks-insufficient-control-plane-logging.eks-insufficient-control-plane-logging",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-778: Insufficient Logging",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A09:2021 - Security Logging and Monitoring Failures",
-                  "OWASP-A10:2017 - Insufficient Logging & Monitoring",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.eks-insufficient-control-plane-logging.eks-insufficient-control-plane-logging"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.xss.var-in-script-tag.var-in-script-tag",
+              "name": "python.django.security.audit.xss.var-in-script-tag.var-in-script-tag",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.var-in-script-tag.var-in-script-tag"
               },
-              "fullDescription": {
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              "full_description": {
+                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.var-in-script-tag.var-in-script-tag",
               "help": {
-                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.jdo-sqli.jdo-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.var-in-script-tag.var-in-script-tag)\n - [https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A](https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.sqli.jdo-sqli.jdo-sqli",
-              "id": "java.lang.security.audit.sqli.jdo-sqli.jdo-sqli",
-              "name": "java.lang.security.audit.sqli.jdo-sqli.jdo-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.sqli.jdo-sqli.jdo-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.dangerous-spawn-shell.dangerous-spawn-shell",
+              "name": "javascript.lang.security.audit.dangerous-spawn-shell.dangerous-spawn-shell",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.dangerous-spawn-shell.dangerous-spawn-shell"
               },
-              "fullDescription": {
-                "text": "Detected the use of 'RawSQL' or 'raw' indicating the execution of a non-parameterized SQL query. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use Django ORM and parameterized queries before raw SQL. An example of using the Django ORM is: `People.objects.get(name='Bob')`"
+              "full_description": {
+                "text": "Detected non-literal calls to $EXEC(). This could lead to a command injection vulnerability."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.dangerous-spawn-shell.dangerous-spawn-shell",
               "help": {
-                "markdown": "Detected the use of 'RawSQL' or 'raw' indicating the execution of a non-parameterized SQL query. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use Django ORM and parameterized queries before raw SQL. An example of using the Django ORM is: `People.objects.get(name='Bob')`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.raw-query.avoid-raw-sql)\n - [https://docs.djangoproject.com/en/3.0/ref/models/expressions/#raw-sql-expressions](https://docs.djangoproject.com/en/3.0/ref/models/expressions/#raw-sql-expressions)\n - [https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/](https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/)\n",
-                "text": "Detected the use of 'RawSQL' or 'raw' indicating the execution of a non-parameterized SQL query. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use Django ORM and parameterized queries before raw SQL. An example of using the Django ORM is: `People.objects.get(name='Bob')`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected non-literal calls to $EXEC(). This could lead to a command injection vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-literal calls to $EXEC(). This could lead to a command injection vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.dangerous-spawn-shell.dangerous-spawn-shell)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html#do-not-use-dangerous-functions](https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html#do-not-use-dangerous-functions)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.raw-query.avoid-raw-sql",
-              "id": "python.django.security.audit.raw-query.avoid-raw-sql",
-              "name": "python.django.security.audit.raw-query.avoid-raw-sql",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.raw-query.avoid-raw-sql"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.kubernetes.security.skip-tls-verify-cluster.skip-tls-verify-cluster",
+              "name": "yaml.kubernetes.security.skip-tls-verify-cluster.skip-tls-verify-cluster",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.skip-tls-verify-cluster.skip-tls-verify-cluster"
               },
-              "fullDescription": {
-                "text": "SSLv3 is insecure because it has known vulnerabilities. Starting with go1.14, SSLv3 will be removed. Instead, use 'tls.VersionTLS13'."
+              "full_description": {
+                "text": "Cluster is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecure-skip-tls-verify: true' key to secure communication."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.skip-tls-verify-cluster.skip-tls-verify-cluster",
               "help": {
-                "markdown": "SSLv3 is insecure because it has known vulnerabilities. Starting with go1.14, SSLv3 will be removed. Instead, use 'tls.VersionTLS13'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.ssl.ssl-v3-is-insecure)\n - [https://golang.org/doc/go1.14#crypto/tls](https://golang.org/doc/go1.14#crypto/tls)\n - [https://www.us-cert.gov/ncas/alerts/TA14-290A](https://www.us-cert.gov/ncas/alerts/TA14-290A)\n",
-                "text": "SSLv3 is insecure because it has known vulnerabilities. Starting with go1.14, SSLv3 will be removed. Instead, use 'tls.VersionTLS13'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Cluster is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecure-skip-tls-verify: true' key to secure communication.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Cluster is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecure-skip-tls-verify: true' key to secure communication.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.skip-tls-verify-cluster.skip-tls-verify-cluster)\n - [https://kubernetes.io/docs/reference/config-api/client-authentication.v1beta1/#client-authentication-k8s-io-v1beta1-Cluster](https://kubernetes.io/docs/reference/config-api/client-authentication.v1beta1/#client-authentication-k8s-io-v1beta1-Cluster)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.ssl.ssl-v3-is-insecure",
-              "id": "go.lang.security.audit.crypto.ssl.ssl-v3-is-insecure",
-              "name": "go.lang.security.audit.crypto.ssl.ssl-v3-is-insecure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.ssl.ssl-v3-is-insecure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.xss.avoid-default-routes.avoid-default-routes",
+              "name": "ruby.rails.security.audit.xss.avoid-default-routes.avoid-default-routes",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-default-routes.avoid-default-routes"
               },
-              "fullDescription": {
-                "text": "When data from an untrusted source is put into a logger and not neutralized correctly, an attacker could forge log entries or include malicious content."
+              "full_description": {
+                "text": "Default routes are enabled in this routes file. This means any public method on a controller can be called as an action. It is very easy to accidentally expose a method you didn't mean to. Instead, remove this line and explicitly include all routes you intend external users to follow."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-default-routes.avoid-default-routes",
               "help": {
-                "markdown": "When data from an untrusted source is put into a logger and not neutralized correctly, an attacker could forge log entries or include malicious content.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crlf-injection-logs.crlf-injection-logs)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "When data from an untrusted source is put into a logger and not neutralized correctly, an attacker could forge log entries or include malicious content.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Default routes are enabled in this routes file. This means any public method on a controller can be called as an action. It is very easy to accidentally expose a method you didn't mean to. Instead, remove this line and explicitly include all routes you intend external users to follow.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Default routes are enabled in this routes file. This means any public method on a controller can be called as an action. It is very easy to accidentally expose a method you didn't mean to. Instead, remove this line and explicitly include all routes you intend external users to follow.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-default-routes.avoid-default-routes)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/default_routes/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/default_routes/index.markdown)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crlf-injection-logs.crlf-injection-logs",
-              "id": "java.lang.security.audit.crlf-injection-logs.crlf-injection-logs",
-              "name": "java.lang.security.audit.crlf-injection-logs.crlf-injection-logs",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-276: Incorrect Default Permissions",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crlf-injection-logs.crlf-injection-logs"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-glacier-vault-any-principal.aws-glacier-vault-any-principal",
+              "name": "terraform.aws.security.aws-glacier-vault-any-principal.aws-glacier-vault-any-principal",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-glacier-vault-any-principal.aws-glacier-vault-any-principal"
               },
-              "fullDescription": {
-                "text": "Use of RC4 was detected. RC4 is vulnerable to several attacks, including stream cipher attacks and bit flipping attacks. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
+              "full_description": {
+                "text": "Detected wildcard access granted to Glacier Vault. This means anyone within your AWS account ID can perform actions on Glacier resources. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:<identity>`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-glacier-vault-any-principal.aws-glacier-vault-any-principal",
               "help": {
-                "markdown": "Use of RC4 was detected. RC4 is vulnerable to several attacks, including stream cipher attacks and bit flipping attacks. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-rc4.use-of-rc4)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n - [https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html](https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html)\n",
-                "text": "Use of RC4 was detected. RC4 is vulnerable to several attacks, including stream cipher attacks and bit flipping attacks. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected wildcard access granted to Glacier Vault. This means anyone within your AWS account ID can perform actions on Glacier resources. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:<identity>`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected wildcard access granted to Glacier Vault. This means anyone within your AWS account ID can perform actions on Glacier resources. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:<identity>`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-glacier-vault-any-principal.aws-glacier-vault-any-principal)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-rc4.use-of-rc4",
-              "id": "java.lang.security.audit.crypto.use-of-rc4.use-of-rc4",
-              "name": "java.lang.security.audit.crypto.use-of-rc4.use-of-rc4",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-rc4.use-of-rc4"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions2.disallow-old-tls-versions2",
+              "name": "problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions2.disallow-old-tls-versions2",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions2.disallow-old-tls-versions2"
               },
-              "fullDescription": {
-                "text": "Found a formatted template string passed to 'template.JS()'. 'template.JS()' does not escape contents. Be absolutely sure there is no user-controlled data in this template."
+              "full_description": {
+                "text": "Detects creations of $HTTPS servers from option objects that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions2.disallow-old-tls-versions2",
               "help": {
-                "markdown": "Found a formatted template string passed to 'template.JS()'. 'template.JS()' does not escape contents. Be absolutely sure there is no user-controlled data in this template.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-js.unescaped-data-in-js)\n - [https://golang.org/pkg/html/template/#JS](https://golang.org/pkg/html/template/#JS)\n",
-                "text": "Found a formatted template string passed to 'template.JS()'. 'template.JS()' does not escape contents. Be absolutely sure there is no user-controlled data in this template.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detects creations of $HTTPS servers from option objects that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detects creations of $HTTPS servers from option objects that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions2.disallow-old-tls-versions2)\n - [https://us-cert.cisa.gov/ncas/alerts/TA14-290A](https://us-cert.cisa.gov/ncas/alerts/TA14-290A)\n - [https://stackoverflow.com/questions/40434934/how-to-disable-the-ssl-3-0-and-tls-1-0-in-nodejs](https://stackoverflow.com/questions/40434934/how-to-disable-the-ssl-3-0-and-tls-1-0-in-nodejs)\n - [https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-js.unescaped-data-in-js",
-              "id": "go.lang.security.audit.net.unescaped-data-in-js.unescaped-data-in-js",
-              "name": "go.lang.security.audit.net.unescaped-data-in-js.unescaped-data-in-js",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.unescaped-data-in-js.unescaped-data-in-js"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
-              },
-              "fullDescription": {
-                "text": "Key vault Secret should have a content type set"
-              },
-              "help": {
-                "markdown": "Key vault Secret should have a content type set\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#content_type](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#content_type)\n - [https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets](https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets)\n",
-                "text": "Key vault Secret should have a content type set\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret",
-              "id": "terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret",
-              "name": "terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
+              "id": "terraform.azure.security.appservice.appservice-enable-http2.appservice-enable-http2",
+              "name": "terraform.azure.security.appservice.appservice-enable-http2.appservice-enable-http2",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-enable-http2.appservice-enable-http2"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret"
-              }
-            },
-            {
-              "defaultConfiguration": {
-                "level": "error"
+              "full_description": {
+                "text": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your appservice resource block"
               },
-              "fullDescription": {
-                "text": "certificate verification explicitly disabled, insecure connections possible"
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-enable-http2.appservice-enable-http2",
               "help": {
-                "markdown": "certificate verification explicitly disabled, insecure connections possible\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.network.disabled-cert-validation.disabled-cert-validation)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "certificate verification explicitly disabled, insecure connections possible\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your appservice resource block\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your appservice resource block\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-enable-http2.appservice-enable-http2)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#http2_enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#http2_enabled)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.network.disabled-cert-validation.disabled-cert-validation",
-              "id": "python.lang.security.audit.network.disabled-cert-validation.disabled-cert-validation",
-              "name": "python.lang.security.audit.network.disabled-cert-validation.disabled-cert-validation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-295: Improper Certificate Validation",
+                  "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.network.disabled-cert-validation.disabled-cert-validation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.detect-child-process.detect-child-process",
+              "name": "javascript.lang.security.detect-child-process.detect-child-process",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.detect-child-process.detect-child-process"
               },
-              "fullDescription": {
-                "text": "`html_safe()` add the `__html__` magic method to the provided class. The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method."
+              "full_description": {
+                "text": "Detected calls to child_process from a function argument `$FUNC`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. "
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.detect-child-process.detect-child-process",
               "help": {
-                "markdown": "`html_safe()` add the `__html__` magic method to the provided class. The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.html-safe.html-safe)\n - [https://docs.djangoproject.com/en/3.0/_modules/django/utils/html/#html_safe](https://docs.djangoproject.com/en/3.0/_modules/django/utils/html/#html_safe)\n - [https://gist.github.com/minusworld/7885d8a81dba3ea2d1e4b8fd3c218ef5](https://gist.github.com/minusworld/7885d8a81dba3ea2d1e4b8fd3c218ef5)\n",
-                "text": "`html_safe()` add the `__html__` magic method to the provided class. The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected calls to child_process from a function argument `$FUNC`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. \n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected calls to child_process from a function argument `$FUNC`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. \n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-child-process.detect-child-process)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html#do-not-use-dangerous-functions](https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html#do-not-use-dangerous-functions)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.html-safe.html-safe",
-              "id": "python.django.security.audit.xss.html-safe.html-safe",
-              "name": "python.django.security.audit.xss.html-safe.html-safe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.html-safe.html-safe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.anonymous-ldap-bind.anonymous-ldap-bind",
+              "name": "java.lang.security.audit.anonymous-ldap-bind.anonymous-ldap-bind",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.anonymous-ldap-bind.anonymous-ldap-bind"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use the 'url' template tag to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header."
+              "full_description": {
+                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.anonymous-ldap-bind.anonymous-ldap-bind",
               "help": {
-                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use the 'url' template tag to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.template-href-var.template-href-var)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss)\n - [https://docs.djangoproject.com/en/3.1/ref/templates/builtins/#url](https://docs.djangoproject.com/en/3.1/ref/templates/builtins/#url)\n - [https://content-security-policy.com/](https://content-security-policy.com/)\n",
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use the 'url' template tag to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.anonymous-ldap-bind.anonymous-ldap-bind)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.template-href-var.template-href-var",
-              "id": "python.django.security.audit.xss.template-href-var.template-href-var",
-              "name": "python.django.security.audit.xss.template-href-var.template-href-var",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-287: Improper Authentication",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.template-href-var.template-href-var"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-lambda-environment-unencrypted.aws-lambda-environment-unencrypted",
+              "name": "terraform.aws.security.aws-lambda-environment-unencrypted.aws-lambda-environment-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-lambda-environment-unencrypted.aws-lambda-environment-unencrypted"
               },
-              "fullDescription": {
-                "text": "The 'ssl' module disables insecure cipher suites by default. Therefore, use of 'set_ciphers()' should only be used when you have very specialized requirements. Otherwise, you risk lowering the security of the SSL channel."
+              "full_description": {
+                "text": "By default, the AWS Lambda Environment is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your environment variables in Lambda. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-lambda-environment-unencrypted.aws-lambda-environment-unencrypted",
               "help": {
-                "markdown": "The 'ssl' module disables insecure cipher suites by default. Therefore, use of 'set_ciphers()' should only be used when you have very specialized requirements. Otherwise, you risk lowering the security of the SSL channel.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.ssl.no-set-ciphers.no-set-ciphers)\n - [https://docs.python.org/3/library/ssl.html#cipher-selection](https://docs.python.org/3/library/ssl.html#cipher-selection)\n - [https://docs.python.org/3/library/ssl.html#ssl.SSLContext.set_ciphers](https://docs.python.org/3/library/ssl.html#ssl.SSLContext.set_ciphers)\n",
-                "text": "The 'ssl' module disables insecure cipher suites by default. Therefore, use of 'set_ciphers()' should only be used when you have very specialized requirements. Otherwise, you risk lowering the security of the SSL channel.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "By default, the AWS Lambda Environment is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your environment variables in Lambda. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "By default, the AWS Lambda Environment is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your environment variables in Lambda. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-lambda-environment-unencrypted.aws-lambda-environment-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.ssl.no-set-ciphers.no-set-ciphers",
-              "id": "python.lang.security.audit.insecure-transport.ssl.no-set-ciphers.no-set-ciphers",
-              "name": "python.lang.security.audit.insecure-transport.ssl.no-set-ciphers.no-set-ciphers",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.ssl.no-set-ciphers.no-set-ciphers"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.sqli.node-knex-sqli.node-knex-sqli",
+              "name": "javascript.lang.security.audit.sqli.node-knex-sqli.node-knex-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.sqli.node-knex-sqli.node-knex-sqli"
               },
-              "fullDescription": {
-                "text": "Keep3rV2.current() call has high data freshness, but it has low security,  an exploiter simply needs to manipulate 2 data points to be able to impact the feed."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `$REQ` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements. An example of parameterized queries like so: `knex.raw('SELECT $1 from table', [userinput])` can help prevent SQLi."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-knex-sqli.node-knex-sqli",
               "help": {
-                "markdown": "Keep3rV2.current() call has high data freshness, but it has low security,  an exploiter simply needs to manipulate 2 data points to be able to impact the feed.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.keeper-network-oracle-manipulation.keeper-network-oracle-manipulation)\n - [https://twitter.com/peckshield/status/1510232640338608131](https://twitter.com/peckshield/status/1510232640338608131)\n - [https://twitter.com/FrankResearcher/status/1510239094777032713](https://twitter.com/FrankResearcher/status/1510239094777032713)\n - [https://twitter.com/larry0x/status/1510263618180464644](https://twitter.com/larry0x/status/1510263618180464644)\n - [https://andrecronje.medium.com/keep3r-network-on-chain-oracle-price-feeds-3c67ed002a9](https://andrecronje.medium.com/keep3r-network-on-chain-oracle-price-feeds-3c67ed002a9)\n - [https://etherscan.io/address/0x210ac53b27f16e20a9aa7d16260f84693390258f](https://etherscan.io/address/0x210ac53b27f16e20a9aa7d16260f84693390258f)\n",
-                "text": "Keep3rV2.current() call has high data freshness, but it has low security,  an exploiter simply needs to manipulate 2 data points to be able to impact the feed.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `$REQ` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements. An example of parameterized queries like so: `knex.raw('SELECT $1 from table', [userinput])` can help prevent SQLi.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `$REQ` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements. An example of parameterized queries like so: `knex.raw('SELECT $1 from table', [userinput])` can help prevent SQLi.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-knex-sqli.node-knex-sqli)\n - [https://knexjs.org/#Builder-fromRaw](https://knexjs.org/#Builder-fromRaw)\n - [https://knexjs.org/#Builder-whereRaw](https://knexjs.org/#Builder-whereRaw)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.keeper-network-oracle-manipulation.keeper-network-oracle-manipulation",
-              "id": "solidity.security.keeper-network-oracle-manipulation.keeper-network-oracle-manipulation",
-              "name": "solidity.security.keeper-network-oracle-manipulation.keeper-network-oracle-manipulation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-682: Incorrect Calculation",
-                  "HIGH CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.keeper-network-oracle-manipulation.keeper-network-oracle-manipulation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.kubernetes.security.allow-privilege-escalation-no-securitycontext.allow-privilege-escalation-no-securitycontext",
+              "name": "yaml.kubernetes.security.allow-privilege-escalation-no-securitycontext.allow-privilege-escalation-no-securitycontext",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.allow-privilege-escalation-no-securitycontext.allow-privilege-escalation-no-securitycontext"
               },
-              "fullDescription": {
-                "text": "Make sure that unverified user data can not reach `vm2`."
+              "full_description": {
+                "text": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding a `securityContext` to your Kubernetes pod, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation-no-securitycontext.allow-privilege-escalation-no-securitycontext",
               "help": {
-                "markdown": "Make sure that unverified user data can not reach `vm2`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.vm2.security.audit.vm2-code-injection.vm2-code-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Make sure that unverified user data can not reach `vm2`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding a `securityContext` to your Kubernetes pod, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding a `securityContext` to your Kubernetes pod, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation-no-securitycontext.allow-privilege-escalation-no-securitycontext)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n - [https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.vm2.security.audit.vm2-code-injection.vm2-code-injection",
-              "id": "javascript.vm2.security.audit.vm2-code-injection.vm2-code-injection",
-              "name": "javascript.vm2.security.audit.vm2-code-injection.vm2-code-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.vm2.security.audit.vm2-code-injection.vm2-code-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.xss.class-extends-safestring.class-extends-safestring",
+              "name": "python.django.security.audit.xss.class-extends-safestring.class-extends-safestring",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.class-extends-safestring.class-extends-safestring"
               },
-              "fullDescription": {
-                "text": "Found object deserialization using ObjectInputStream. Deserializing entire Java objects is dangerous because malicious actors can create Java object streams with unintended consequences. Ensure that the objects being deserialized are not user-controlled. If this must be done, consider using HMACs to sign the data stream to make sure it is not tampered with, or consider only transmitting object fields and populating a new object."
+              "full_description": {
+                "text": "Found a class extending 'SafeString', 'SafeText' or 'SafeData'. These classes are for bypassing the escaping engine built in to Django and should not be used directly. Improper use of this class exposes your application to cross-site scripting (XSS) vulnerabilities. If you need this functionality, use 'mark_safe' instead and ensure no user data can reach it."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.class-extends-safestring.class-extends-safestring",
               "help": {
-                "markdown": "Found object deserialization using ObjectInputStream. Deserializing entire Java objects is dangerous because malicious actors can create Java object streams with unintended consequences. Ensure that the objects being deserialized are not user-controlled. If this must be done, consider using HMACs to sign the data stream to make sure it is not tampered with, or consider only transmitting object fields and populating a new object.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.object-deserialization.object-deserialization)\n - [https://www.owasp.org/index.php/Deserialization_of_untrusted_data](https://www.owasp.org/index.php/Deserialization_of_untrusted_data)\n - [https://www.oracle.com/java/technologies/javase/seccodeguide.html#8](https://www.oracle.com/java/technologies/javase/seccodeguide.html#8)\n",
-                "text": "Found object deserialization using ObjectInputStream. Deserializing entire Java objects is dangerous because malicious actors can create Java object streams with unintended consequences. Ensure that the objects being deserialized are not user-controlled. If this must be done, consider using HMACs to sign the data stream to make sure it is not tampered with, or consider only transmitting object fields and populating a new object.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found a class extending 'SafeString', 'SafeText' or 'SafeData'. These classes are for bypassing the escaping engine built in to Django and should not be used directly. Improper use of this class exposes your application to cross-site scripting (XSS) vulnerabilities. If you need this functionality, use 'mark_safe' instead and ensure no user data can reach it.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a class extending 'SafeString', 'SafeText' or 'SafeData'. These classes are for bypassing the escaping engine built in to Django and should not be used directly. Improper use of this class exposes your application to cross-site scripting (XSS) vulnerabilities. If you need this functionality, use 'mark_safe' instead and ensure no user data can reach it.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.class-extends-safestring.class-extends-safestring)\n - [https://docs.djangoproject.com/en/3.1/howto/custom-template-tags/#filters-and-auto-escaping](https://docs.djangoproject.com/en/3.1/howto/custom-template-tags/#filters-and-auto-escaping)\n - [https://github.com/django/django/blob/f138e75910b1e541686c4dce3d8f467f6fc234cb/django/utils/safestring.py#L11](https://github.com/django/django/blob/f138e75910b1e541686c4dce3d8f467f6fc234cb/django/utils/safestring.py#L11)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.object-deserialization.object-deserialization",
-              "id": "java.lang.security.audit.object-deserialization.object-deserialization",
-              "name": "java.lang.security.audit.object-deserialization.object-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.object-deserialization.object-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.dangerous-syscall.dangerous-syscall",
+              "name": "ruby.lang.security.dangerous-syscall.dangerous-syscall",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.dangerous-syscall.dangerous-syscall"
               },
-              "fullDescription": {
-                "text": "Detected public S3 bucket. This policy allows anyone to have some kind of access to the bucket. The exact level of access and types of actions allowed will depend on the configuration of bucket policy and ACLs. Please review the bucket configuration to make sure they are set with intended values."
+              "full_description": {
+                "text": "'syscall' is essentially unsafe and unportable. The DL (https://apidock.com/ruby/Fiddle) library is preferred for safer and a bit more portable programming."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.dangerous-syscall.dangerous-syscall",
               "help": {
-                "markdown": "Detected public S3 bucket. This policy allows anyone to have some kind of access to the bucket. The exact level of access and types of actions allowed will depend on the configuration of bucket policy and ACLs. Please review the bucket configuration to make sure they are set with intended values.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/json.aws.security.public-s3-bucket.public-s3-bucket)\n - [https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html)\n",
-                "text": "Detected public S3 bucket. This policy allows anyone to have some kind of access to the bucket. The exact level of access and types of actions allowed will depend on the configuration of bucket policy and ACLs. Please review the bucket configuration to make sure they are set with intended values.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'syscall' is essentially unsafe and unportable. The DL (https://apidock.com/ruby/Fiddle) library is preferred for safer and a bit more portable programming.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'syscall' is essentially unsafe and unportable. The DL (https://apidock.com/ruby/Fiddle) library is preferred for safer and a bit more portable programming.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.dangerous-syscall.dangerous-syscall)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/json.aws.security.public-s3-bucket.public-s3-bucket",
-              "id": "json.aws.security.public-s3-bucket.public-s3-bucket",
-              "name": "json.aws.security.public-s3-bucket.public-s3-bucket",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-264: CWE CATEGORY: Permissions, Privileges, and Access Controls",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: json.aws.security.public-s3-bucket.public-s3-bucket"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "trailofbits.python.pickles-in-numpy.pickles-in-numpy",
+              "name": "trailofbits.python.pickles-in-numpy.pickles-in-numpy",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.python.pickles-in-numpy.pickles-in-numpy"
               },
-              "fullDescription": {
-                "text": "Make sure comparisons involving md5 values are strict (use `===` not `==`) to avoid type juggling issues"
+              "full_description": {
+                "text": "Functions reliant on pickle can result in arbitrary code execution.  Consider using fickling or switching to a safer serialization method"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.python.pickles-in-numpy.pickles-in-numpy",
               "help": {
-                "markdown": "Make sure comparisons involving md5 values are strict (use `===` not `==`) to avoid type juggling issues\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.md5-loose-equality.md5-loose-equality)\n - [https://www.php.net/manual/en/types.comparisons.php](https://www.php.net/manual/en/types.comparisons.php)\n - [https://www.whitehatsec.com/blog/magic-hashes/](https://www.whitehatsec.com/blog/magic-hashes/)\n",
-                "text": "Make sure comparisons involving md5 values are strict (use `===` not `==`) to avoid type juggling issues\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Functions reliant on pickle can result in arbitrary code execution.  Consider using fickling or switching to a safer serialization method\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Functions reliant on pickle can result in arbitrary code execution.  Consider using fickling or switching to a safer serialization method\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.pickles-in-numpy.pickles-in-numpy)\n - [https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/](https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.md5-loose-equality.md5-loose-equality",
-              "id": "php.lang.security.md5-loose-equality.md5-loose-equality",
-              "name": "php.lang.security.md5-loose-equality.md5-loose-equality",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-697: Incorrect Comparison",
-                  "LOW CONFIDENCE",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
+              }
+            },
+            {
+              "id": "python.django.security.globals-as-template-context.globals-as-template-context",
+              "name": "python.django.security.globals-as-template-context.globals-as-template-context",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.globals-as-template-context.globals-as-template-context"
+              },
+              "full_description": {
+                "text": "Using 'globals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'globals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead."
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.md5-loose-equality.md5-loose-equality"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "error"
               },
-              "fullDescription": {
-                "text": "Detected subprocess function '$LOOP.subprocess_exec' with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'."
-              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.globals-as-template-context.globals-as-template-context",
               "help": {
-                "markdown": "Detected subprocess function '$LOOP.subprocess_exec' with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-exec.dangerous-asyncio-exec)\n - [https://docs.python.org/3/library/asyncio-eventloop.html#asyncio.loop.subprocess_exec](https://docs.python.org/3/library/asyncio-eventloop.html#asyncio.loop.subprocess_exec)\n - [https://docs.python.org/3/library/shlex.html](https://docs.python.org/3/library/shlex.html)\n",
-                "text": "Detected subprocess function '$LOOP.subprocess_exec' with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using 'globals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'globals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using 'globals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'globals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.globals-as-template-context.globals-as-template-context)\n - [https://docs.djangoproject.com/en/3.2/ref/settings/#templates](https://docs.djangoproject.com/en/3.2/ref/settings/#templates)\n - [https://docs.djangoproject.com/en/3.2/topics/templates/#django.template.backends.django.DjangoTemplates](https://docs.djangoproject.com/en/3.2/topics/templates/#django.template.backends.django.DjangoTemplates)\n - [https://docs.djangoproject.com/en/3.2/ref/templates/api/#rendering-a-context](https://docs.djangoproject.com/en/3.2/ref/templates/api/#rendering-a-context)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-exec.dangerous-asyncio-exec",
-              "id": "python.aws-lambda.security.dangerous-asyncio-exec.dangerous-asyncio-exec",
-              "name": "python.aws-lambda.security.dangerous-asyncio-exec.dangerous-asyncio-exec",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-asyncio-exec.dangerous-asyncio-exec"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.injections.os-command.os-command-injection",
+              "name": "csharp.lang.security.injections.os-command.os-command-injection",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.injections.os-command.os-command-injection"
               },
-              "fullDescription": {
-                "text": "Default session middleware settings: `secure` not set. It ensures the browser only sends the cookie over HTTPS."
+              "full_description": {
+                "text": "The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.injections.os-command.os-command-injection",
               "help": {
-                "markdown": "Default session middleware settings: `secure` not set. It ensures the browser only sends the cookie over HTTPS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-secure)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Default session middleware settings: `secure` not set. It ensures the browser only sends the cookie over HTTPS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.injections.os-command.os-command-injection)\n - [https://owasp.org/www-community/attacks/Command_Injection](https://owasp.org/www-community/attacks/Command_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-secure",
-              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-secure",
-              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-secure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-secure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.passwords.password-empty-string.password-empty-string",
+              "name": "python.django.security.passwords.password-empty-string.password-empty-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.passwords.password-empty-string.password-empty-string"
               },
-              "fullDescription": {
-                "text": "Detected possible formatted SQL query. Use parameterized queries instead."
+              "full_description": {
+                "text": "'$VAR' is the empty string and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the password to None or call 'set_unusable_password()'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.passwords.password-empty-string.password-empty-string",
               "help": {
-                "markdown": "Detected possible formatted SQL query. Use parameterized queries instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.formatted-sql-query.formatted-sql-query)\n - [https://stackoverflow.com/questions/775296/mysql-parameterized-queries](https://stackoverflow.com/questions/775296/mysql-parameterized-queries)\n",
-                "text": "Detected possible formatted SQL query. Use parameterized queries instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'$VAR' is the empty string and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the password to None or call 'set_unusable_password()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'$VAR' is the empty string and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the password to None or call 'set_unusable_password()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.passwords.password-empty-string.password-empty-string)\n - [https://docs.djangoproject.com/en/3.0/ref/contrib/auth/#django.contrib.auth.models.User.set_password](https://docs.djangoproject.com/en/3.0/ref/contrib/auth/#django.contrib.auth.models.User.set_password)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.formatted-sql-query.formatted-sql-query",
-              "id": "python.lang.security.audit.formatted-sql-query.formatted-sql-query",
-              "name": "python.lang.security.audit.formatted-sql-query.formatted-sql-query",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-521: Weak Password Requirements",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.formatted-sql-query.formatted-sql-query"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.dangerous-annotations-usage.dangerous-annotations-usage",
+              "name": "python.lang.security.audit.dangerous-annotations-usage.dangerous-annotations-usage",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.dangerous-annotations-usage.dangerous-annotations-usage"
               },
-              "fullDescription": {
-                "text": "Detected manual creation of an ERB template. Manual creation of templates may expose your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks if user input is used to create the template. Instead, create a '.erb' template file and use 'render'."
+              "full_description": {
+                "text": "Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Make sure that no arbitrary value can be written as the annotation and passed to `typing.get_type_hints` function."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.dangerous-annotations-usage.dangerous-annotations-usage",
               "help": {
-                "markdown": "Detected manual creation of an ERB template. Manual creation of templates may expose your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks if user input is used to create the template. Instead, create a '.erb' template file and use 'render'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.manual-template-creation.manual-template-creation)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/template_injection/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/template_injection/index.markdown)\n",
-                "text": "Detected manual creation of an ERB template. Manual creation of templates may expose your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks if user input is used to create the template. Instead, create a '.erb' template file and use 'render'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Make sure that no arbitrary value can be written as the annotation and passed to `typing.get_type_hints` function.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Make sure that no arbitrary value can be written as the annotation and passed to `typing.get_type_hints` function.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.dangerous-annotations-usage.dangerous-annotations-usage)\n - [https://docs.python.org/3/library/typing.html#typing.get_type_hints](https://docs.python.org/3/library/typing.html#typing.get_type_hints)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.manual-template-creation.manual-template-creation",
-              "id": "ruby.rails.security.audit.xss.manual-template-creation.manual-template-creation",
-              "name": "ruby.rails.security.audit.xss.manual-template-creation.manual-template-creation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.manual-template-creation.manual-template-creation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.injection.tainted-url-host.tainted-url-host",
+              "name": "go.lang.security.injection.tainted-url-host.tainted-url-host",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.injection.tainted-url-host.tainted-url-host"
               },
-              "fullDescription": {
-                "text": "The Django secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Django secret key can be obtained by attackers, through the HashIDs."
+              "full_description": {
+                "text": "A request was found to be crafted from user-input `$REQUEST`. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, potentially exposing sensitive data. It is recommend where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to prevent abuse, including using an allowlist."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.injection.tainted-url-host.tainted-url-host",
               "help": {
-                "markdown": "The Django secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Django secret key can be obtained by attackers, through the HashIDs.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.hashids-with-django-secret.hashids-with-django-secret)\n - [https://docs.djangoproject.com/en/4.2/ref/settings/#std-setting-SECRET_KEY](https://docs.djangoproject.com/en/4.2/ref/settings/#std-setting-SECRET_KEY)\n - [http://carnage.github.io/2015/08/cryptanalysis-of-hashids](http://carnage.github.io/2015/08/cryptanalysis-of-hashids)\n",
-                "text": "The Django secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Django secret key can be obtained by attackers, through the HashIDs.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A request was found to be crafted from user-input `$REQUEST`. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, potentially exposing sensitive data. It is recommend where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to prevent abuse, including using an allowlist.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A request was found to be crafted from user-input `$REQUEST`. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, potentially exposing sensitive data. It is recommend where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to prevent abuse, including using an allowlist.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.injection.tainted-url-host.tainted-url-host)\n - [https://goteleport.com/blog/ssrf-attacks/](https://goteleport.com/blog/ssrf-attacks/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.hashids-with-django-secret.hashids-with-django-secret",
-              "id": "python.django.security.hashids-with-django-secret.hashids-with-django-secret",
-              "name": "python.django.security.hashids-with-django-secret.hashids-with-django-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 \u2013 Cryptographic Failures",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.hashids-with-django-secret.hashids-with-django-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+              "name": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.csrf-exempt.no-csrf-exempt"
               },
-              "fullDescription": {
-                "text": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'."
+              "full_description": {
+                "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.csrf-exempt.no-csrf-exempt",
               "help": {
-                "markdown": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/dockerfile.security.missing-user.missing-user)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.csrf-exempt.no-csrf-exempt)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/dockerfile.security.missing-user.missing-user",
-              "id": "dockerfile.security.missing-user.missing-user",
-              "name": "dockerfile.security.missing-user.missing-user",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-269: Improper Privilege Management",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: dockerfile.security.missing-user.missing-user"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.python.automatic-memory-pinning.automatic-memory-pinning",
+              "name": "trailofbits.python.automatic-memory-pinning.automatic-memory-pinning",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.python.automatic-memory-pinning.automatic-memory-pinning"
               },
-              "fullDescription": {
-                "text": "Resources in the AWS subnet are assigned a public IP address. Resources should not be exposed on the public internet, but should have access limited to consumers required for the function of your application. Set `map_public_ip_on_launch` to false so that resources are not publicly-accessible."
+              "full_description": {
+                "text": "If possible, it is better to rely on automatic pinning in PyTorch to avoid undefined behavior and for efficiency"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.python.automatic-memory-pinning.automatic-memory-pinning",
               "help": {
-                "markdown": "Resources in the AWS subnet are assigned a public IP address. Resources should not be exposed on the public internet, but should have access limited to consumers required for the function of your application. Set `map_public_ip_on_launch` to false so that resources are not publicly-accessible.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-subnet-has-public-ip-address.aws-subnet-has-public-ip-address)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control/](https://owasp.org/Top10/A01_2021-Broken_Access_Control/)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet#map_public_ip_on_launch](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet#map_public_ip_on_launch)\n - [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#concepts-public-addresses](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#concepts-public-addresses)\n",
-                "text": "Resources in the AWS subnet are assigned a public IP address. Resources should not be exposed on the public internet, but should have access limited to consumers required for the function of your application. Set `map_public_ip_on_launch` to false so that resources are not publicly-accessible.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If possible, it is better to rely on automatic pinning in PyTorch to avoid undefined behavior and for efficiency\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If possible, it is better to rely on automatic pinning in PyTorch to avoid undefined behavior and for efficiency\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.automatic-memory-pinning.automatic-memory-pinning)\n - [https://pytorch.org/docs/stable/data.html#memory-pinning](https://pytorch.org/docs/stable/data.html#memory-pinning)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-subnet-has-public-ip-address.aws-subnet-has-public-ip-address",
-              "id": "terraform.aws.security.aws-subnet-has-public-ip-address.aws-subnet-has-public-ip-address",
-              "name": "terraform.aws.security.aws-subnet-has-public-ip-address.aws-subnet-has-public-ip-address",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-676: Use of Potentially Dangerous Function",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-subnet-has-public-ip-address.aws-subnet-has-public-ip-address"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.assert-use.assert-use",
+              "name": "php.lang.security.assert-use.assert-use",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.assert-use.assert-use"
               },
-              "fullDescription": {
-                "text": "Ensure FSX Windows file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Calling assert with user input is equivalent to eval'ing."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.assert-use.assert-use",
               "help": {
-                "markdown": "Ensure FSX Windows file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-fsx-windows-encrypted-with-cmk.aws-fsx-windows-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure FSX Windows file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Calling assert with user input is equivalent to eval'ing.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Calling assert with user input is equivalent to eval'ing.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.assert-use.assert-use)\n - [https://www.php.net/manual/en/function.assert](https://www.php.net/manual/en/function.assert)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/AssertsSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/AssertsSniff.php)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-fsx-windows-encrypted-with-cmk.aws-fsx-windows-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-fsx-windows-encrypted-with-cmk.aws-fsx-windows-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-fsx-windows-encrypted-with-cmk.aws-fsx-windows-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-fsx-windows-encrypted-with-cmk.aws-fsx-windows-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.no-null-cipher.no-null-cipher",
+              "name": "java.lang.security.audit.crypto.no-null-cipher.no-null-cipher",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.no-null-cipher.no-null-cipher"
               },
-              "fullDescription": {
-                "text": "Found user controlled content in `run_in_subinterp`. This is dangerous because it allows a malicious actor to run arbitrary Python code."
+              "full_description": {
+                "text": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.no-null-cipher.no-null-cipher",
               "help": {
-                "markdown": "Found user controlled content in `run_in_subinterp`. This is dangerous because it allows a malicious actor to run arbitrary Python code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-testcapi-run-in-subinterp.dangerous-testcapi-run-in-subinterp)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n",
-                "text": "Found user controlled content in `run_in_subinterp`. This is dangerous because it allows a malicious actor to run arbitrary Python code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.no-null-cipher.no-null-cipher)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.dangerous-testcapi-run-in-subinterp.dangerous-testcapi-run-in-subinterp",
-              "id": "python.lang.security.dangerous-testcapi-run-in-subinterp.dangerous-testcapi-run-in-subinterp",
-              "name": "python.lang.security.dangerous-testcapi-run-in-subinterp.dangerous-testcapi-run-in-subinterp",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.dangerous-testcapi-run-in-subinterp.dangerous-testcapi-run-in-subinterp"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.express-wkhtml-injection.express-wkhtmltopdf-injection",
+              "name": "javascript.express.security.express-wkhtml-injection.express-wkhtmltopdf-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-wkhtml-injection.express-wkhtmltopdf-injection"
               },
-              "fullDescription": {
-                "text": "Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to."
+              "full_description": {
+                "text": "If unverified user data can reach the `wkhtmltopdf` methods it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-wkhtml-injection.express-wkhtmltopdf-injection",
               "help": {
-                "markdown": "Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.unlink-use.unlink-use)\n - [https://www.php.net/manual/en/function.unlink](https://www.php.net/manual/en/function.unlink)\n - [https://owasp.org/www-project-top-ten/2017/A5_2017-Broken_Access_Control.html](https://owasp.org/www-project-top-ten/2017/A5_2017-Broken_Access_Control.html)\n",
-                "text": "Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `wkhtmltopdf` methods it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `wkhtmltopdf` methods it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-wkhtml-injection.express-wkhtmltopdf-injection)\n - [https://www.npmjs.com/package/wkhtmltopdf](https://www.npmjs.com/package/wkhtmltopdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.unlink-use.unlink-use",
-              "id": "php.lang.security.unlink-use.unlink-use",
-              "name": "php.lang.security.unlink-use.unlink-use",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.unlink-use.unlink-use"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "trailofbits.go.racy-write-to-map.racy-write-to-map",
+              "name": "trailofbits.go.racy-write-to-map.racy-write-to-map",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.racy-write-to-map.racy-write-to-map"
               },
-              "fullDescription": {
-                "text": "No slippage check in a Uniswap v2/v3 trade"
+              "full_description": {
+                "text": "Writing `$MAP` from multiple goroutines is not concurrency safe"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.racy-write-to-map.racy-write-to-map",
               "help": {
-                "markdown": "No slippage check in a Uniswap v2/v3 trade\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.no-slippage-check.no-slippage-check)\n - [https://uniswapv3book.com/docs/milestone_3/slippage-protection/](https://uniswapv3book.com/docs/milestone_3/slippage-protection/)\n",
-                "text": "No slippage check in a Uniswap v2/v3 trade\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Writing `$MAP` from multiple goroutines is not concurrency safe\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Writing `$MAP` from multiple goroutines is not concurrency safe\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.racy-write-to-map.racy-write-to-map)\n - [https://go.dev/blog/maps#concurrency](https://go.dev/blog/maps#concurrency)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.no-slippage-check.no-slippage-check",
-              "id": "solidity.security.no-slippage-check.no-slippage-check",
-              "name": "solidity.security.no-slippage-check.no-slippage-check",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-682: Incorrect Calculation",
+                  "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
                   "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.no-slippage-check.no-slippage-check"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-fsx-ontapfs-encrypted-with-cmk.aws-fsx-ontapfs-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-fsx-ontapfs-encrypted-with-cmk.aws-fsx-ontapfs-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-fsx-ontapfs-encrypted-with-cmk.aws-fsx-ontapfs-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands."
+              "full_description": {
+                "text": "Ensure FSX ONTAP file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-fsx-ontapfs-encrypted-with-cmk.aws-fsx-ontapfs-encrypted-with-cmk",
               "help": {
-                "markdown": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.subprocess-injection.subprocess-injection)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n",
-                "text": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure FSX ONTAP file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure FSX ONTAP file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-fsx-ontapfs-encrypted-with-cmk.aws-fsx-ontapfs-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.injection.subprocess-injection.subprocess-injection",
-              "id": "python.flask.security.injection.subprocess-injection.subprocess-injection",
-              "name": "python.flask.security.injection.subprocess-injection.subprocess-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.injection.subprocess-injection.subprocess-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.network.http-not-https-connection.http-not-https-connection",
+              "name": "python.lang.security.audit.network.http-not-https-connection.http-not-https-connection",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.network.http-not-https-connection.http-not-https-connection"
               },
-              "fullDescription": {
-                "text": "Service '$SERVICE' is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccomp:unconfined' to prevent this."
+              "full_description": {
+                "text": "Detected HTTPConnectionPool. This will transmit data in cleartext. It is recommended to use HTTPSConnectionPool instead for to encrypt communications."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.network.http-not-https-connection.http-not-https-connection",
               "help": {
-                "markdown": "Service '$SERVICE' is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccomp:unconfined' to prevent this.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.seccomp-confinement-disabled.seccomp-confinement-disabled)\n - [https://docs.docker.com/engine/security/seccomp/](https://docs.docker.com/engine/security/seccomp/)\n",
-                "text": "Service '$SERVICE' is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccomp:unconfined' to prevent this.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected HTTPConnectionPool. This will transmit data in cleartext. It is recommended to use HTTPSConnectionPool instead for to encrypt communications.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected HTTPConnectionPool. This will transmit data in cleartext. It is recommended to use HTTPSConnectionPool instead for to encrypt communications.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.network.http-not-https-connection.http-not-https-connection)\n - [https://urllib3.readthedocs.io/en/1.2.1/pools.html#urllib3.connectionpool.HTTPSConnectionPool](https://urllib3.readthedocs.io/en/1.2.1/pools.html#urllib3.connectionpool.HTTPSConnectionPool)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.docker-compose.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
-              "id": "yaml.docker-compose.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
-              "name": "yaml.docker-compose.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.docker-compose.security.seccomp-confinement-disabled.seccomp-confinement-disabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "html.security.plaintext-http-link.plaintext-http-link",
+              "name": "html.security.plaintext-http-link.plaintext-http-link",
+              "short_description": {
+                "text": "Semgrep Finding: html.security.plaintext-http-link.plaintext-http-link"
               },
-              "fullDescription": {
-                "text": "Detected use of the functions `Math.random()` or `java.util.Random()`. These are both not cryptographically strong random number generators (RNGs). If you are using these RNGs to create passwords or secret tokens, use `java.security.SecureRandom` instead."
+              "full_description": {
+                "text": "This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL if possible."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/html.security.plaintext-http-link.plaintext-http-link",
               "help": {
-                "markdown": "Detected use of the functions `Math.random()` or `java.util.Random()`. These are both not cryptographically strong random number generators (RNGs). If you are using these RNGs to create passwords or secret tokens, use `java.security.SecureRandom` instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.weak-random.weak-random)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected use of the functions `Math.random()` or `java.util.Random()`. These are both not cryptographically strong random number generators (RNGs). If you are using these RNGs to create passwords or secret tokens, use `java.security.SecureRandom` instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL if possible.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL if possible.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/html.security.plaintext-http-link.plaintext-http-link)\n - [https://cwe.mitre.org/data/definitions/319.html](https://cwe.mitre.org/data/definitions/319.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.weak-random.weak-random",
-              "id": "java.lang.security.audit.crypto.weak-random.weak-random",
-              "name": "java.lang.security.audit.crypto.weak-random.weak-random",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-330: Use of Insufficiently Random Values",
-                  "LOW CONFIDENCE",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "HIGH CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.weak-random.weak-random"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "kotlin.lang.security.anonymous-ldap-bind.anonymous-ldap-bind",
+              "name": "kotlin.lang.security.anonymous-ldap-bind.anonymous-ldap-bind",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.anonymous-ldap-bind.anonymous-ldap-bind"
               },
-              "fullDescription": {
-                "text": "Found data going from url query parameters into formatted data written to ResponseWriter. This could be XSS and should not be done. If you must do this, ensure your data is sanitized or escaped."
+              "full_description": {
+                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.anonymous-ldap-bind.anonymous-ldap-bind",
               "help": {
-                "markdown": "Found data going from url query parameters into formatted data written to ResponseWriter. This could be XSS and should not be done. If you must do this, ensure your data is sanitized or escaped.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.wip-xss-using-responsewriter-and-printf.wip-xss-using-responsewriter-and-printf)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Found data going from url query parameters into formatted data written to ResponseWriter. This could be XSS and should not be done. If you must do this, ensure your data is sanitized or escaped.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.anonymous-ldap-bind.anonymous-ldap-bind)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.wip-xss-using-responsewriter-and-printf.wip-xss-using-responsewriter-and-printf",
-              "id": "go.lang.security.audit.net.wip-xss-using-responsewriter-and-printf.wip-xss-using-responsewriter-and-printf",
-              "name": "go.lang.security.audit.net.wip-xss-using-responsewriter-and-printf.wip-xss-using-responsewriter-and-printf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-287: Improper Authentication",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.wip-xss-using-responsewriter-and-printf.wip-xss-using-responsewriter-and-printf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-kinesis-stream-encrypted-with-cmk.aws-kinesis-stream-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-kinesis-stream-encrypted-with-cmk.aws-kinesis-stream-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-kinesis-stream-encrypted-with-cmk.aws-kinesis-stream-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "Heroku API Key detected"
+              "full_description": {
+                "text": "Ensure Kinesis stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-kinesis-stream-encrypted-with-cmk.aws-kinesis-stream-encrypted-with-cmk",
               "help": {
-                "markdown": "Heroku API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Heroku API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure Kinesis stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure Kinesis stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-kinesis-stream-encrypted-with-cmk.aws-kinesis-stream-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key",
-              "id": "generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key",
-              "name": "generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly",
+              "name": "java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly"
               },
-              "fullDescription": {
-                "text": "Detected a Storage that was not configured to deny action by default. Add `default_action = \"Deny\"` in your resource block."
+              "full_description": {
+                "text": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly",
               "help": {
-                "markdown": "Detected a Storage that was not configured to deny action by default. Add `default_action = \"Deny\"` in your resource block.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.storage.storage-default-action-deny.storage-default-action-deny)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#default_action](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#default_action)\n - [https://docs.microsoft.com/en-us/azure/firewall/rule-processing](https://docs.microsoft.com/en-us/azure/firewall/rule-processing)\n",
-                "text": "Detected a Storage that was not configured to deny action by default. Add `default_action = \"Deny\"` in your resource block.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.storage.storage-default-action-deny.storage-default-action-deny",
-              "id": "terraform.azure.security.storage.storage-default-action-deny.storage-default-action-deny",
-              "name": "terraform.azure.security.storage.storage-default-action-deny.storage-default-action-deny",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-16: CWE CATEGORY: Configuration",
+                  "CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag",
                   "LOW CONFIDENCE",
                   "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.storage.storage-default-action-deny.storage-default-action-deny"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key",
+              "name": "generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key"
               },
-              "fullDescription": {
-                "text": "Queue $X is missing encryption at rest. Add \"encryption: $Y.QueueEncryption.KMS\" or \"encryption: $Y.QueueEncryption.KMS_MANAGED\" to the queue props to enable encryption at rest for the queue."
+              "full_description": {
+                "text": "MailChimp API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key",
               "help": {
-                "markdown": "Queue $X is missing encryption at rest. Add \"encryption: $Y.QueueEncryption.KMS\" or \"encryption: $Y.QueueEncryption.KMS_MANAGED\" to the queue props to enable encryption at rest for the queue.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-sqs-unencryptedqueue.awscdk-sqs-unencryptedqueue)\n - [https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-data-protection.html](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-data-protection.html)\n",
-                "text": "Queue $X is missing encryption at rest. Add \"encryption: $Y.QueueEncryption.KMS\" or \"encryption: $Y.QueueEncryption.KMS_MANAGED\" to the queue props to enable encryption at rest for the queue.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "MailChimp API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "MailChimp API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-sqs-unencryptedqueue.awscdk-sqs-unencryptedqueue",
-              "id": "typescript.aws-cdk.security.audit.awscdk-sqs-unencryptedqueue.awscdk-sqs-unencryptedqueue",
-              "name": "typescript.aws-cdk.security.audit.awscdk-sqs-unencryptedqueue.awscdk-sqs-unencryptedqueue",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.aws-cdk.security.audit.awscdk-sqs-unencryptedqueue.awscdk-sqs-unencryptedqueue"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.visualforce.security.ncino.xml.visualforceapiversion.visualforce-page-api-version",
+              "name": "generic.visualforce.security.ncino.xml.visualforceapiversion.visualforce-page-api-version",
+              "short_description": {
+                "text": "Semgrep Finding: generic.visualforce.security.ncino.xml.visualforceapiversion.visualforce-page-api-version"
               },
-              "fullDescription": {
-                "text": "Calling `$WG.Wait()` inside a loop blocks the call to `$WG.Done()`"
+              "full_description": {
+                "text": "Visualforce Pages must use API version 55 or higher for required use of the cspHeader attribute set to true."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.visualforce.security.ncino.xml.visualforceapiversion.visualforce-page-api-version",
               "help": {
-                "markdown": "Calling `$WG.Wait()` inside a loop blocks the call to `$WG.Done()`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.waitgroup-wait-inside-loop.waitgroup-wait-inside-loop)\n - [https://go101.org/article/concurrent-common-mistakes.html](https://go101.org/article/concurrent-common-mistakes.html)\n",
-                "text": "Calling `$WG.Wait()` inside a loop blocks the call to `$WG.Done()`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Visualforce Pages must use API version 55 or higher for required use of the cspHeader attribute set to true.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Visualforce Pages must use API version 55 or higher for required use of the cspHeader attribute set to true.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.visualforce.security.ncino.xml.visualforceapiversion.visualforce-page-api-version)\n - [https://developer.salesforce.com/docs/atlas.en-us.api_meta.meta/api_meta/meta_pages.htm](https://developer.salesforce.com/docs/atlas.en-us.api_meta.meta/api_meta/meta_pages.htm)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.waitgroup-wait-inside-loop.waitgroup-wait-inside-loop",
-              "id": "trailofbits.go.waitgroup-wait-inside-loop.waitgroup-wait-inside-loop",
-              "name": "trailofbits.go.waitgroup-wait-inside-loop.waitgroup-wait-inside-loop",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-667: Improper Locking",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.waitgroup-wait-inside-loop.waitgroup-wait-inside-loop"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.nginx.security.header-injection.header-injection",
+              "name": "generic.nginx.security.header-injection.header-injection",
+              "short_description": {
+                "text": "Semgrep Finding: generic.nginx.security.header-injection.header-injection"
               },
-              "fullDescription": {
-                "text": "Dynamically rendering arbitrary HTML on your website can be very dangerous because it can easily lead to XSS vulnerabilities. Only use HTML interpolation on trusted content and never on user-provided content."
+              "full_description": {
+                "text": "The $$VARIABLE path parameter is added as a header in the response. This could allow an attacker to inject a newline and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace in the path parameter: '[^\\s]+'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.nginx.security.header-injection.header-injection",
               "help": {
-                "markdown": "Dynamically rendering arbitrary HTML on your website can be very dangerous because it can easily lead to XSS vulnerabilities. Only use HTML interpolation on trusted content and never on user-provided content.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.vue.security.audit.xss.templates.avoid-v-html.avoid-v-html)\n - [https://vuejs.org/v2/guide/syntax.html#Raw-HTML](https://vuejs.org/v2/guide/syntax.html#Raw-HTML)\n",
-                "text": "Dynamically rendering arbitrary HTML on your website can be very dangerous because it can easily lead to XSS vulnerabilities. Only use HTML interpolation on trusted content and never on user-provided content.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The $$VARIABLE path parameter is added as a header in the response. This could allow an attacker to inject a newline and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace in the path parameter: '[^\\s]+'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The $$VARIABLE path parameter is added as a header in the response. This could allow an attacker to inject a newline and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace in the path parameter: '[^\\s]+'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.header-injection.header-injection)\n - [https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md](https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md)\n - [https://owasp.org/www-community/attacks/HTTP_Response_Splitting](https://owasp.org/www-community/attacks/HTTP_Response_Splitting)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.vue.security.audit.xss.templates.avoid-v-html.avoid-v-html",
-              "id": "javascript.vue.security.audit.xss.templates.avoid-v-html.avoid-v-html",
-              "name": "javascript.vue.security.audit.xss.templates.avoid-v-html.avoid-v-html",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.vue.security.audit.xss.templates.avoid-v-html.avoid-v-html"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.insecure-transport.requests.request-session-http-in-with-context.request-session-http-in-with-context",
+              "name": "python.lang.security.audit.insecure-transport.requests.request-session-http-in-with-context.request-session-http-in-with-context",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.requests.request-session-http-in-with-context.request-session-http-in-with-context"
               },
-              "fullDescription": {
-                "text": "Detected 'urllib.urlretrieve()' using 'http://'. This request will not be encrypted. Use 'https://' instead."
+              "full_description": {
+                "text": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-session-http-in-with-context.request-session-http-in-with-context",
               "help": {
-                "markdown": "Detected 'urllib.urlretrieve()' using 'http://'. This request will not be encrypted. Use 'https://' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve.insecure-urlretrieve)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.urlretrieve](https://docs.python.org/3/library/urllib.request.html#urllib.request.urlretrieve)\n",
-                "text": "Detected 'urllib.urlretrieve()' using 'http://'. This request will not be encrypted. Use 'https://' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-session-http-in-with-context.request-session-http-in-with-context)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve.insecure-urlretrieve",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve.insecure-urlretrieve",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve.insecure-urlretrieve",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve.insecure-urlretrieve"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.model-attributes-attr-accessible.model-attributes-attr-accessible",
+              "name": "ruby.lang.security.model-attributes-attr-accessible.model-attributes-attr-accessible",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.model-attributes-attr-accessible.model-attributes-attr-accessible"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "Checks for models that do not use attr_accessible. This means there is no limiting of which variables can be manipulated through mass assignment. For newer Rails applications, parameters should be allowlisted using strong parameters. For older Rails versions, they should be allowlisted using strong_attributes."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.model-attributes-attr-accessible.model-attributes-attr-accessible",
               "help": {
-                "markdown": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-evaluate-arg-injection.playwright-evaluate-arg-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for models that do not use attr_accessible. This means there is no limiting of which variables can be manipulated through mass assignment. For newer Rails applications, parameters should be allowlisted using strong parameters. For older Rails versions, they should be allowlisted using strong_attributes.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for models that do not use attr_accessible. This means there is no limiting of which variables can be manipulated through mass assignment. For newer Rails applications, parameters should be allowlisted using strong parameters. For older Rails versions, they should be allowlisted using strong_attributes.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.model-attributes-attr-accessible.model-attributes-attr-accessible)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_model_attributes.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_model_attributes.rb)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-evaluate-arg-injection.playwright-evaluate-arg-injection",
-              "id": "javascript.playwright.security.audit.playwright-evaluate-arg-injection.playwright-evaluate-arg-injection",
-              "name": "javascript.playwright.security.audit.playwright-evaluate-arg-injection.playwright-evaluate-arg-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-evaluate-arg-injection.playwright-evaluate-arg-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.lang.security.audit.xmlinputfactory-dtd-enabled.xmlinputfactory-dtd-enabled",
+              "name": "scala.lang.security.audit.xmlinputfactory-dtd-enabled.xmlinputfactory-dtd-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.xmlinputfactory-dtd-enabled.xmlinputfactory-dtd-enabled"
               },
-              "fullDescription": {
-                "text": "Detected an HTTP request sent via HttpURLConnection. This could lead to sensitive information being sent over an insecure channel. Instead, it is recommended to send requests over HTTPS."
+              "full_description": {
+                "text": "XMLInputFactory being instantiated without calling the setProperty functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.xmlinputfactory-dtd-enabled.xmlinputfactory-dtd-enabled",
               "help": {
-                "markdown": "Detected an HTTP request sent via HttpURLConnection. This could lead to sensitive information being sent over an insecure channel. Instead, it is recommended to send requests over HTTPS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpurlconnection-http-request.httpurlconnection-http-request)\n - [https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URLConnection.html](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URLConnection.html)\n - [https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URL.html#openConnection()](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URL.html#openConnection())\n",
-                "text": "Detected an HTTP request sent via HttpURLConnection. This could lead to sensitive information being sent over an insecure channel. Instead, it is recommended to send requests over HTTPS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "XMLInputFactory being instantiated without calling the setProperty functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "XMLInputFactory being instantiated without calling the setProperty functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.xmlinputfactory-dtd-enabled.xmlinputfactory-dtd-enabled)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpurlconnection-http-request.httpurlconnection-http-request",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.httpurlconnection-http-request.httpurlconnection-http-request",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.httpurlconnection-http-request.httpurlconnection-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.httpurlconnection-http-request.httpurlconnection-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.nginx.security.header-redefinition.header-redefinition",
+              "name": "generic.nginx.security.header-redefinition.header-redefinition",
+              "short_description": {
+                "text": "Semgrep Finding: generic.nginx.security.header-redefinition.header-redefinition"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in an aiopg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can create parameterized queries like so: 'cur.execute(\"SELECT %s FROM table\", (user_value,))'."
+              "full_description": {
+                "text": "The 'add_header' directive is called in a 'location' block after headers have been set at the server block. Calling 'add_header' in the location block will actually overwrite the headers defined in the server block, no matter which headers are set. To fix this, explicitly set all headers or set all headers in the server block."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.nginx.security.header-redefinition.header-redefinition",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in an aiopg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can create parameterized queries like so: 'cur.execute(\"SELECT %s FROM table\", (user_value,))'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.sqli.aiopg-sqli.aiopg-sqli)\n - [https://github.com/aio-libs/aiopg](https://github.com/aio-libs/aiopg)\n",
-                "text": "Detected string concatenation with a non-literal variable in an aiopg Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can create parameterized queries like so: 'cur.execute(\"SELECT %s FROM table\", (user_value,))'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The 'add_header' directive is called in a 'location' block after headers have been set at the server block. Calling 'add_header' in the location block will actually overwrite the headers defined in the server block, no matter which headers are set. To fix this, explicitly set all headers or set all headers in the server block.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The 'add_header' directive is called in a 'location' block after headers have been set at the server block. Calling 'add_header' in the location block will actually overwrite the headers defined in the server block, no matter which headers are set. To fix this, explicitly set all headers or set all headers in the server block.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.header-redefinition.header-redefinition)\n - [https://github.com/yandex/gixy/blob/master/docs/en/plugins/addheaderredefinition.md](https://github.com/yandex/gixy/blob/master/docs/en/plugins/addheaderredefinition.md)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.sqli.aiopg-sqli.aiopg-sqli",
-              "id": "python.lang.security.audit.sqli.aiopg-sqli.aiopg-sqli",
-              "name": "python.lang.security.audit.sqli.aiopg-sqli.aiopg-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-16: CWE CATEGORY: Configuration",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.sqli.aiopg-sqli.aiopg-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.pycryptodome.security.insecure-hash-algorithm-md5.insecure-hash-algorithm-md5",
+              "name": "python.pycryptodome.security.insecure-hash-algorithm-md5.insecure-hash-algorithm-md5",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insecure-hash-algorithm-md5.insecure-hash-algorithm-md5"
               },
-              "fullDescription": {
-                "text": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead."
+              "full_description": {
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md5.insecure-hash-algorithm-md5",
               "help": {
-                "markdown": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.bad-hexa-conversion.bad-hexa-conversion)\n - [https://cwe.mitre.org/data/definitions/704.html](https://cwe.mitre.org/data/definitions/704.html)\n",
-                "text": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md5.insecure-hash-algorithm-md5)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.bad-hexa-conversion.bad-hexa-conversion",
-              "id": "java.lang.security.audit.bad-hexa-conversion.bad-hexa-conversion",
-              "name": "java.lang.security.audit.bad-hexa-conversion.bad-hexa-conversion",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-704: Incorrect Type Conversion or Cast",
-                  "LOW CONFIDENCE",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.bad-hexa-conversion.bad-hexa-conversion"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.cryptography.security.insecure-cipher-algorithms.insecure-cipher-algorithm-idea",
+              "name": "python.cryptography.security.insecure-cipher-algorithms.insecure-cipher-algorithm-idea",
+              "short_description": {
+                "text": "Semgrep Finding: python.cryptography.security.insecure-cipher-algorithms.insecure-cipher-algorithm-idea"
               },
-              "fullDescription": {
-                "text": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path."
+              "full_description": {
+                "text": "IDEA (International Data Encryption Algorithm) is a block cipher created in 1991.  It is an optional component of the OpenPGP standard. This cipher is susceptible to attacks when using weak keys.  It is recommended that you do not use this cipher for new applications. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms.insecure-cipher-algorithm-idea",
               "help": {
-                "markdown": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.jax-rs.security.jax-rs-path-traversal.jax-rs-path-traversal)\n - [https://www.owasp.org/index.php/Path_Traversal](https://www.owasp.org/index.php/Path_Traversal)\n",
-                "text": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "IDEA (International Data Encryption Algorithm) is a block cipher created in 1991.  It is an optional component of the OpenPGP standard. This cipher is susceptible to attacks when using weak keys.  It is recommended that you do not use this cipher for new applications. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "IDEA (International Data Encryption Algorithm) is a block cipher created in 1991.  It is an optional component of the OpenPGP standard. This cipher is susceptible to attacks when using weak keys.  It is recommended that you do not use this cipher for new applications. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms.insecure-cipher-algorithm-idea)\n - [https://tools.ietf.org/html/rfc5469](https://tools.ietf.org/html/rfc5469)\n - [https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.IDEA](https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.IDEA)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.jax-rs.security.jax-rs-path-traversal.jax-rs-path-traversal",
-              "id": "java.jax-rs.security.jax-rs-path-traversal.jax-rs-path-traversal",
-              "name": "java.jax-rs.security.jax-rs-path-traversal.jax-rs-path-traversal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.jax-rs.security.jax-rs-path-traversal.jax-rs-path-traversal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag",
+              "name": "java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag"
               },
-              "fullDescription": {
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`django.shortcuts.render`) which will safely render HTML instead."
+              "full_description": {
+                "text": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag",
               "help": {
-                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`django.shortcuts.render`) which will safely render HTML instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.raw-html-format.raw-html-format)\n - [https://docs.djangoproject.com/en/3.2/topics/http/shortcuts/#render](https://docs.djangoproject.com/en/3.2/topics/http/shortcuts/#render)\n - [https://docs.djangoproject.com/en/3.2/topics/security/#cross-site-scripting-xss-protection](https://docs.djangoproject.com/en/3.2/topics/security/#cross-site-scripting-xss-protection)\n",
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`django.shortcuts.render`) which will safely render HTML instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.raw-html-format.raw-html-format",
-              "id": "python.django.security.injection.raw-html-format.raw-html-format",
-              "name": "python.django.security.injection.raw-html-format.raw-html-format",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "LOW CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.raw-html-format.raw-html-format"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions2.disallow-old-tls-versions2",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions2.disallow-old-tls-versions2",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions2.disallow-old-tls-versions2"
               },
-              "fullDescription": {
-                "text": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege."
+              "full_description": {
+                "text": "Detects setting client protocols to insecure versions of TLS and SSL. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions2.disallow-old-tls-versions2",
               "help": {
-                "markdown": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-iam-admin-policy-ssoadmin.aws-iam-admin-policy-ssoadmin)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n",
-                "text": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detects setting client protocols to insecure versions of TLS and SSL. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detects setting client protocols to insecure versions of TLS and SSL. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions2.disallow-old-tls-versions2)\n - [https://stackoverflow.com/questions/26504653/is-it-possible-to-disable-sslv3-for-all-java-applications](https://stackoverflow.com/questions/26504653/is-it-possible-to-disable-sslv3-for-all-java-applications)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-iam-admin-policy-ssoadmin.aws-iam-admin-policy-ssoadmin",
-              "id": "terraform.aws.security.aws-iam-admin-policy-ssoadmin.aws-iam-admin-policy-ssoadmin",
-              "name": "terraform.aws.security.aws-iam-admin-policy-ssoadmin.aws-iam-admin-policy-ssoadmin",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-iam-admin-policy-ssoadmin.aws-iam-admin-policy-ssoadmin"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret",
+              "name": "javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret"
               },
-              "fullDescription": {
-                "text": "Ensure S3 bucket object is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret",
               "help": {
-                "markdown": "Ensure S3 bucket object is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-s3-bucket-object-encrypted-with-cmk.aws-s3-bucket-object-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure S3 bucket object is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-s3-bucket-object-encrypted-with-cmk.aws-s3-bucket-object-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-s3-bucket-object-encrypted-with-cmk.aws-s3-bucket-object-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-s3-bucket-object-encrypted-with-cmk.aws-s3-bucket-object-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-s3-bucket-object-encrypted-with-cmk.aws-s3-bucket-object-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.jose.security.jwt-none-alg.jwt-none-alg",
+              "name": "javascript.jose.security.jwt-none-alg.jwt-none-alg",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.jose.security.jwt-none-alg.jwt-none-alg"
               },
-              "fullDescription": {
-                "text": "Request data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list. See https://owasp.org/www-community/attacks/Command_Injection for more information."
+              "full_description": {
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.jose.security.jwt-none-alg.jwt-none-alg",
               "help": {
-                "markdown": "Request data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list. See https://owasp.org/www-community/attacks/Command_Injection for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.command.command-injection-os-system.command-injection-os-system)\n - [https://owasp.org/www-community/attacks/Command_Injection](https://owasp.org/www-community/attacks/Command_Injection)\n",
-                "text": "Request data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list. See https://owasp.org/www-community/attacks/Command_Injection for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jose.security.jwt-none-alg.jwt-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.command.command-injection-os-system.command-injection-os-system",
-              "id": "python.django.security.injection.command.command-injection-os-system.command-injection-os-system",
-              "name": "python.django.security.injection.command.command-injection-os-system.command-injection-os-system",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.command.command-injection-os-system.command-injection-os-system"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.passwords.use-none-for-password-default.use-none-for-password-default",
+              "name": "python.django.security.passwords.use-none-for-password-default.use-none-for-password-default",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.passwords.use-none-for-password-default.use-none-for-password-default"
               },
-              "fullDescription": {
-                "text": "AWS Session Token detected"
+              "full_description": {
+                "text": "'$VAR' is using the empty string as its default and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the default value to 'None' or call 'set_unusable_password()'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.passwords.use-none-for-password-default.use-none-for-password-default",
               "help": {
-                "markdown": "AWS Session Token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-aws-session-token.detected-aws-session-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "AWS Session Token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'$VAR' is using the empty string as its default and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the default value to 'None' or call 'set_unusable_password()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'$VAR' is using the empty string as its default and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the default value to 'None' or call 'set_unusable_password()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.passwords.use-none-for-password-default.use-none-for-password-default)\n - [https://docs.djangoproject.com/en/3.0/ref/contrib/auth/#django.contrib.auth.models.User.set_password](https://docs.djangoproject.com/en/3.0/ref/contrib/auth/#django.contrib.auth.models.User.set_password)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-aws-session-token.detected-aws-session-token",
-              "id": "generic.secrets.security.detected-aws-session-token.detected-aws-session-token",
-              "name": "generic.secrets.security.detected-aws-session-token.detected-aws-session-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
+                  "CWE-521: Weak Password Requirements",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-aws-session-token.detected-aws-session-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.custom-expression-as-sql.custom-expression-as-sql",
+              "name": "python.django.security.audit.custom-expression-as-sql.custom-expression-as-sql",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.custom-expression-as-sql.custom-expression-as-sql"
               },
-              "fullDescription": {
-                "text": "User-controlled data from a request is passed to 'extra()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string."
+              "full_description": {
+                "text": "Detected a Custom Expression ''$EXPRESSION'' calling ''as_sql(...).'' This could lead to SQL injection, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.custom-expression-as-sql.custom-expression-as-sql",
               "help": {
-                "markdown": "User-controlled data from a request is passed to 'extra()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-extra.sql-injection-using-extra-where)\n - [https://docs.djangoproject.com/en/3.0/ref/models/expressions/#.objects.extra](https://docs.djangoproject.com/en/3.0/ref/models/expressions/#.objects.extra)\n",
-                "text": "User-controlled data from a request is passed to 'extra()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a Custom Expression ''$EXPRESSION'' calling ''as_sql(...).'' This could lead to SQL injection, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a Custom Expression ''$EXPRESSION'' calling ''as_sql(...).'' This could lead to SQL injection, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.custom-expression-as-sql.custom-expression-as-sql)\n - [https://docs.djangoproject.com/en/3.0/ref/models/expressions/#django.db.models.Func.as_sql](https://docs.djangoproject.com/en/3.0/ref/models/expressions/#django.db.models.Func.as_sql)\n - [https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/](https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-extra.sql-injection-using-extra-where",
-              "id": "python.django.security.injection.sql.sql-injection-extra.sql-injection-using-extra-where",
-              "name": "python.django.security.injection.sql.sql-injection-extra.sql-injection-using-extra-where",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.sql.sql-injection-extra.sql-injection-using-extra-where"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_TESTING",
+              "name": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_TESTING",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_TESTING"
               },
-              "fullDescription": {
-                "text": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
+              "full_description": {
+                "text": "Hardcoded variable `TESTING` detected. Use environment variables or config files instead"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_TESTING",
               "help": {
-                "markdown": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.dangerous-groovy-shell.dangerous-groovy-shell)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "A expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Hardcoded variable `TESTING` detected. Use environment variables or config files instead\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Hardcoded variable `TESTING` detected. Use environment variables or config files instead\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_TESTING)\n - [https://bento.dev/checks/flask/avoid-hardcoded-config/](https://bento.dev/checks/flask/avoid-hardcoded-config/)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.dangerous-groovy-shell.dangerous-groovy-shell",
-              "id": "java.lang.security.audit.dangerous-groovy-shell.dangerous-groovy-shell",
-              "name": "java.lang.security.audit.dangerous-groovy-shell.dangerous-groovy-shell",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-489: Active Debug Code",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.dangerous-groovy-shell.dangerous-groovy-shell"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.unvalidated-redirect.unvalidated-redirect",
+              "name": "java.lang.security.audit.unvalidated-redirect.unvalidated-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.unvalidated-redirect.unvalidated-redirect"
               },
-              "fullDescription": {
-                "text": "Ensure AWS Redshift cluster is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Application redirects to a destination URL specified by a user-supplied parameter that is not validated. This could direct users to malicious locations. Consider using an allowlist to validate URLs."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.unvalidated-redirect.unvalidated-redirect",
               "help": {
-                "markdown": "Ensure AWS Redshift cluster is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-redshift-cluster-encrypted-with-cmk.aws-redshift-cluster-encrypted-with-cmk)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Ensure AWS Redshift cluster is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Application redirects to a destination URL specified by a user-supplied parameter that is not validated. This could direct users to malicious locations. Consider using an allowlist to validate URLs.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Application redirects to a destination URL specified by a user-supplied parameter that is not validated. This could direct users to malicious locations. Consider using an allowlist to validate URLs.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.unvalidated-redirect.unvalidated-redirect)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-redshift-cluster-encrypted-with-cmk.aws-redshift-cluster-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-redshift-cluster-encrypted-with-cmk.aws-redshift-cluster-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-redshift-cluster-encrypted-with-cmk.aws-redshift-cluster-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
-                  "LOW CONFIDENCE",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-redshift-cluster-encrypted-with-cmk.aws-redshift-cluster-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "go.lang.security.audit.sqli.gosql-sqli.gosql-sqli",
+              "name": "go.lang.security.audit.sqli.gosql-sqli.gosql-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.sqli.gosql-sqli.gosql-sqli"
               },
-              "fullDescription": {
-                "text": "Detected a call to `$FUNC()` in an attempt to HTML escape the string `$STR`. Manually sanitizing input through a manually built list can be circumvented in many situations, and it's better to use a well known sanitization library such as `sanitize-html` or `DOMPurify`."
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a \"database/sql\" Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.sqli.gosql-sqli.gosql-sqli",
               "help": {
-                "markdown": "Detected a call to `$FUNC()` in an attempt to HTML escape the string `$STR`. Manually sanitizing input through a manually built list can be circumvented in many situations, and it's better to use a well known sanitization library such as `sanitize-html` or `DOMPurify`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization)\n - [https://www.npmjs.com/package/dompurify](https://www.npmjs.com/package/dompurify)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)\n",
-                "text": "Detected a call to `$FUNC()` in an attempt to HTML escape the string `$STR`. Manually sanitizing input through a manually built list can be circumvented in many situations, and it's better to use a well known sanitization library such as `sanitize-html` or `DOMPurify`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in a \"database/sql\" Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a \"database/sql\" Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.sqli.gosql-sqli.gosql-sqli)\n - [https://golang.org/pkg/database/sql/](https://golang.org/pkg/database/sql/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization",
-              "id": "javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization",
-              "name": "javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.fbjs.security.audit.insecure-createnodesfrommarkup.insecure-createnodesfrommarkup",
+              "name": "javascript.fbjs.security.audit.insecure-createnodesfrommarkup.insecure-createnodesfrommarkup",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.fbjs.security.audit.insecure-createnodesfrommarkup.insecure-createnodesfrommarkup"
               },
-              "fullDescription": {
-                "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized."
+              "full_description": {
+                "text": "User controlled data in a `createNodesFromMarkup` is an anti-pattern that can lead to XSS vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.fbjs.security.audit.insecure-createnodesfrommarkup.insecure-createnodesfrommarkup",
               "help": {
-                "markdown": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.request-data-write.request-data-write)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User controlled data in a `createNodesFromMarkup` is an anti-pattern that can lead to XSS vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User controlled data in a `createNodesFromMarkup` is an anti-pattern that can lead to XSS vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.fbjs.security.audit.insecure-createnodesfrommarkup.insecure-createnodesfrommarkup)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.request-data-write.request-data-write",
-              "id": "python.django.security.injection.request-data-write.request-data-write",
-              "name": "python.django.security.injection.request-data-write.request-data-write",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.request-data-write.request-data-write"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.nginx.security.alias-path-traversal.alias-path-traversal",
+              "name": "generic.nginx.security.alias-path-traversal.alias-path-traversal",
+              "short_description": {
+                "text": "Semgrep Finding: generic.nginx.security.alias-path-traversal.alias-path-traversal"
               },
-              "fullDescription": {
-                "text": "Checks if code allows cookies to be deserialized using Marshal. If the attacker can craft a valid cookie, this could lead to remote code execution. The hybrid check is just to warn users to migrate to :json for best practice."
+              "full_description": {
+                "text": "The alias in this location block is subject to a path traversal because the location path does not end in a path separator (e.g., '/'). To fix, add a path separator to the end of the path."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.nginx.security.alias-path-traversal.alias-path-traversal",
               "help": {
-                "markdown": "Checks if code allows cookies to be deserialized using Marshal. If the attacker can craft a valid cookie, this could lead to remote code execution. The hybrid check is just to warn users to migrate to :json for best practice.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.cookie-serialization.cookie-serialization)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_cookie_serialization.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_cookie_serialization.rb)\n - [https://robertheaton.com/2013/07/22/how-to-hack-a-rails-app-using-its-secret-token/](https://robertheaton.com/2013/07/22/how-to-hack-a-rails-app-using-its-secret-token/)\n",
-                "text": "Checks if code allows cookies to be deserialized using Marshal. If the attacker can craft a valid cookie, this could lead to remote code execution. The hybrid check is just to warn users to migrate to :json for best practice.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The alias in this location block is subject to a path traversal because the location path does not end in a path separator (e.g., '/'). To fix, add a path separator to the end of the path.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The alias in this location block is subject to a path traversal because the location path does not end in a path separator (e.g., '/'). To fix, add a path separator to the end of the path.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.alias-path-traversal.alias-path-traversal)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n - [https://www.acunetix.com/vulnerabilities/web/path-traversal-via-misconfigured-nginx-alias/](https://www.acunetix.com/vulnerabilities/web/path-traversal-via-misconfigured-nginx-alias/)\n - [https://www.youtube.com/watch?v=CIhHpkybYsY](https://www.youtube.com/watch?v=CIhHpkybYsY)\n - [https://github.com/orangetw/My-Presentation-Slides/blob/main/data/2018-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out.pdf](https://github.com/orangetw/My-Presentation-Slides/blob/main/data/2018-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.cookie-serialization.cookie-serialization",
-              "id": "ruby.lang.security.cookie-serialization.cookie-serialization",
-              "name": "ruby.lang.security.cookie-serialization.cookie-serialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.cookie-serialization.cookie-serialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.jwt-go.security.jwt-none-alg.jwt-go-none-algorithm",
+              "name": "go.jwt-go.security.jwt-none-alg.jwt-go-none-algorithm",
+              "short_description": {
+                "text": "Semgrep Finding: go.jwt-go.security.jwt-none-alg.jwt-go-none-algorithm"
               },
-              "fullDescription": {
-                "text": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct."
+              "full_description": {
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.jwt-go.security.jwt-none-alg.jwt-go-none-algorithm",
               "help": {
-                "markdown": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.gorilla.security.audit.session-cookie-missing-secure.session-cookie-missing-secure)\n - [https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/user/session/session.go#L69](https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/user/session/session.go#L69)\n",
-                "text": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.jwt-go.security.jwt-none-alg.jwt-go-none-algorithm)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.gorilla.security.audit.session-cookie-missing-secure.session-cookie-missing-secure",
-              "id": "go.gorilla.security.audit.session-cookie-missing-secure.session-cookie-missing-secure",
-              "name": "go.gorilla.security.audit.session-cookie-missing-secure.session-cookie-missing-secure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.gorilla.security.audit.session-cookie-missing-secure.session-cookie-missing-secure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.unsafe-reflection.unsafe-reflection",
+              "name": "java.lang.security.audit.unsafe-reflection.unsafe-reflection",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.unsafe-reflection.unsafe-reflection"
               },
-              "fullDescription": {
-                "text": "Mailgun API Key detected"
+              "full_description": {
+                "text": "If an attacker can supply values that the application then uses to determine which class to instantiate or which method to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.unsafe-reflection.unsafe-reflection",
               "help": {
-                "markdown": "Mailgun API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Mailgun API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If an attacker can supply values that the application then uses to determine which class to instantiate or which method to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If an attacker can supply values that the application then uses to determine which class to instantiate or which method to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.unsafe-reflection.unsafe-reflection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key",
-              "id": "generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key",
-              "name": "generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-square-access-token.detected-square-access-token",
+              "name": "generic.secrets.security.detected-square-access-token.detected-square-access-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-square-access-token.detected-square-access-token"
               },
-              "fullDescription": {
-                "text": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'"
+              "full_description": {
+                "text": "Square Access Token detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-square-access-token.detected-square-access-token",
               "help": {
-                "markdown": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.cookie-missing-httponly.cookie-missing-httponly)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n",
-                "text": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Square Access Token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Square Access Token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-square-access-token.detected-square-access-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.cookie-missing-httponly.cookie-missing-httponly",
-              "id": "kotlin.lang.security.cookie-missing-httponly.cookie-missing-httponly",
-              "name": "kotlin.lang.security.cookie-missing-httponly.cookie-missing-httponly",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.cookie-missing-httponly.cookie-missing-httponly"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.compatibility.python37.python37-compatibility-httpsconn",
+              "name": "python.lang.compatibility.python37.python37-compatibility-httpsconn",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-httpsconn"
               },
-              "fullDescription": {
-                "text": "Found an insecure gRPC connection. This creates a connection without encryption to a gRPC client/server. A malicious attacker could tamper with the gRPC message, which could compromise the machine."
+              "full_description": {
+                "text": "Found usage of the 'blocksize' argument in a HTTPSConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-httpsconn",
               "help": {
-                "markdown": "Found an insecure gRPC connection. This creates a connection without encryption to a gRPC client/server. A malicious attacker could tamper with the gRPC message, which could compromise the machine.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.grpc.security.grpc-nodejs-insecure-connection.grpc-nodejs-insecure-connection)\n - [https://blog.gopheracademy.com/advent-2017/go-grpc-beyond-basics/#:~:text=disables%20transport%20security](https://blog.gopheracademy.com/advent-2017/go-grpc-beyond-basics/#:~:text=disables%20transport%20security)\n",
-                "text": "Found an insecure gRPC connection. This creates a connection without encryption to a gRPC client/server. A malicious attacker could tamper with the gRPC message, which could compromise the machine.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found usage of the 'blocksize' argument in a HTTPSConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found usage of the 'blocksize' argument in a HTTPSConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-httpsconn)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.grpc.security.grpc-nodejs-insecure-connection.grpc-nodejs-insecure-connection",
-              "id": "javascript.grpc.security.grpc-nodejs-insecure-connection.grpc-nodejs-insecure-connection",
-              "name": "javascript.grpc.security.grpc-nodejs-insecure-connection.grpc-nodejs-insecure-connection",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.grpc.security.grpc-nodejs-insecure-connection.grpc-nodejs-insecure-connection"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-insecure-redshift-ssl-configuration.aws-insecure-redshift-ssl-configuration",
+              "name": "terraform.aws.security.aws-insecure-redshift-ssl-configuration.aws-insecure-redshift-ssl-configuration",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-insecure-redshift-ssl-configuration.aws-insecure-redshift-ssl-configuration"
               },
-              "fullDescription": {
-                "text": "Directory listing/indexing is enabled, which may lead to disclosure of sensitive directories and files. It is recommended to disable directory listing unless it is a public resource. If you need directory listing, ensure that sensitive files are inaccessible when querying the resource."
+              "full_description": {
+                "text": "Detected an AWS Redshift configuration with a SSL disabled. To fix this, set your `require_ssl` to `\"true\"`."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-insecure-redshift-ssl-configuration.aws-insecure-redshift-ssl-configuration",
               "help": {
-                "markdown": "Directory listing/indexing is enabled, which may lead to disclosure of sensitive directories and files. It is recommended to disable directory listing unless it is a public resource. If you need directory listing, ensure that sensitive files are inaccessible when querying the resource.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing)\n - [https://www.npmjs.com/package/serve-index](https://www.npmjs.com/package/serve-index)\n - [https://www.acunetix.com/blog/articles/directory-listing-information-disclosure/](https://www.acunetix.com/blog/articles/directory-listing-information-disclosure/)\n",
-                "text": "Directory listing/indexing is enabled, which may lead to disclosure of sensitive directories and files. It is recommended to disable directory listing unless it is a public resource. If you need directory listing, ensure that sensitive files are inaccessible when querying the resource.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an AWS Redshift configuration with a SSL disabled. To fix this, set your `require_ssl` to `\"true\"`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an AWS Redshift configuration with a SSL disabled. To fix this, set your `require_ssl` to `\"true\"`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-insecure-redshift-ssl-configuration.aws-insecure-redshift-ssl-configuration)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing",
-              "id": "javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing",
-              "name": "javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-548: Exposure of Information Through Directory Listing",
+                  "CWE-326: Inadequate Encryption Strength",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.dotnet.security.net-webconfig-trace-enabled.net-webconfig-trace-enabled",
+              "name": "csharp.dotnet.security.net-webconfig-trace-enabled.net-webconfig-trace-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.dotnet.security.net-webconfig-trace-enabled.net-webconfig-trace-enabled"
               },
-              "fullDescription": {
-                "text": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher."
+              "full_description": {
+                "text": "OWASP guidance recommends disabling tracing for production applications to prevent accidental leakage of sensitive application information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.dotnet.security.net-webconfig-trace-enabled.net-webconfig-trace-enabled",
               "help": {
-                "markdown": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insufficient-dsa-key-size.insufficient-dsa-key-size)\n - [https://www.cosic.esat.kuleuven.be/ecrypt/ecrypt2/documents/D.SPA.20.pdf](https://www.cosic.esat.kuleuven.be/ecrypt/ecrypt2/documents/D.SPA.20.pdf)\n - [https://cryptography.io/en/latest/hazmat/primitives/asymmetric/dsa/](https://cryptography.io/en/latest/hazmat/primitives/asymmetric/dsa/)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n",
-                "text": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "OWASP guidance recommends disabling tracing for production applications to prevent accidental leakage of sensitive application information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "OWASP guidance recommends disabling tracing for production applications to prevent accidental leakage of sensitive application information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.net-webconfig-trace-enabled.net-webconfig-trace-enabled)\n - [https://cheatsheetseries.owasp.org/cheatsheets/DotNet_Security_Cheat_Sheet.html#asp-net-web-forms-guidance](https://cheatsheetseries.owasp.org/cheatsheets/DotNet_Security_Cheat_Sheet.html#asp-net-web-forms-guidance)\n - [https://msdn.microsoft.com/en-us/library/e8z01xdh.aspx](https://msdn.microsoft.com/en-us/library/e8z01xdh.aspx)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.cryptography.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
-              "id": "python.cryptography.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
-              "name": "python.cryptography.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-1323: Improper Management of Sensitive Trace Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.cryptography.security.insufficient-dsa-key-size.insufficient-dsa-key-size"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.hashids-with-flask-secret.hashids-with-flask-secret",
+              "name": "python.flask.security.hashids-with-flask-secret.hashids-with-flask-secret",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.hashids-with-flask-secret.hashids-with-flask-secret"
               },
-              "fullDescription": {
-                "text": "Checks for requests sent via http.NewRequest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
+              "full_description": {
+                "text": "The Flask secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Flask secret key can be obtained by attackers, through the HashIDs."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.hashids-with-flask-secret.hashids-with-flask-secret",
               "help": {
-                "markdown": "Checks for requests sent via http.NewRequest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.http-customized-request.http-customized-request)\n - [https://golang.org/pkg/net/http/#NewRequest](https://golang.org/pkg/net/http/#NewRequest)\n",
-                "text": "Checks for requests sent via http.NewRequest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The Flask secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Flask secret key can be obtained by attackers, through the HashIDs.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The Flask secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Flask secret key can be obtained by attackers, through the HashIDs.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.hashids-with-flask-secret.hashids-with-flask-secret)\n - [https://flask.palletsprojects.com/en/2.2.x/config/#SECRET_KEY](https://flask.palletsprojects.com/en/2.2.x/config/#SECRET_KEY)\n - [http://carnage.github.io/2015/08/cryptanalysis-of-hashids](http://carnage.github.io/2015/08/cryptanalysis-of-hashids)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.http-customized-request.http-customized-request",
-              "id": "problem-based-packs.insecure-transport.go-stdlib.http-customized-request.http-customized-request",
-              "name": "problem-based-packs.insecure-transport.go-stdlib.http-customized-request.http-customized-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 – Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.http-customized-request.http-customized-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.compound-sweeptoken-not-restricted.compound-sweeptoken-not-restricted",
+              "name": "solidity.security.compound-sweeptoken-not-restricted.compound-sweeptoken-not-restricted",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.compound-sweeptoken-not-restricted.compound-sweeptoken-not-restricted"
               },
-              "fullDescription": {
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              "full_description": {
+                "text": "Function sweepToken is allowed to be called by anyone"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.compound-sweeptoken-not-restricted.compound-sweeptoken-not-restricted",
               "help": {
-                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.use-of-md5.use-of-md5)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Function sweepToken is allowed to be called by anyone\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Function sweepToken is allowed to be called by anyone\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.compound-sweeptoken-not-restricted.compound-sweeptoken-not-restricted)\n - [https://medium.com/chainsecurity/trueusd-compound-vulnerability-bc5b696d29e2](https://medium.com/chainsecurity/trueusd-compound-vulnerability-bc5b696d29e2)\n - [https://chainsecurity.com/security-audit/compound-ctoken/](https://chainsecurity.com/security-audit/compound-ctoken/)\n - [https://blog.openzeppelin.com/compound-comprehensive-protocol-audit/](https://blog.openzeppelin.com/compound-comprehensive-protocol-audit/)\n - [https://etherscan.io/address/0xa035b9e130f2b1aedc733eefb1c67ba4c503491f](https://etherscan.io/address/0xa035b9e130f2b1aedc733eefb1c67ba4c503491f)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.use-of-md5.use-of-md5",
-              "id": "kotlin.lang.security.use-of-md5.use-of-md5",
-              "name": "kotlin.lang.security.use-of-md5.use-of-md5",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-328: Use of Weak Hash",
+                  "CWE-284: Improper Access Control",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.use-of-md5.use-of-md5"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.ssrf.rest-client.ssrf",
+              "name": "csharp.lang.security.ssrf.rest-client.ssrf",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.ssrf.rest-client.ssrf"
               },
-              "fullDescription": {
-                "text": "Using RSA without OAEP mode weakens the encryption."
+              "full_description": {
+                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.ssrf.rest-client.ssrf",
               "help": {
-                "markdown": "Using RSA without OAEP mode weakens the encryption.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.rsa-no-padding.rsa-no-padding)\n - [https://rdist.root.org/2009/10/06/why-rsa-encryption-padding-is-critical/](https://rdist.root.org/2009/10/06/why-rsa-encryption-padding-is-critical/)\n",
-                "text": "Using RSA without OAEP mode weakens the encryption.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.ssrf.rest-client.ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.rsa-no-padding.rsa-no-padding",
-              "id": "java.lang.security.audit.crypto.rsa-no-padding.rsa-no-padding",
-              "name": "java.lang.security.audit.crypto.rsa-no-padding.rsa-no-padding",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.rsa-no-padding.rsa-no-padding"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.injection.user-exec.exec-injection",
+              "name": "python.flask.security.injection.user-exec.exec-injection",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.injection.user-exec.exec-injection"
               },
-              "fullDescription": {
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `render template` and make template files which will safely render HTML instead, or inspect that the HTML is absolutely rendered safely with a function like `sanitize`."
+              "full_description": {
+                "text": "Detected user data flowing into exec. This is code injection and should be avoided."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.injection.user-exec.exec-injection",
               "help": {
-                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `render template` and make template files which will safely render HTML instead, or inspect that the HTML is absolutely rendered safely with a function like `sanitize`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.injection.raw-html-format.raw-html-format)\n - [https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/](https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/)\n - [https://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html](https://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html)\n",
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `render template` and make template files which will safely render HTML instead, or inspect that the HTML is absolutely rendered safely with a function like `sanitize`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user data flowing into exec. This is code injection and should be avoided.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user data flowing into exec. This is code injection and should be avoided.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.user-exec.exec-injection)\n - [https://nedbatchelder.com/blog/201206/exec_really_is_dangerous.html](https://nedbatchelder.com/blog/201206/exec_really_is_dangerous.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.injection.raw-html-format.raw-html-format",
-              "id": "ruby.rails.security.injection.raw-html-format.raw-html-format",
-              "name": "ruby.rails.security.injection.raw-html-format.raw-html-format",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.injection.raw-html-format.raw-html-format"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.nginx.security.dynamic-proxy-host.dynamic-proxy-host",
+              "name": "generic.nginx.security.dynamic-proxy-host.dynamic-proxy-host",
+              "short_description": {
+                "text": "Semgrep Finding: generic.nginx.security.dynamic-proxy-host.dynamic-proxy-host"
               },
-              "fullDescription": {
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              "full_description": {
+                "text": "The host for this proxy URL is dynamically determined. This can be dangerous if the host can be injected by an attacker because it may forcibly alter destination of the proxy. Consider hardcoding acceptable destinations and retrieving them with 'map' or something similar."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.nginx.security.dynamic-proxy-host.dynamic-proxy-host",
               "help": {
-                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The host for this proxy URL is dynamically determined. This can be dangerous if the host can be injected by an attacker because it may forcibly alter destination of the proxy. Consider hardcoding acceptable destinations and retrieving them with 'map' or something similar.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The host for this proxy URL is dynamically determined. This can be dangerous if the host can be injected by an attacker because it may forcibly alter destination of the proxy. Consider hardcoding acceptable destinations and retrieving them with 'map' or something similar.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.dynamic-proxy-host.dynamic-proxy-host)\n - [https://nginx.org/en/docs/http/ngx_http_map_module.html](https://nginx.org/en/docs/http/ngx_http_map_module.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1",
-              "id": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1",
-              "name": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-328: Use of Weak Hash",
+                  "CWE-441: Unintended Proxy or Intermediary ('Confused Deputy')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.base-convert-loses-precision.base-convert-loses-precision",
+              "name": "php.lang.security.base-convert-loses-precision.base-convert-loses-precision",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.base-convert-loses-precision.base-convert-loses-precision"
               },
-              "fullDescription": {
-                "text": "Checks for cases where java applications are allowing unsafe renegotiation. This leaves the application vulnerable to a man-in-the-middle attack where chosen plain text is injected as prefix to a TLS connection."
+              "full_description": {
+                "text": "The function base_convert uses 64-bit numbers internally, and does not correctly convert large numbers. It is not suitable for random tokens such as those used for session tokens or CSRF tokens."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.base-convert-loses-precision.base-convert-loses-precision",
               "help": {
-                "markdown": "Checks for cases where java applications are allowing unsafe renegotiation. This leaves the application vulnerable to a man-in-the-middle attack where chosen plain text is injected as prefix to a TLS connection.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.tls-renegotiation.tls-renegotiation)\n - [https://www.oracle.com/java/technologies/javase/tlsreadme.html](https://www.oracle.com/java/technologies/javase/tlsreadme.html)\n",
-                "text": "Checks for cases where java applications are allowing unsafe renegotiation. This leaves the application vulnerable to a man-in-the-middle attack where chosen plain text is injected as prefix to a TLS connection.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The function base_convert uses 64-bit numbers internally, and does not correctly convert large numbers. It is not suitable for random tokens such as those used for session tokens or CSRF tokens.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The function base_convert uses 64-bit numbers internally, and does not correctly convert large numbers. It is not suitable for random tokens such as those used for session tokens or CSRF tokens.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.base-convert-loses-precision.base-convert-loses-precision)\n - [https://www.php.net/base_convert](https://www.php.net/base_convert)\n - [https://www.sjoerdlangkemper.nl/2017/03/15/dont-use-base-convert-on-random-tokens/](https://www.sjoerdlangkemper.nl/2017/03/15/dont-use-base-convert-on-random-tokens/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.tls-renegotiation.tls-renegotiation",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.tls-renegotiation.tls-renegotiation",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.tls-renegotiation.tls-renegotiation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-190: Integer Overflow or Wraparound",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.tls-renegotiation.tls-renegotiation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.aws-cdk.security.awscdk-bucket-grantpublicaccessmethod.awscdk-bucket-grantpublicaccessmethod",
+              "name": "typescript.aws-cdk.security.awscdk-bucket-grantpublicaccessmethod.awscdk-bucket-grantpublicaccessmethod",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.aws-cdk.security.awscdk-bucket-grantpublicaccessmethod.awscdk-bucket-grantpublicaccessmethod"
               },
-              "fullDescription": {
-                "text": "'input_line' leaves a '\\r' (CR) character when reading lines from a Windows text file, whose lines end in \"\\r\\n\" (CRLF). This is a problem for any Windows file that is being read either on a Unix-like platform or on Windows in binary mode. If the code already takes care of removing any trailing '\\r' after reading the line, add a '(* nosemgrep *)' comment to disable this warning."
+              "full_description": {
+                "text": "Using the GrantPublicAccess method on bucket contruct $X will make the objects in the bucket world accessible. Verify if this is intentional."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/typescript.aws-cdk.security.awscdk-bucket-grantpublicaccessmethod.awscdk-bucket-grantpublicaccessmethod",
               "help": {
-                "markdown": "'input_line' leaves a '\\r' (CR) character when reading lines from a Windows text file, whose lines end in \"\\r\\n\" (CRLF). This is a problem for any Windows file that is being read either on a Unix-like platform or on Windows in binary mode. If the code already takes care of removing any trailing '\\r' after reading the line, add a '(* nosemgrep *)' comment to disable this warning.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.portability.crlf-support.broken-input-line)\n",
-                "text": "'input_line' leaves a '\\r' (CR) character when reading lines from a Windows text file, whose lines end in \"\\r\\n\" (CRLF). This is a problem for any Windows file that is being read either on a Unix-like platform or on Windows in binary mode. If the code already takes care of removing any trailing '\\r' after reading the line, add a '(* nosemgrep *)' comment to disable this warning.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using the GrantPublicAccess method on bucket contruct $X will make the objects in the bucket world accessible. Verify if this is intentional.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using the GrantPublicAccess method on bucket contruct $X will make the objects in the bucket world accessible. Verify if this is intentional.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.aws-cdk.security.awscdk-bucket-grantpublicaccessmethod.awscdk-bucket-grantpublicaccessmethod)\n - [https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-overview.html](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-overview.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ocaml.lang.portability.crlf-support.broken-input-line",
-              "id": "ocaml.lang.portability.crlf-support.broken-input-line",
-              "name": "ocaml.lang.portability.crlf-support.broken-input-line",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ocaml.lang.portability.crlf-support.broken-input-line"
+                "tags": [
+                  "CWE-306: Missing Authentication for Critical Function",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.visualforce.security.ncino.vf.xssfromunescapedurlparam.xss-from-unescaped-url-param",
+              "name": "generic.visualforce.security.ncino.vf.xssfromunescapedurlparam.xss-from-unescaped-url-param",
+              "short_description": {
+                "text": "Semgrep Finding: generic.visualforce.security.ncino.vf.xssfromunescapedurlparam.xss-from-unescaped-url-param"
               },
-              "fullDescription": {
-                "text": "os.preadv() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use a combination of os.readv() and os.pread()."
+              "full_description": {
+                "text": "To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts. Please update your code to use either the JSENCODE method to escape URL parameters or the escape=\"true\" attribute on <apex:outputText> tags. Passing URL parameters directly into scripts and DOM sinks creates an opportunity for Cross-Site Scripting attacks. Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.visualforce.security.ncino.vf.xssfromunescapedurlparam.xss-from-unescaped-url-param",
               "help": {
-                "markdown": "os.preadv() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use a combination of os.readv() and os.pread().\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-os1)\n",
-                "text": "os.preadv() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use a combination of os.readv() and os.pread().\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts. Please update your code to use either the JSENCODE method to escape URL parameters or the escape=\"true\" attribute on <apex:outputText> tags. Passing URL parameters directly into scripts and DOM sinks creates an opportunity for Cross-Site Scripting attacks. Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts. Please update your code to use either the JSENCODE method to escape URL parameters or the escape=\"true\" attribute on <apex:outputText> tags. Passing URL parameters directly into scripts and DOM sinks creates an opportunity for Cross-Site Scripting attacks. Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.visualforce.security.ncino.vf.xssfromunescapedurlparam.xss-from-unescaped-url-param)\n - [https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/pages_security_tips_xss.htm](https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/pages_security_tips_xss.htm)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-os1",
-              "id": "python.lang.compatibility.python37.python37-compatibility-os1",
-              "name": "python.lang.compatibility.python37.python37-compatibility-os1",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-os1"
+                "tags": [
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.audit.django-rest-framework.missing-throttle-config.missing-throttle-config",
+              "name": "python.django.security.audit.django-rest-framework.missing-throttle-config.missing-throttle-config",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.django-rest-framework.missing-throttle-config.missing-throttle-config"
               },
-              "fullDescription": {
-                "text": "Telegram Bot API Key detected"
+              "full_description": {
+                "text": "Django REST framework configuration is missing default rate- limiting options. This could inadvertently allow resource starvation or Denial of Service (DoS) attacks. Add 'DEFAULT_THROTTLE_CLASSES' and 'DEFAULT_THROTTLE_RATES' to add rate-limiting to your application."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.django-rest-framework.missing-throttle-config.missing-throttle-config",
               "help": {
-                "markdown": "Telegram Bot API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Telegram Bot API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Django REST framework configuration is missing default rate- limiting options. This could inadvertently allow resource starvation or Denial of Service (DoS) attacks. Add 'DEFAULT_THROTTLE_CLASSES' and 'DEFAULT_THROTTLE_RATES' to add rate-limiting to your application.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Django REST framework configuration is missing default rate- limiting options. This could inadvertently allow resource starvation or Denial of Service (DoS) attacks. Add 'DEFAULT_THROTTLE_CLASSES' and 'DEFAULT_THROTTLE_RATES' to add rate-limiting to your application.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.django-rest-framework.missing-throttle-config.missing-throttle-config)\n - [https://www.django-rest-framework.org/api-guide/throttling/#setting-the-throttling-policy](https://www.django-rest-framework.org/api-guide/throttling/#setting-the-throttling-policy)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key",
-              "id": "generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key",
-              "name": "generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-400: Uncontrolled Resource Consumption",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-telegram-bot-api-key.detected-telegram-bot-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.ruby-stdlib.openuri-request.openuri-request",
+              "name": "problem-based-packs.insecure-transport.ruby-stdlib.openuri-request.openuri-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.ruby-stdlib.openuri-request.openuri-request"
               },
-              "fullDescription": {
-                "text": "The protocol scheme for this proxy is dynamically determined. This can be dangerous if the scheme can be injected by an attacker because it may forcibly alter the connection scheme. Consider hardcoding a scheme for this proxy."
+              "full_description": {
+                "text": "Checks for requests to http and ftp (unencrypted) sites using OpenURI."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.openuri-request.openuri-request",
               "help": {
-                "markdown": "The protocol scheme for this proxy is dynamically determined. This can be dangerous if the scheme can be injected by an attacker because it may forcibly alter the connection scheme. Consider hardcoding a scheme for this proxy.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.dynamic-proxy-scheme.dynamic-proxy-scheme)\n - [https://github.com/yandex/gixy/blob/master/docs/en/plugins/ssrf.md](https://github.com/yandex/gixy/blob/master/docs/en/plugins/ssrf.md)\n",
-                "text": "The protocol scheme for this proxy is dynamically determined. This can be dangerous if the scheme can be injected by an attacker because it may forcibly alter the connection scheme. Consider hardcoding a scheme for this proxy.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests to http and ftp (unencrypted) sites using OpenURI.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests to http and ftp (unencrypted) sites using OpenURI.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.openuri-request.openuri-request)\n - [https://ruby-doc.org/stdlib-2.6.3/libdoc/open-uri/rdoc/OpenURI.html](https://ruby-doc.org/stdlib-2.6.3/libdoc/open-uri/rdoc/OpenURI.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.nginx.security.dynamic-proxy-scheme.dynamic-proxy-scheme",
-              "id": "generic.nginx.security.dynamic-proxy-scheme.dynamic-proxy-scheme",
-              "name": "generic.nginx.security.dynamic-proxy-scheme.dynamic-proxy-scheme",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-16: CWE CATEGORY: Configuration",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.nginx.security.dynamic-proxy-scheme.dynamic-proxy-scheme"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.airflow.security.audit.formatted-string-bashoperator.formatted-string-bashoperator",
+              "name": "python.airflow.security.audit.formatted-string-bashoperator.formatted-string-bashoperator",
+              "short_description": {
+                "text": "Semgrep Finding: python.airflow.security.audit.formatted-string-bashoperator.formatted-string-bashoperator"
               },
-              "fullDescription": {
-                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli->prepare(\"INSERT INTO test(id, label) VALUES (?, ?)\");`) or a safe library."
+              "full_description": {
+                "text": "Found a formatted string in BashOperator: $CMD. This could be vulnerable to injection. Be extra sure your variables are not controllable by external sources."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.airflow.security.audit.formatted-string-bashoperator.formatted-string-bashoperator",
               "help": {
-                "markdown": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli->prepare(\"INSERT INTO test(id, label) VALUES (?, ?)\");`) or a safe library.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n",
-                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli->prepare(\"INSERT INTO test(id, label) VALUES (?, ?)\");`) or a safe library.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found a formatted string in BashOperator: $CMD. This could be vulnerable to injection. Be extra sure your variables are not controllable by external sources.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a formatted string in BashOperator: $CMD. This could be vulnerable to injection. Be extra sure your variables are not controllable by external sources.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.airflow.security.audit.formatted-string-bashoperator.formatted-string-bashoperator)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.injection.tainted-sql-string.tainted-sql-string",
-              "id": "php.lang.security.injection.tainted-sql-string.tainted-sql-string",
-              "name": "php.lang.security.injection.tainted-sql-string.tainted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.injection.tainted-sql-string.tainted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.unverified-ssl-context.unverified-ssl-context",
+              "name": "python.lang.security.unverified-ssl-context.unverified-ssl-context",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.unverified-ssl-context.unverified-ssl-context"
               },
-              "fullDescription": {
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
+              "full_description": {
+                "text": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.unverified-ssl-context.unverified-ssl-context",
               "help": {
-                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n",
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.unverified-ssl-context.unverified-ssl-context)\n - [https://docs.python.org/3/library/ssl.html#ssl-security](https://docs.python.org/3/library/ssl.html#ssl-security)\n - [https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection](https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.tainted-sql-string.tainted-sql-string",
-              "id": "javascript.aws-lambda.security.tainted-sql-string.tainted-sql-string",
-              "name": "javascript.aws-lambda.security.tainted-sql-string.tainted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-295: Improper Certificate Validation",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.tainted-sql-string.tainted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "yaml.kubernetes.security.exposing-docker-socket-hostpath.exposing-docker-socket-hostpath",
+              "name": "yaml.kubernetes.security.exposing-docker-socket-hostpath.exposing-docker-socket-hostpath",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.exposing-docker-socket-hostpath.exposing-docker-socket-hostpath"
               },
-              "fullDescription": {
-                "text": "Detected subprocess function with argument tainted by an `event` object.  If this data can be controlled by a malicious actor, it may be an instance of command injection. The default option for `shell` is False, and this is secure by default. Consider removing the `shell=True` or setting it to False explicitely. Using `shell=False` means you have to split the command string into an array of strings for the command and its arguments. You may consider using 'shlex.split()' for this purpose."
+              "full_description": {
+                "text": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from hostpath to prevent this."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.exposing-docker-socket-hostpath.exposing-docker-socket-hostpath",
               "help": {
-                "markdown": "Detected subprocess function with argument tainted by an `event` object.  If this data can be controlled by a malicious actor, it may be an instance of command injection. The default option for `shell` is False, and this is secure by default. Consider removing the `shell=True` or setting it to False explicitely. Using `shell=False` means you have to split the command string into an array of strings for the command and its arguments. You may consider using 'shlex.split()' for this purpose.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-subprocess-use.dangerous-subprocess-use)\n - [https://docs.python.org/3/library/subprocess.html](https://docs.python.org/3/library/subprocess.html)\n - [https://docs.python.org/3/library/shlex.html](https://docs.python.org/3/library/shlex.html)\n",
-                "text": "Detected subprocess function with argument tainted by an `event` object.  If this data can be controlled by a malicious actor, it may be an instance of command injection. The default option for `shell` is False, and this is secure by default. Consider removing the `shell=True` or setting it to False explicitely. Using `shell=False` means you have to split the command string into an array of strings for the command and its arguments. You may consider using 'shlex.split()' for this purpose.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from hostpath to prevent this.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from hostpath to prevent this.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.exposing-docker-socket-hostpath.exposing-docker-socket-hostpath)\n - [https://kubernetes.io/docs/concepts/storage/volumes/#hostpath](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-1-do-not-expose-the-docker-daemon-socket-even-to-the-containers](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-1-do-not-expose-the-docker-daemon-socket-even-to-the-containers)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-subprocess-use.dangerous-subprocess-use",
-              "id": "python.aws-lambda.security.dangerous-subprocess-use.dangerous-subprocess-use",
-              "name": "python.aws-lambda.security.dangerous-subprocess-use.dangerous-subprocess-use",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-250: Execution with Unnecessary Privileges",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-subprocess-use.dangerous-subprocess-use"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.azure.security.keyvault.keyvault-ensure-secret-expires.keyvault-ensure-secret-expires",
+              "name": "terraform.azure.security.keyvault.keyvault-ensure-secret-expires.keyvault-ensure-secret-expires",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.keyvault.keyvault-ensure-secret-expires.keyvault-ensure-secret-expires"
               },
-              "fullDescription": {
-                "text": "Use of AES with ECB mode detected. ECB doesn't provide message confidentiality and  is not semantically secure so should not be used. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
+              "full_description": {
+                "text": "Ensure that the expiration date is set on all secrets"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-ensure-secret-expires.keyvault-ensure-secret-expires",
               "help": {
-                "markdown": "Use of AES with ECB mode detected. ECB doesn't provide message confidentiality and  is not semantically secure so should not be used. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-aes-ecb.use-of-aes-ecb)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n - [https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html](https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html)\n",
-                "text": "Use of AES with ECB mode detected. ECB doesn't provide message confidentiality and  is not semantically secure so should not be used. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure that the expiration date is set on all secrets\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure that the expiration date is set on all secrets\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-ensure-secret-expires.keyvault-ensure-secret-expires)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#expiration_date](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#expiration_date)\n - [https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets](https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-aes-ecb.use-of-aes-ecb",
-              "id": "java.lang.security.audit.crypto.use-of-aes-ecb.use-of-aes-ecb",
-              "name": "java.lang.security.audit.crypto.use-of-aes-ecb.use-of-aes-ecb",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-262: Not Using Password Aging",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-aes-ecb.use-of-aes-ecb"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.open-redirect.open-redirect",
+              "name": "python.flask.security.open-redirect.open-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.open-redirect.open-redirect"
               },
-              "fullDescription": {
-                "text": "String argument $A is used to read or write data from a file via Path.Combine without direct sanitization via Path.GetFileName. If the path is user-supplied data this can lead to path traversal."
+              "full_description": {
+                "text": "Data from request is passed to redirect(). This is an open redirect and could be exploited. Consider using 'url_for()' to generate links to known locations. If you must use a URL to unknown pages, consider using 'urlparse()' or similar and checking if the 'netloc' property is the same as your site's host name. See the references for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.open-redirect.open-redirect",
               "help": {
-                "markdown": "String argument $A is used to read or write data from a file via Path.Combine without direct sanitization via Path.GetFileName. If the path is user-supplied data this can lead to path traversal.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine)\n - [https://www.praetorian.com/blog/pathcombine-security-issues-in-aspnet-applications/](https://www.praetorian.com/blog/pathcombine-security-issues-in-aspnet-applications/)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.io.path.combine?view=net-6.0#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.io.path.combine?view=net-6.0#remarks)\n",
-                "text": "String argument $A is used to read or write data from a file via Path.Combine without direct sanitization via Path.GetFileName. If the path is user-supplied data this can lead to path traversal.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Data from request is passed to redirect(). This is an open redirect and could be exploited. Consider using 'url_for()' to generate links to known locations. If you must use a URL to unknown pages, consider using 'urlparse()' or similar and checking if the 'netloc' property is the same as your site's host name. See the references for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data from request is passed to redirect(). This is an open redirect and could be exploited. Consider using 'url_for()' to generate links to known locations. If you must use a URL to unknown pages, consider using 'urlparse()' or similar and checking if the 'netloc' property is the same as your site's host name. See the references for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.open-redirect.open-redirect)\n - [https://flask-login.readthedocs.io/en/latest/#login-example](https://flask-login.readthedocs.io/en/latest/#login-example)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html#dangerous-url-redirect-example-1](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html#dangerous-url-redirect-example-1)\n - [https://docs.python.org/3/library/urllib.parse.html#url-parsing](https://docs.python.org/3/library/urllib.parse.html#url-parsing)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine",
-              "id": "csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine",
-              "name": "csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.audit.xss.make-response-with-unknown-content.make-response-with-unknown-content",
+              "name": "python.flask.security.audit.xss.make-response-with-unknown-content.make-response-with-unknown-content",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.xss.make-response-with-unknown-content.make-response-with-unknown-content"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a node-postgres JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `client.query('SELECT $1 from table', [userinput])`"
+              "full_description": {
+                "text": "Be careful with `flask.make_response()`. If this response is rendered onto a webpage, this could create a cross-site scripting (XSS) vulnerability. `flask.make_response()` will not autoescape HTML. If you are rendering HTML, write your HTML in a template file and use `flask.render_template()` which will take care of escaping. If you are returning data from an API, consider using `flask.jsonify()`."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.xss.make-response-with-unknown-content.make-response-with-unknown-content",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a node-postgres JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `client.query('SELECT $1 from table', [userinput])`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli)\n - [https://node-postgres.com/features/queries](https://node-postgres.com/features/queries)\n",
-                "text": "Detected string concatenation with a non-literal variable in a node-postgres JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `client.query('SELECT $1 from table', [userinput])`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Be careful with `flask.make_response()`. If this response is rendered onto a webpage, this could create a cross-site scripting (XSS) vulnerability. `flask.make_response()` will not autoescape HTML. If you are rendering HTML, write your HTML in a template file and use `flask.render_template()` which will take care of escaping. If you are returning data from an API, consider using `flask.jsonify()`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Be careful with `flask.make_response()`. If this response is rendered onto a webpage, this could create a cross-site scripting (XSS) vulnerability. `flask.make_response()` will not autoescape HTML. If you are rendering HTML, write your HTML in a template file and use `flask.render_template()` which will take care of escaping. If you are returning data from an API, consider using `flask.jsonify()`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.xss.make-response-with-unknown-content.make-response-with-unknown-content)\n - [https://github.com/python-security/pyt//blob/093a077bcf12d1f58ddeb2d73ddc096623985fb0/examples/vulnerable_code/XSS_assign_to_other_var.py#L11](https://github.com/python-security/pyt//blob/093a077bcf12d1f58ddeb2d73ddc096623985fb0/examples/vulnerable_code/XSS_assign_to_other_var.py#L11)\n - [https://flask.palletsprojects.com/en/1.1.x/api/#flask.Flask.make_response](https://flask.palletsprojects.com/en/1.1.x/api/#flask.Flask.make_response)\n - [https://flask.palletsprojects.com/en/1.1.x/api/#response-objects](https://flask.palletsprojects.com/en/1.1.x/api/#response-objects)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli",
-              "id": "javascript.lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli",
-              "name": "javascript.lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "terraform.aws.security.aws-ebs-volume-encrypted-with-cmk.aws-ebs-volume-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-ebs-volume-encrypted-with-cmk.aws-ebs-volume-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-ebs-volume-encrypted-with-cmk.aws-ebs-volume-encrypted-with-cmk"
+              },
+              "full_description": {
+                "text": "Ensure EBS Volume is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
               },
-              "fullDescription": {
-                "text": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text."
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-ebs-volume-encrypted-with-cmk.aws-ebs-volume-encrypted-with-cmk",
               "help": {
-                "markdown": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.template-blocktranslate-no-escape.template-blocktranslate-no-escape)\n - [https://edx.readthedocs.io/projects/edx-developer-guide/en/latest/preventing_xss/preventing_xss_in_django_templates.html#html-escaping-translations-in-django-templates](https://edx.readthedocs.io/projects/edx-developer-guide/en/latest/preventing_xss/preventing_xss_in_django_templates.html#html-escaping-translations-in-django-templates)\n - [https://docs.djangoproject.com/en/3.1/topics/i18n/translation/#internationalization-in-template-code](https://docs.djangoproject.com/en/3.1/topics/i18n/translation/#internationalization-in-template-code)\n",
-                "text": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure EBS Volume is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure EBS Volume is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ebs-volume-encrypted-with-cmk.aws-ebs-volume-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.template-blocktranslate-no-escape.template-blocktranslate-no-escape",
-              "id": "python.django.security.audit.xss.template-blocktranslate-no-escape.template-blocktranslate-no-escape",
-              "name": "python.django.security.audit.xss.template-blocktranslate-no-escape.template-blocktranslate-no-escape",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.template-blocktranslate-no-escape.template-blocktranslate-no-escape"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.avoid-session-manipulation.avoid-session-manipulation",
+              "name": "ruby.rails.security.audit.avoid-session-manipulation.avoid-session-manipulation",
+              "short_description": {
+                "text": "Allowing an attacker to manipulate the session may lead to unintended behavior."
               },
-              "fullDescription": {
-                "text": "The FsPickler is dangerous and is not recommended for data processing. Default configuration tend to insecure deserialization vulnerability."
+              "full_description": {
+                "text": "This gets data from session using user inputs. A malicious user may be able to retrieve information from your session that you didn't intend them to. Do not use user input as a session key."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.avoid-session-manipulation.avoid-session-manipulation",
               "help": {
-                "markdown": "The FsPickler is dangerous and is not recommended for data processing. Default configuration tend to insecure deserialization vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.fs-pickler.insecure-fspickler-deserialization)\n - [https://mbraceproject.github.io/FsPickler/tutorial.html#Disabling-Subtype-Resolution](https://mbraceproject.github.io/FsPickler/tutorial.html#Disabling-Subtype-Resolution)\n",
-                "text": "The FsPickler is dangerous and is not recommended for data processing. Default configuration tend to insecure deserialization vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "## Remediation\nSession manipulation can occur when an application allows user-input in session keys. Since sessions are typically considered a source of truth (e.g. to check the logged-in user or to match CSRF tokens), allowing an attacker to manipulate the session may lead to unintended behavior.\n\n## References\n[Session Manipulation](https://brakemanscanner.org/docs/warning_types/session_manipulation/)\n\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "## Remediation\nSession manipulation can occur when an application allows user-input in session keys. Since sessions are typically considered a source of truth (e.g. to check the logged-in user or to match CSRF tokens), allowing an attacker to manipulate the session may lead to unintended behavior.\n\n## References\n[Session Manipulation](https://brakemanscanner.org/docs/warning_types/session_manipulation/)\n\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.avoid-session-manipulation.avoid-session-manipulation)\n - [https://brakemanscanner.org/docs/warning_types/session_manipulation/](https://brakemanscanner.org/docs/warning_types/session_manipulation/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.fs-pickler.insecure-fspickler-deserialization",
-              "id": "csharp.lang.security.insecure-deserialization.fs-pickler.insecure-fspickler-deserialization",
-              "name": "csharp.lang.security.insecure-deserialization.fs-pickler.insecure-fspickler-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
+                  "CWE-276: Incorrect Default Permissions",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.fs-pickler.insecure-fspickler-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.elastic-search-encryption-at-rest.elastic-search-encryption-at-rest",
+              "name": "terraform.lang.security.elastic-search-encryption-at-rest.elastic-search-encryption-at-rest",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.elastic-search-encryption-at-rest.elastic-search-encryption-at-rest"
               },
-              "fullDescription": {
-                "text": "If TLS is disabled on server side (Postgresql server), Sequelize establishes connection without TLS and no error will be thrown. To prevent MITN (Man In The Middle) attack, TLS must be enforce by Sequelize. Set \"ssl: true\" or define settings \"ssl: {...}\""
+              "full_description": {
+                "text": "Encryption at rest is not enabled for the elastic search domain resource"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.elastic-search-encryption-at-rest.elastic-search-encryption-at-rest",
               "help": {
-                "markdown": "If TLS is disabled on server side (Postgresql server), Sequelize establishes connection without TLS and no error will be thrown. To prevent MITN (Man In The Middle) attack, TLS must be enforce by Sequelize. Set \"ssl: true\" or define settings \"ssl: {...}\"\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-enforce-tls.sequelize-enforce-tls)\n - [https://node-postgres.com/features/ssl](https://node-postgres.com/features/ssl)\n - [https://nodejs.org/api/tls.html#tls_class_tls_tlssocket](https://nodejs.org/api/tls.html#tls_class_tls_tlssocket)\n - [https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options](https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options)\n - [https://nodejs.org/api/tls.html#tls_tls_default_min_version](https://nodejs.org/api/tls.html#tls_tls_default_min_version)\n",
-                "text": "If TLS is disabled on server side (Postgresql server), Sequelize establishes connection without TLS and no error will be thrown. To prevent MITN (Man In The Middle) attack, TLS must be enforce by Sequelize. Set \"ssl: true\" or define settings \"ssl: {...}\"\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Encryption at rest is not enabled for the elastic search domain resource\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Encryption at rest is not enabled for the elastic search domain resource\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.elastic-search-encryption-at-rest.elastic-search-encryption-at-rest)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-enforce-tls.sequelize-enforce-tls",
-              "id": "javascript.sequelize.security.audit.sequelize-enforce-tls.sequelize-enforce-tls",
-              "name": "javascript.sequelize.security.audit.sequelize-enforce-tls.sequelize-enforce-tls",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-311: Missing Encryption of Sensitive Data",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.sequelize.security.audit.sequelize-enforce-tls.sequelize-enforce-tls"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.react.security.react-markdown-insecure-html.react-markdown-insecure-html",
+              "name": "typescript.react.security.react-markdown-insecure-html.react-markdown-insecure-html",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.react.security.react-markdown-insecure-html.react-markdown-insecure-html"
               },
-              "fullDescription": {
-                "text": "SSL verification disabled, this allows for MitM attacks"
+              "full_description": {
+                "text": "Overwriting `transformLinkUri` or `transformImageUri` to something insecure, or turning `allowDangerousHtml` on, or turning `escapeHtml` off, will open the code up to XSS vectors."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/typescript.react.security.react-markdown-insecure-html.react-markdown-insecure-html",
               "help": {
-                "markdown": "SSL verification disabled, this allows for MitM attacks\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/rust.lang.security.ssl-verify-none.ssl-verify-none)\n - [https://docs.rs/openssl/latest/openssl/ssl/struct.SslContextBuilder.html#method.set_verify](https://docs.rs/openssl/latest/openssl/ssl/struct.SslContextBuilder.html#method.set_verify)\n",
-                "text": "SSL verification disabled, this allows for MitM attacks\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Overwriting `transformLinkUri` or `transformImageUri` to something insecure, or turning `allowDangerousHtml` on, or turning `escapeHtml` off, will open the code up to XSS vectors.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Overwriting `transformLinkUri` or `transformImageUri` to something insecure, or turning `allowDangerousHtml` on, or turning `escapeHtml` off, will open the code up to XSS vectors.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.react-markdown-insecure-html.react-markdown-insecure-html)\n - [https://www.npmjs.com/package/react-markdown#security](https://www.npmjs.com/package/react-markdown#security)\n"
               },
-              "helpUri": "https://semgrep.dev/r/rust.lang.security.ssl-verify-none.ssl-verify-none",
-              "id": "rust.lang.security.ssl-verify-none.ssl-verify-none",
-              "name": "rust.lang.security.ssl-verify-none.ssl-verify-none",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-295: Improper Certificate Validation",
-                  "HIGH CONFIDENCE",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: rust.lang.security.ssl-verify-none.ssl-verify-none"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.react.security.react-insecure-request.react-insecure-request",
+              "name": "typescript.react.security.react-insecure-request.react-insecure-request",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.react.security.react-insecure-request.react-insecure-request"
               },
-              "fullDescription": {
-                "text": "`MinVersion` is missing from this TLS configuration.  By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled.  Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. Add `MinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3."
+              "full_description": {
+                "text": "Unencrypted request over HTTP detected."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/typescript.react.security.react-insecure-request.react-insecure-request",
               "help": {
-                "markdown": "`MinVersion` is missing from this TLS configuration.  By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled.  Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. Add `MinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion)\n - [https://golang.org/doc/go1.14#crypto/tls](https://golang.org/doc/go1.14#crypto/tls)\n - [https://golang.org/pkg/crypto/tls/#:~:text=MinVersion](https://golang.org/pkg/crypto/tls/#:~:text=MinVersion)\n - [https://www.us-cert.gov/ncas/alerts/TA14-290A](https://www.us-cert.gov/ncas/alerts/TA14-290A)\n",
-                "text": "`MinVersion` is missing from this TLS configuration.  By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled.  Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. Add `MinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Unencrypted request over HTTP detected.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Unencrypted request over HTTP detected.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.react-insecure-request.react-insecure-request)\n - [https://www.npmjs.com/package/axios](https://www.npmjs.com/package/axios)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion",
-              "id": "go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion",
-              "name": "go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.tainted-html-response.tainted-html-response",
+              "name": "python.aws-lambda.security.tainted-html-response.tainted-html-response",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.tainted-html-response.tainted-html-response"
               },
-              "fullDescription": {
-                "text": "Pod is sharing the host IPC namespace. This allows container processes to communicate with processes on the host which reduces isolation and bypasses container protection models. Remove the 'hostIPC' key to disable this functionality."
+              "full_description": {
+                "text": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.tainted-html-response.tainted-html-response",
               "help": {
-                "markdown": "Pod is sharing the host IPC namespace. This allows container processes to communicate with processes on the host which reduces isolation and bypasses container protection models. Remove the 'hostIPC' key to disable this functionality.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.hostipc-pod.hostipc-pod)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces)\n",
-                "text": "Pod is sharing the host IPC namespace. This allows container processes to communicate with processes on the host which reduces isolation and bypasses container protection models. Remove the 'hostIPC' key to disable this functionality.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.tainted-html-response.tainted-html-response)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.hostipc-pod.hostipc-pod",
-              "id": "yaml.kubernetes.security.hostipc-pod.hostipc-pod",
-              "name": "yaml.kubernetes.security.hostipc-pod.hostipc-pod",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-693: Protection Mechanism Failure",
-                  "LOW CONFIDENCE",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.hostipc-pod.hostipc-pod"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.xss.audit.template-href-var.template-href-var",
+              "name": "python.flask.security.xss.audit.template-href-var.template-href-var",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.xss.audit.template-href-var.template-href-var"
               },
-              "fullDescription": {
-                "text": "Detected a debug template tag in a Django template. This dumps debugging information to the page when debug mode is enabled. Showing debug information to users is dangerous because it may reveal information about your environment that malicious actors can use to gain access to the system. Remove the debug tag."
+              "full_description": {
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use 'url_for()' to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.xss.audit.template-href-var.template-href-var",
               "help": {
-                "markdown": "Detected a debug template tag in a Django template. This dumps debugging information to the page when debug mode is enabled. Showing debug information to users is dangerous because it may reveal information about your environment that malicious actors can use to gain access to the system. Remove the debug tag.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.templates.debug-template-tag.debug-template-tag)\n - [https://docs.djangoproject.com/en/4.2/ref/templates/builtins/#debug](https://docs.djangoproject.com/en/4.2/ref/templates/builtins/#debug)\n - [https://stackoverflow.com/questions/2213977/django-debug-display-all-variables-of-a-page](https://stackoverflow.com/questions/2213977/django-debug-display-all-variables-of-a-page)\n",
-                "text": "Detected a debug template tag in a Django template. This dumps debugging information to the page when debug mode is enabled. Showing debug information to users is dangerous because it may reveal information about your environment that malicious actors can use to gain access to the system. Remove the debug tag.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use 'url_for()' to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use 'url_for()' to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.xss.audit.template-href-var.template-href-var)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss)\n - [https://content-security-policy.com/](https://content-security-policy.com/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.templates.debug-template-tag.debug-template-tag",
-              "id": "python.django.security.audit.templates.debug-template-tag.debug-template-tag",
-              "name": "python.django.security.audit.templates.debug-template-tag.debug-template-tag",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-489: Active Debug Code",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.templates.debug-template-tag.debug-template-tag"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.dangerous-asyncio-create-exec.dangerous-asyncio-create-exec",
+              "name": "python.aws-lambda.security.dangerous-asyncio-create-exec.dangerous-asyncio-create-exec",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-asyncio-create-exec.dangerous-asyncio-create-exec"
               },
-              "fullDescription": {
-                "text": "Pod may use the node network namespace. This gives the pod access to the loopback device, services listening on localhost, and could be used to snoop on network activity of other pods on the same node. Remove the 'hostNetwork' key to disable this functionality."
+              "full_description": {
+                "text": "Detected 'create_subprocess_exec' function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-create-exec.dangerous-asyncio-create-exec",
               "help": {
-                "markdown": "Pod may use the node network namespace. This gives the pod access to the loopback device, services listening on localhost, and could be used to snoop on network activity of other pods on the same node. Remove the 'hostNetwork' key to disable this functionality.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.hostnetwork-pod.hostnetwork-pod)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces)\n",
-                "text": "Pod may use the node network namespace. This gives the pod access to the loopback device, services listening on localhost, and could be used to snoop on network activity of other pods on the same node. Remove the 'hostNetwork' key to disable this functionality.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected 'create_subprocess_exec' function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected 'create_subprocess_exec' function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-create-exec.dangerous-asyncio-create-exec)\n - [https://docs.python.org/3/library/asyncio-subprocess.html#asyncio.create_subprocess_exec](https://docs.python.org/3/library/asyncio-subprocess.html#asyncio.create_subprocess_exec)\n - [https://docs.python.org/3/library/shlex.html](https://docs.python.org/3/library/shlex.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.hostnetwork-pod.hostnetwork-pod",
-              "id": "yaml.kubernetes.security.hostnetwork-pod.hostnetwork-pod",
-              "name": "yaml.kubernetes.security.hostnetwork-pod.hostnetwork-pod",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-406: Insufficient Control of Network Message Volume (Network Amplification)",
-                  "LOW CONFIDENCE",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.hostnetwork-pod.hostnetwork-pod"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.net.pprof.pprof-debug-exposure",
+              "name": "go.lang.security.audit.net.pprof.pprof-debug-exposure",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.pprof.pprof-debug-exposure"
               },
-              "fullDescription": {
-                "text": "Picatic API Key detected"
+              "full_description": {
+                "text": "The profiling 'pprof' endpoint is automatically exposed on /debug/pprof. This could leak information about the server. Instead, use `import \"net/http/pprof\"`. See https://www.farsightsecurity.com/blog/txt-record/go-remote-profiling-20161028/ for more information and mitigation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.pprof.pprof-debug-exposure",
               "help": {
-                "markdown": "Picatic API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-picatic-api-key.detected-picatic-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Picatic API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The profiling 'pprof' endpoint is automatically exposed on /debug/pprof. This could leak information about the server. Instead, use `import \"net/http/pprof\"`. See https://www.farsightsecurity.com/blog/txt-record/go-remote-profiling-20161028/ for more information and mitigation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The profiling 'pprof' endpoint is automatically exposed on /debug/pprof. This could leak information about the server. Instead, use `import \"net/http/pprof\"`. See https://www.farsightsecurity.com/blog/txt-record/go-remote-profiling-20161028/ for more information and mitigation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.pprof.pprof-debug-exposure)\n - [https://www.farsightsecurity.com/blog/txt-record/go-remote-profiling-20161028/](https://www.farsightsecurity.com/blog/txt-record/go-remote-profiling-20161028/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-picatic-api-key.detected-picatic-api-key",
-              "id": "generic.secrets.security.detected-picatic-api-key.detected-picatic-api-key",
-              "name": "generic.secrets.security.detected-picatic-api-key.detected-picatic-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-489: Active Debug Code",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-picatic-api-key.detected-picatic-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions1.disallow-old-tls-versions1",
+              "name": "problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions1.disallow-old-tls-versions1",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions1.disallow-old-tls-versions1"
               },
-              "fullDescription": {
-                "text": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings"
+              "full_description": {
+                "text": "Detects direct creations of $HTTPS servers that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions1.disallow-old-tls-versions1",
               "help": {
-                "markdown": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-authentication-enabled.appservice-authentication-enabled)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#auth_settings](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#auth_settings)\n",
-                "text": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detects direct creations of $HTTPS servers that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detects direct creations of $HTTPS servers that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions1.disallow-old-tls-versions1)\n - [https://us-cert.cisa.gov/ncas/alerts/TA14-290A](https://us-cert.cisa.gov/ncas/alerts/TA14-290A)\n - [https://stackoverflow.com/questions/40434934/how-to-disable-the-ssl-3-0-and-tls-1-0-in-nodejs](https://stackoverflow.com/questions/40434934/how-to-disable-the-ssl-3-0-and-tls-1-0-in-nodejs)\n - [https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-authentication-enabled.appservice-authentication-enabled",
-              "id": "terraform.azure.security.appservice.appservice-authentication-enabled.appservice-authentication-enabled",
-              "name": "terraform.azure.security.appservice.appservice-authentication-enabled.appservice-authentication-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-287: Improper Authentication",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-authentication-enabled.appservice-authentication-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.sqli.pgx-sqli.pgx-sqli",
+              "name": "go.lang.security.audit.sqli.pgx-sqli.pgx-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.sqli.pgx-sqli.pgx-sqli"
               },
-              "fullDescription": {
-                "text": "Detected a possible denial-of-service via a zip bomb attack. By limiting the max bytes read, you can mitigate this attack. `io.CopyN()` can specify a size. "
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a pgx Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can use parameterized queries like so: (`SELECT $1 FROM table`, `data1)"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.sqli.pgx-sqli.pgx-sqli",
               "help": {
-                "markdown": "Detected a possible denial-of-service via a zip bomb attack. By limiting the max bytes read, you can mitigate this attack. `io.CopyN()` can specify a size. \n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.decompression_bomb.potential-dos-via-decompression-bomb)\n - [https://golang.org/pkg/io/#CopyN](https://golang.org/pkg/io/#CopyN)\n - [https://github.com/securego/gosec/blob/master/rules/decompression-bomb.go](https://github.com/securego/gosec/blob/master/rules/decompression-bomb.go)\n",
-                "text": "Detected a possible denial-of-service via a zip bomb attack. By limiting the max bytes read, you can mitigate this attack. `io.CopyN()` can specify a size. \n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in a pgx Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can use parameterized queries like so: (`SELECT $1 FROM table`, `data1)\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a pgx Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can use parameterized queries like so: (`SELECT $1 FROM table`, `data1)\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.sqli.pgx-sqli.pgx-sqli)\n - [https://github.com/jackc/pgx](https://github.com/jackc/pgx)\n - [https://pkg.go.dev/github.com/jackc/pgx/v4#hdr-Connection_Pool](https://pkg.go.dev/github.com/jackc/pgx/v4#hdr-Connection_Pool)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.decompression_bomb.potential-dos-via-decompression-bomb",
-              "id": "go.lang.security.decompression_bomb.potential-dos-via-decompression-bomb",
-              "name": "go.lang.security.decompression_bomb.potential-dos-via-decompression-bomb",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-400: Uncontrolled Resource Consumption",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.decompression_bomb.potential-dos-via-decompression-bomb"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.code-string-concat.code-string-concat",
+              "name": "javascript.lang.security.audit.code-string-concat.code-string-concat",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.code-string-concat.code-string-concat"
               },
-              "fullDescription": {
-                "text": "Custom ERC721 implementation lacks access control checks in _transfer()"
+              "full_description": {
+                "text": "Found data from an Express or Next web request flowing to `eval`. If this data is user-controllable this can lead to execution of arbitrary system commands in the context of your application process. Avoid `eval` whenever possible."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.code-string-concat.code-string-concat",
               "help": {
-                "markdown": "Custom ERC721 implementation lacks access control checks in _transfer()\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.erc721-arbitrary-transferfrom.erc721-arbitrary-transferfrom)\n - [https://twitter.com/BlockSecAlert/status/1516289618605654024](https://twitter.com/BlockSecAlert/status/1516289618605654024)\n - [https://etherscan.io/address/0xf3821adaceb6500c0a202971aecf840a033f236b](https://etherscan.io/address/0xf3821adaceb6500c0a202971aecf840a033f236b)\n",
-                "text": "Custom ERC721 implementation lacks access control checks in _transfer()\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found data from an Express or Next web request flowing to `eval`. If this data is user-controllable this can lead to execution of arbitrary system commands in the context of your application process. Avoid `eval` whenever possible.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found data from an Express or Next web request flowing to `eval`. If this data is user-controllable this can lead to execution of arbitrary system commands in the context of your application process. Avoid `eval` whenever possible.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.code-string-concat.code-string-concat)\n - [https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval)\n - [https://nodejs.org/api/child_process.html#child_processexeccommand-options-callback](https://nodejs.org/api/child_process.html#child_processexeccommand-options-callback)\n - [https://www.stackhawk.com/blog/nodejs-command-injection-examples-and-prevention/](https://www.stackhawk.com/blog/nodejs-command-injection-examples-and-prevention/)\n - [https://ckarande.gitbooks.io/owasp-nodegoat-tutorial/content/tutorial/a1_-_server_side_js_injection.html](https://ckarande.gitbooks.io/owasp-nodegoat-tutorial/content/tutorial/a1_-_server_side_js_injection.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.erc721-arbitrary-transferfrom.erc721-arbitrary-transferfrom",
-              "id": "solidity.security.erc721-arbitrary-transferfrom.erc721-arbitrary-transferfrom",
-              "name": "solidity.security.erc721-arbitrary-transferfrom.erc721-arbitrary-transferfrom",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.erc721-arbitrary-transferfrom.erc721-arbitrary-transferfrom"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.xss.ejs.var-in-script-tag.var-in-script-tag",
+              "name": "javascript.express.security.audit.xss.ejs.var-in-script-tag.var-in-script-tag",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.ejs.var-in-script-tag.var-in-script-tag"
               },
-              "fullDescription": {
-                "text": "CORS rule on bucket permits any origin"
+              "full_description": {
+                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-script-tag.var-in-script-tag",
               "help": {
-                "markdown": "CORS rule on bucket permits any origin\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.s3-cors-all-origins.all-origins-allowed)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#using-cors](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#using-cors)\n",
-                "text": "CORS rule on bucket permits any origin\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-script-tag.var-in-script-tag)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.s3-cors-all-origins.all-origins-allowed",
-              "id": "terraform.lang.security.s3-cors-all-origins.all-origins-allowed",
-              "name": "terraform.lang.security.s3-cors-all-origins.all-origins-allowed",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-942: Permissive Cross-domain Policy with Untrusted Domains",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.s3-cors-all-origins.all-origins-allowed"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "The libxml library processes user-input with the `noent` attribute is set to `true` which can lead to being vulnerable to XML External Entities (XXE) type attacks. It is recommended to set `noent` to `false` when using this feature to ensure you are protected."
-              },
-              "help": {
-                "markdown": "The libxml library processes user-input with the `noent` attribute is set to `true` which can lead to being vulnerable to XML External Entities (XXE) type attacks. It is recommended to set `noent` to `false` when using this feature to ensure you are protected.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-libxml-noent.express-libxml-noent)\n - [https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html)\n",
-                "text": "The libxml library processes user-input with the `noent` attribute is set to `true` which can lead to being vulnerable to XML External Entities (XXE) type attacks. It is recommended to set `noent` to `false` when using this feature to ensure you are protected.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "id": "java.lang.security.audit.ldap-injection.ldap-injection",
+              "name": "java.lang.security.audit.ldap-injection.ldap-injection",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.ldap-injection.ldap-injection"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-libxml-noent.express-libxml-noent",
-              "id": "javascript.express.security.audit.express-libxml-noent.express-libxml-noent",
-              "name": "javascript.express.security.audit.express-libxml-noent.express-libxml-noent",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "security"
-                ]
+              "full_description": {
+                "text": "Detected non-constant data passed into an LDAP query. If this data can be controlled by an external user, this is an LDAP injection. Ensure data passed to an LDAP query is not controllable; or properly sanitize the data."
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-libxml-noent.express-libxml-noent"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "Markup escaping disabled. This can be used with some template engines to escape disabling of HTML entities, which can lead to XSS attacks."
-              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.ldap-injection.ldap-injection",
               "help": {
-                "markdown": "Markup escaping disabled. This can be used with some template engines to escape disabling of HTML entities, which can lead to XSS attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-disable-mustache-escape.detect-disable-mustache-escape)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Markup escaping disabled. This can be used with some template engines to escape disabling of HTML entities, which can lead to XSS attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected non-constant data passed into an LDAP query. If this data can be controlled by an external user, this is an LDAP injection. Ensure data passed to an LDAP query is not controllable; or properly sanitize the data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-constant data passed into an LDAP query. If this data can be controlled by an external user, this is an LDAP injection. Ensure data passed to an LDAP query is not controllable; or properly sanitize the data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.ldap-injection.ldap-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.detect-disable-mustache-escape.detect-disable-mustache-escape",
-              "id": "javascript.lang.security.detect-disable-mustache-escape.detect-disable-mustache-escape",
-              "name": "javascript.lang.security.detect-disable-mustache-escape.detect-disable-mustache-escape",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-116: Improper Encoding or Escaping of Output",
+                  "CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')",
                   "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.detect-disable-mustache-escape.detect-disable-mustache-escape"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.flask-api-method-string-format.flask-api-method-string-format",
+              "name": "python.flask.security.flask-api-method-string-format.flask-api-method-string-format",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.flask-api-method-string-format.flask-api-method-string-format"
               },
-              "fullDescription": {
-                "text": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network."
+              "full_description": {
+                "text": "Method $METHOD in API controller $CLASS provides user arg $ARG to requests method $REQMETHOD"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.flask-api-method-string-format.flask-api-method-string-format",
               "help": {
-                "markdown": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.sling-http-request.sling-http-request)\n - [https://godoc.org/github.com/dghubble/sling#Sling.Add](https://godoc.org/github.com/dghubble/sling#Sling.Add)\n - [https://github.com/dghubble/sling](https://github.com/dghubble/sling)\n",
-                "text": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Method $METHOD in API controller $CLASS provides user arg $ARG to requests method $REQMETHOD\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Method $METHOD in API controller $CLASS provides user arg $ARG to requests method $REQMETHOD\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.flask-api-method-string-format.flask-api-method-string-format)\n - [https://cwe.mitre.org/data/definitions/134.html](https://cwe.mitre.org/data/definitions/134.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.sling-http-request.sling-http-request",
-              "id": "problem-based-packs.insecure-transport.go-stdlib.sling-http-request.sling-http-request",
-              "name": "problem-based-packs.insecure-transport.go-stdlib.sling-http-request.sling-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-134: Use of Externally-Controlled Format String",
+                  "LOW CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.sling-http-request.sling-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.angular.security.detect-third-party-angular-translate.detect-angular-translateprovider-translations-method",
+              "name": "javascript.angular.security.detect-third-party-angular-translate.detect-angular-translateprovider-translations-method",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-third-party-angular-translate.detect-angular-translateprovider-translations-method"
               },
-              "fullDescription": {
-                "text": "Possible path traversal through `tarfile.open($PATH).extractall()` if the source tar is controlled by an attacker"
+              "full_description": {
+                "text": "The use of $translateProvider.translations method can be dangerous if user input is provided to this API."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-third-party-angular-translate.detect-angular-translateprovider-translations-method",
               "help": {
-                "markdown": "Possible path traversal through `tarfile.open($PATH).extractall()` if the source tar is controlled by an attacker\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.tarfile-extractall-traversal.tarfile-extractall-traversal)\n - [https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extractall](https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extractall)\n",
-                "text": "Possible path traversal through `tarfile.open($PATH).extractall()` if the source tar is controlled by an attacker\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The use of $translateProvider.translations method can be dangerous if user input is provided to this API.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The use of $translateProvider.translations method can be dangerous if user input is provided to this API.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-third-party-angular-translate.detect-angular-translateprovider-translations-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsUrl](https://docs.angularjs.org/api/ng/service/$sce#trustAsUrl)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.python.tarfile-extractall-traversal.tarfile-extractall-traversal",
-              "id": "trailofbits.python.tarfile-extractall-traversal.tarfile-extractall-traversal",
-              "name": "trailofbits.python.tarfile-extractall-traversal.tarfile-extractall-traversal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.python.tarfile-extractall-traversal.tarfile-extractall-traversal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.insecure-deserialization.fast-json.insecure-fastjson-deserialization",
+              "name": "csharp.lang.security.insecure-deserialization.fast-json.insecure-fastjson-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.fast-json.insecure-fastjson-deserialization"
               },
-              "fullDescription": {
-                "text": "Detected use of the wildcard character in a system call that spawns a shell. This subjects the wildcard to normal shell expansion, which can have unintended consequences if there exist any non-standard file names. Consider a file named '-e sh script.sh' -- this will execute a script when 'rsync' is called. See https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt for more information."
+              "full_description": {
+                "text": "$type extension has the potential to be unsafe, so use it with common sense and known json sources and not public facing ones to be safe"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.fast-json.insecure-fastjson-deserialization",
               "help": {
-                "markdown": "Detected use of the wildcard character in a system call that spawns a shell. This subjects the wildcard to normal shell expansion, which can have unintended consequences if there exist any non-standard file names. Consider a file named '-e sh script.sh' -- this will execute a script when 'rsync' is called. See https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.system-wildcard-detected.system-wildcard-detected)\n - [https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt](https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt)\n",
-                "text": "Detected use of the wildcard character in a system call that spawns a shell. This subjects the wildcard to normal shell expansion, which can have unintended consequences if there exist any non-standard file names. Consider a file named '-e sh script.sh' -- this will execute a script when 'rsync' is called. See https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "$type extension has the potential to be unsafe, so use it with common sense and known json sources and not public facing ones to be safe\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "$type extension has the potential to be unsafe, so use it with common sense and known json sources and not public facing ones to be safe\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.fast-json.insecure-fastjson-deserialization)\n - [https://github.com/mgholam/fastJSON#security-warning-update](https://github.com/mgholam/fastJSON#security-warning-update)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.system-wildcard-detected.system-wildcard-detected",
-              "id": "python.lang.security.audit.system-wildcard-detected.system-wildcard-detected",
-              "name": "python.lang.security.audit.system-wildcard-detected.system-wildcard-detected",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.system-wildcard-detected.system-wildcard-detected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated",
+              "name": "python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated"
               },
-              "fullDescription": {
-                "text": "the `errors` argument to Popen is only available on Python 3.6+"
+              "full_description": {
+                "text": "'ssl.wrap_socket()' is deprecated. This function creates an insecure socket without server name indication or hostname matching. Instead, create an SSL context using 'ssl.SSLContext()' and use that to wrap a socket."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated",
               "help": {
-                "markdown": "the `errors` argument to Popen is only available on Python 3.6+\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-Popen1)\n",
-                "text": "the `errors` argument to Popen is only available on Python 3.6+\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'ssl.wrap_socket()' is deprecated. This function creates an insecure socket without server name indication or hostname matching. Instead, create an SSL context using 'ssl.SSLContext()' and use that to wrap a socket.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'ssl.wrap_socket()' is deprecated. This function creates an insecure socket without server name indication or hostname matching. Instead, create an SSL context using 'ssl.SSLContext()' and use that to wrap a socket.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated)\n - [https://docs.python.org/3/library/ssl.html#ssl.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket)\n - [https://docs.python.org/3/library/ssl.html#ssl.SSLContext.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.SSLContext.wrap_socket)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-Popen1",
-              "id": "python.lang.compatibility.python36.python36-compatibility-Popen1",
-              "name": "python.lang.compatibility.python36.python36-compatibility-Popen1",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python36.python36-compatibility-Popen1"
+                "tags": [
+                  "CWE-326: Inadequate Encryption Strength",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.s3-unencrypted-bucket.s3-unencrypted-bucket",
+              "name": "terraform.lang.security.s3-unencrypted-bucket.s3-unencrypted-bucket",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.s3-unencrypted-bucket.s3-unencrypted-bucket"
               },
-              "fullDescription": {
-                "text": "Detected an explicit unescape in an EJS template, using '<%- ... %>' If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. Use '<%= ... %>' to escape this data. If you need escaping, ensure no external data can reach this location."
+              "full_description": {
+                "text": "This rule has been deprecated, as all s3 buckets are encrypted by default with no way to disable it. See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration for more info."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.s3-unencrypted-bucket.s3-unencrypted-bucket",
               "help": {
-                "markdown": "Detected an explicit unescape in an EJS template, using '<%- ... %>' If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. Use '<%= ... %>' to escape this data. If you need escaping, ensure no external data can reach this location.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape)\n - [http://www.managerjs.com/blog/2015/05/will-ejs-escape-save-me-from-xss-sorta/](http://www.managerjs.com/blog/2015/05/will-ejs-escape-save-me-from-xss-sorta/)\n",
-                "text": "Detected an explicit unescape in an EJS template, using '<%- ... %>' If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. Use '<%= ... %>' to escape this data. If you need escaping, ensure no external data can reach this location.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "This rule has been deprecated, as all s3 buckets are encrypted by default with no way to disable it. See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration for more info.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This rule has been deprecated, as all s3 buckets are encrypted by default with no way to disable it. See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration for more info.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.s3-unencrypted-bucket.s3-unencrypted-bucket)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#server_side_encryption_configuration](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#server_side_encryption_configuration)\n - [https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape",
-              "id": "javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape",
-              "name": "javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-311: Missing Encryption of Sensitive Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.mysql-sqli.mysql-sqli",
+              "name": "python.aws-lambda.security.mysql-sqli.mysql-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.mysql-sqli.mysql-sqli"
               },
-              "fullDescription": {
-                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.mysql-sqli.mysql-sqli",
               "help": {
-                "markdown": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-ftp-call.avoid-tainted-ftp-call)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown)\n",
-                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.mysql-sqli.mysql-sqli)\n - [https://dev.mysql.com/doc/connector-python/en/connector-python-api-mysqlcursor-execute.html](https://dev.mysql.com/doc/connector-python/en/connector-python-api-mysqlcursor-execute.html)\n - [https://dev.mysql.com/doc/connector-python/en/connector-python-api-mysqlcursor-executemany.html](https://dev.mysql.com/doc/connector-python/en/connector-python-api-mysqlcursor-executemany.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-ftp-call.avoid-tainted-ftp-call",
-              "id": "ruby.rails.security.audit.avoid-tainted-ftp-call.avoid-tainted-ftp-call",
-              "name": "ruby.rails.security.audit.avoid-tainted-ftp-call.avoid-tainted-ftp-call",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.avoid-tainted-ftp-call.avoid-tainted-ftp-call"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.use-of-blowfish.use-of-blowfish",
+              "name": "java.lang.security.audit.crypto.use-of-blowfish.use-of-blowfish",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-blowfish.use-of-blowfish"
               },
-              "fullDescription": {
-                "text": "Cryptographic algorithms are notoriously difficult to get right. By implementing a custom message digest, you risk introducing security issues into your program. Use one of the many sound message digests already available to you: MessageDigest sha256Digest = MessageDigest.getInstance(\"SHA256\");"
+              "full_description": {
+                "text": "Use of Blowfish was detected. Blowfish uses a 64-bit block size that  makes it vulnerable to birthday attacks, and is therefore considered non-compliant.  Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-blowfish.use-of-blowfish",
               "help": {
-                "markdown": "Cryptographic algorithms are notoriously difficult to get right. By implementing a custom message digest, you risk introducing security issues into your program. Use one of the many sound message digests already available to you: MessageDigest sha256Digest = MessageDigest.getInstance(\"SHA256\");\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.avoid-implementing-custom-digests.avoid-implementing-custom-digests)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#custom-algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#custom-algorithms)\n",
-                "text": "Cryptographic algorithms are notoriously difficult to get right. By implementing a custom message digest, you risk introducing security issues into your program. Use one of the many sound message digests already available to you: MessageDigest sha256Digest = MessageDigest.getInstance(\"SHA256\");\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Use of Blowfish was detected. Blowfish uses a 64-bit block size that  makes it vulnerable to birthday attacks, and is therefore considered non-compliant.  Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use of Blowfish was detected. Blowfish uses a 64-bit block size that  makes it vulnerable to birthday attacks, and is therefore considered non-compliant.  Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-blowfish.use-of-blowfish)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n - [https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html](https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.avoid-implementing-custom-digests.avoid-implementing-custom-digests",
-              "id": "java.lang.security.audit.crypto.ssl.avoid-implementing-custom-digests.avoid-implementing-custom-digests",
-              "name": "java.lang.security.audit.crypto.ssl.avoid-implementing-custom-digests.avoid-implementing-custom-digests",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "LOW CONFIDENCE",
+                  "HIGH CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.ssl.avoid-implementing-custom-digests.avoid-implementing-custom-digests"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-request-object.insecure-request-object",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-request-object.insecure-request-object",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-request-object.insecure-request-object"
               },
-              "fullDescription": {
-                "text": "The Connection.recv() method automatically unpickles the data it receives, which can be a security risk unless you can trust the process which sent the message. Therefore, unless the connection object was produced using Pipe() you should only use the recv() and send() methods after performing some sort of authentication. See more dettails: https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection"
+              "full_description": {
+                "text": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-request-object.insecure-request-object",
               "help": {
-                "markdown": "The Connection.recv() method automatically unpickles the data it receives, which can be a security risk unless you can trust the process which sent the message. Therefore, unless the connection object was produced using Pipe() you should only use the recv() and send() methods after performing some sort of authentication. See more dettails: https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.conn_recv.multiprocessing-recv)\n - [https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection](https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection)\n",
-                "text": "The Connection.recv() method automatically unpickles the data it receives, which can be a security risk unless you can trust the process which sent the message. Therefore, unless the connection object was produced using Pipe() you should only use the recv() and send() methods after performing some sort of authentication. See more dettails: https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-request-object.insecure-request-object)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.Request](https://docs.python.org/3/library/urllib.request.html#urllib.request.Request)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.conn_recv.multiprocessing-recv",
-              "id": "python.lang.security.audit.conn_recv.multiprocessing-recv",
-              "name": "python.lang.security.audit.conn_recv.multiprocessing-recv",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.conn_recv.multiprocessing-recv"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.passport-jwt.security.passport-hardcode.hardcoded-passport-secret",
+              "name": "javascript.passport-jwt.security.passport-hardcode.hardcoded-passport-secret",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.passport-jwt.security.passport-hardcode.hardcoded-passport-secret"
               },
-              "fullDescription": {
-                "text": "Detected hardcoded password used in basic authentication in a controller class. Including this password in version control could expose this credential. Consider refactoring to use environment variables or configuration files."
+              "full_description": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.passport-jwt.security.passport-hardcode.hardcoded-passport-secret",
               "help": {
-                "markdown": "Detected hardcoded password used in basic authentication in a controller class. Including this password in version control could expose this credential. Consider refactoring to use environment variables or configuration files.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.hardcoded-http-auth-in-controller.hardcoded-http-auth-in-controller)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n",
-                "text": "Detected hardcoded password used in basic authentication in a controller class. Including this password in version control could expose this credential. Consider refactoring to use environment variables or configuration files.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.passport-jwt.security.passport-hardcode.hardcoded-passport-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.hardcoded-http-auth-in-controller.hardcoded-http-auth-in-controller",
-              "id": "ruby.lang.security.hardcoded-http-auth-in-controller.hardcoded-http-auth-in-controller",
-              "name": "ruby.lang.security.hardcoded-http-auth-in-controller.hardcoded-http-auth-in-controller",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -8980,1507 +9657,1504 @@
                   "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.hardcoded-http-auth-in-controller.hardcoded-http-auth-in-controller"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.deserialization.pickle.avoid-shelve",
+              "name": "python.lang.security.deserialization.pickle.avoid-shelve",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.deserialization.pickle.avoid-shelve"
               },
-              "fullDescription": {
-                "text": "RDS instance or cluster with hardcoded credentials in source code. It is recommended to pass the credentials at runtime, or generate random credentials using the random_password resource."
+              "full_description": {
+                "text": "Avoid using `shelve`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-shelve",
               "help": {
-                "markdown": "RDS instance or cluster with hardcoded credentials in source code. It is recommended to pass the credentials at runtime, or generate random credentials using the random_password resource.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.rds-insecure-password-storage-in-source-code.rds-insecure-password-storage-in-source-code)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#master_password](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#master_password)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#master_password](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#master_password)\n - [https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password)\n",
-                "text": "RDS instance or cluster with hardcoded credentials in source code. It is recommended to pass the credentials at runtime, or generate random credentials using the random_password resource.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using `shelve`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using `shelve`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-shelve)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.rds-insecure-password-storage-in-source-code.rds-insecure-password-storage-in-source-code",
-              "id": "terraform.lang.security.rds-insecure-password-storage-in-source-code.rds-insecure-password-storage-in-source-code",
-              "name": "terraform.lang.security.rds-insecure-password-storage-in-source-code.rds-insecure-password-storage-in-source-code",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.rds-insecure-password-storage-in-source-code.rds-insecure-password-storage-in-source-code"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.xss.mustache.var-in-href.var-in-href",
+              "name": "javascript.express.security.audit.xss.mustache.var-in-href.var-in-href",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.mustache.var-in-href.var-in-href"
               },
-              "fullDescription": {
-                "text": "Found that the setting for providing detailed exception reports in Rails is set to true. This can lead to information exposure, where sensitive system or internal information is displayed to the end user. Instead, turn this setting off."
+              "full_description": {
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/{{link}}'. You may also consider setting the Content Security Policy (CSP) header."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.var-in-href.var-in-href",
               "help": {
-                "markdown": "Found that the setting for providing detailed exception reports in Rails is set to true. This can lead to information exposure, where sensitive system or internal information is displayed to the end user. Instead, turn this setting off.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.detailed-exceptions.detailed-exceptions)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Found that the setting for providing detailed exception reports in Rails is set to true. This can lead to information exposure, where sensitive system or internal information is displayed to the end user. Instead, turn this setting off.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/{{link}}'. You may also consider setting the Content Security Policy (CSP) header.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/{{link}}'. You may also consider setting the Content Security Policy (CSP) header.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.var-in-href.var-in-href)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI)\n - [https://github.com/pugjs/pug/issues/2952](https://github.com/pugjs/pug/issues/2952)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.detailed-exceptions.detailed-exceptions",
-              "id": "ruby.rails.security.audit.detailed-exceptions.detailed-exceptions",
-              "name": "ruby.rails.security.audit.detailed-exceptions.detailed-exceptions",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.detailed-exceptions.detailed-exceptions"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.injection.raw-html-format.raw-html-format",
+              "name": "go.lang.security.injection.raw-html-format.raw-html-format",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.injection.raw-html-format.raw-html-format"
               },
-              "fullDescription": {
-                "text": "Default session middleware settings: `domain` not set. It indicates the domain of the cookie; use it to compare against the domain of the server in which the URL is being requested. If they match, then check the path attribute next."
+              "full_description": {
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `html/template` package which will safely render HTML instead, or inspect that the HTML is rendered safely."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.injection.raw-html-format.raw-html-format",
               "help": {
-                "markdown": "Default session middleware settings: `domain` not set. It indicates the domain of the cookie; use it to compare against the domain of the server in which the URL is being requested. If they match, then check the path attribute next.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-domain)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Default session middleware settings: `domain` not set. It indicates the domain of the cookie; use it to compare against the domain of the server in which the URL is being requested. If they match, then check the path attribute next.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `html/template` package which will safely render HTML instead, or inspect that the HTML is rendered safely.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `html/template` package which will safely render HTML instead, or inspect that the HTML is rendered safely.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.injection.raw-html-format.raw-html-format)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-domain",
-              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-domain",
-              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-domain",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-domain"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "go.lang.security.audit.dangerous-command-write.dangerous-command-write",
+              "name": "go.lang.security.audit.dangerous-command-write.dangerous-command-write",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.dangerous-command-write.dangerous-command-write"
               },
-              "fullDescription": {
-                "text": "Registering the identity used by an App with AD allows it to interact with other services without using username and password. Set the `identity` block in your appservice."
+              "full_description": {
+                "text": "Detected non-static command inside Write. Audit the input to '$CW.Write'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.dangerous-command-write.dangerous-command-write",
               "help": {
-                "markdown": "Registering the identity used by an App with AD allows it to interact with other services without using username and password. Set the `identity` block in your appservice.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-account-identity-registered.appservice-account-identity-registered)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#identity](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#identity)\n",
-                "text": "Registering the identity used by an App with AD allows it to interact with other services without using username and password. Set the `identity` block in your appservice.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected non-static command inside Write. Audit the input to '$CW.Write'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-static command inside Write. Audit the input to '$CW.Write'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.dangerous-command-write.dangerous-command-write)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-account-identity-registered.appservice-account-identity-registered",
-              "id": "terraform.azure.security.appservice.appservice-account-identity-registered.appservice-account-identity-registered",
-              "name": "terraform.azure.security.appservice.appservice-account-identity-registered.appservice-account-identity-registered",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-287: Improper Authentication",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-account-identity-registered.appservice-account-identity-registered"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Use the `ssrf_filter` gem and guard the url construction with `SsrfFilter(...)`, or create an allowlist for approved hosts."
-              },
-              "help": {
-                "markdown": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Use the `ssrf_filter` gem and guard the url construction with `SsrfFilter(...)`, or create an allowlist for approved hosts.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.injection.tainted-url-host.tainted-url-host)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n - [https://github.com/arkadiyt/ssrf_filter](https://github.com/arkadiyt/ssrf_filter)\n",
-                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Use the `ssrf_filter` gem and guard the url construction with `SsrfFilter(...)`, or create an allowlist for approved hosts.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "id": "problem-based-packs.insecure-transport.go-stdlib.gorequest-http-request.gorequest-http-request",
+              "name": "problem-based-packs.insecure-transport.go-stdlib.gorequest-http-request.gorequest-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.gorequest-http-request.gorequest-http-request"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.injection.tainted-url-host.tainted-url-host",
-              "id": "ruby.rails.security.injection.tainted-url-host.tainted-url-host",
-              "name": "ruby.rails.security.injection.tainted-url-host.tainted-url-host",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
+              "full_description": {
+                "text": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network."
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.injection.tainted-url-host.tainted-url-host"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "Mass assignment or Autobinding vulnerability in code allows an attacker to execute over-posting attacks, which could create a new parameter in the binding request and manipulate the underlying object in the application."
-              },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.gorequest-http-request.gorequest-http-request",
               "help": {
-                "markdown": "Mass assignment or Autobinding vulnerability in code allows an attacker to execute over-posting attacks, which could create a new parameter in the binding request and manipulate the underlying object in the application.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.audit.mass-assignment.mass-assignment)\n - [https://cwe.mitre.org/data/definitions/915.html](https://cwe.mitre.org/data/definitions/915.html)\n - [https://github.com/OWASP/API-Security/blob/master/2019/en/src/0xa6-mass-assignment.md](https://github.com/OWASP/API-Security/blob/master/2019/en/src/0xa6-mass-assignment.md)\n",
-                "text": "Mass assignment or Autobinding vulnerability in code allows an attacker to execute over-posting attacks, which could create a new parameter in the binding request and manipulate the underlying object in the application.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.gorequest-http-request.gorequest-http-request)\n - [https://github.com/parnurzeal/gorequest](https://github.com/parnurzeal/gorequest)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.dotnet.security.audit.mass-assignment.mass-assignment",
-              "id": "csharp.dotnet.security.audit.mass-assignment.mass-assignment",
-              "name": "csharp.dotnet.security.audit.mass-assignment.mass-assignment",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.dotnet.security.audit.mass-assignment.mass-assignment"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.exec-detected.exec-detected",
+              "name": "python.lang.security.audit.exec-detected.exec-detected",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.exec-detected.exec-detected"
+              },
+              "full_description": {
+                "text": "Detected the use of exec(). exec() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.exec-detected.exec-detected",
               "help": {
-                "markdown": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-wkhtml-injection.express-wkhtmltoimage-injection)\n - [https://www.npmjs.com/package/wkhtmltopdf](https://www.npmjs.com/package/wkhtmltopdf)\n",
-                "text": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected the use of exec(). exec() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the use of exec(). exec() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.exec-detected.exec-detected)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-wkhtml-injection.express-wkhtmltoimage-injection",
-              "id": "javascript.express.security.express-wkhtml-injection.express-wkhtmltoimage-injection",
-              "name": "javascript.express.security.express-wkhtml-injection.express-wkhtmltoimage-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-wkhtml-injection.express-wkhtmltoimage-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.github-actions.security.github-script-injection.github-script-injection",
+              "name": "yaml.github-actions.security.github-script-injection.github-script-injection",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.github-actions.security.github-script-injection.github-script-injection"
               },
-              "fullDescription": {
-                "text": "Detected a paramiko host key policy that implicitly trusts a server's host key. Host keys should be verified to ensure the connection is not to a malicious server. Use RejectPolicy or a custom subclass instead."
+              "full_description": {
+                "text": "Using variable interpolation `${{...}}` with `github` context data in a `actions/github-script`'s `script:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\"."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.github-actions.security.github-script-injection.github-script-injection",
               "help": {
-                "markdown": "Detected a paramiko host key policy that implicitly trusts a server's host key. Host keys should be verified to ensure the connection is not to a malicious server. Use RejectPolicy or a custom subclass instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key)\n - [http://docs.paramiko.org/en/stable/api/client.html#paramiko.client.AutoAddPolicy](http://docs.paramiko.org/en/stable/api/client.html#paramiko.client.AutoAddPolicy)\n",
-                "text": "Detected a paramiko host key policy that implicitly trusts a server's host key. Host keys should be verified to ensure the connection is not to a malicious server. Use RejectPolicy or a custom subclass instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using variable interpolation `${{...}}` with `github` context data in a `actions/github-script`'s `script:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\".\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using variable interpolation `${{...}}` with `github` context data in a `actions/github-script`'s `script:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\".\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.github-script-injection.github-script-injection)\n - [https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections](https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections)\n - [https://securitylab.github.com/research/github-actions-untrusted-input/](https://securitylab.github.com/research/github-actions-untrusted-input/)\n - [https://github.com/actions/github-script](https://github.com/actions/github-script)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key",
-              "id": "python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key",
-              "name": "python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-322: Key Exchange without Entity Authentication",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-ipv6network1",
+              "name": "python.lang.compatibility.python37.python37-compatibility-ipv6network1",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-ipv6network1"
               },
-              "fullDescription": {
-                "text": "Service '$SERVICE' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this."
+              "full_description": {
+                "text": "IPv6Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv6network1",
               "help": {
-                "markdown": "Service '$SERVICE' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service)\n - [https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir](https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir)\n - [https://blog.atomist.com/security-of-docker-kubernetes/](https://blog.atomist.com/security-of-docker-kubernetes/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-8-set-filesystem-and-volumes-to-read-only](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-8-set-filesystem-and-volumes-to-read-only)\n",
-                "text": "Service '$SERVICE' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "IPv6Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "IPv6Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv6network1)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service",
-              "id": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service",
-              "name": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
-                  "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "scala.play.security.tainted-sql-from-http-request.tainted-sql-from-http-request",
+              "name": "scala.play.security.tainted-sql-from-http-request.tainted-sql-from-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: scala.play.security.tainted-sql-from-http-request.tainted-sql-from-http-request"
               },
-              "fullDescription": {
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
+              "full_description": {
+                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/scala.play.security.tainted-sql-from-http-request.tainted-sql-from-http-request",
               "help": {
-                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.tainted-sql-string.tainted-sql-string)\n - [https://rorsecurity.info/portfolio/ruby-on-rails-sql-injection-cheat-sheet](https://rorsecurity.info/portfolio/ruby-on-rails-sql-injection-cheat-sheet)\n",
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.play.security.tainted-sql-from-http-request.tainted-sql-from-http-request)\n - [https://docs.oracle.com/javase/7/docs/api/java/sql/PreparedStatement.html](https://docs.oracle.com/javase/7/docs/api/java/sql/PreparedStatement.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.aws-lambda.security.tainted-sql-string.tainted-sql-string",
-              "id": "ruby.aws-lambda.security.tainted-sql-string.tainted-sql-string",
-              "name": "ruby.aws-lambda.security.tainted-sql-string.tainted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
+                  "HIGH CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.aws-lambda.security.tainted-sql-string.tainted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.pymongo.security.mongodb.mongo-client-bad-auth",
+              "name": "python.pymongo.security.mongodb.mongo-client-bad-auth",
+              "short_description": {
+                "text": "Semgrep Finding: python.pymongo.security.mongodb.mongo-client-bad-auth"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a `mssql` JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `$REQ.input('USER_ID', mssql.Int, id);`"
+              "full_description": {
+                "text": "Warning MONGODB-CR was deprecated with the release of MongoDB 3.6 and is no longer supported by MongoDB 4.0 (see https://api.mongodb.com/python/current/examples/authentication.html for details)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.pymongo.security.mongodb.mongo-client-bad-auth",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a `mssql` JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `$REQ.input('USER_ID', mssql.Int, id);`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-mssql-sqli.node-mssql-sqli)\n - [https://www.npmjs.com/package/mssql](https://www.npmjs.com/package/mssql)\n",
-                "text": "Detected string concatenation with a non-literal variable in a `mssql` JS SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `$REQ.input('USER_ID', mssql.Int, id);`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Warning MONGODB-CR was deprecated with the release of MongoDB 3.6 and is no longer supported by MongoDB 4.0 (see https://api.mongodb.com/python/current/examples/authentication.html for details).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Warning MONGODB-CR was deprecated with the release of MongoDB 3.6 and is no longer supported by MongoDB 4.0 (see https://api.mongodb.com/python/current/examples/authentication.html for details).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pymongo.security.mongodb.mongo-client-bad-auth)\n - [https://cwe.mitre.org/data/definitions/477.html](https://cwe.mitre.org/data/definitions/477.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-mssql-sqli.node-mssql-sqli",
-              "id": "javascript.lang.security.audit.sqli.node-mssql-sqli.node-mssql-sqli",
-              "name": "javascript.lang.security.audit.sqli.node-mssql-sqli.node-mssql-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-477: Use of Obsolete Function",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.sqli.node-mssql-sqli.node-mssql-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "clojure.lang.security.use-of-md5.use-of-md5",
+              "name": "clojure.lang.security.use-of-md5.use-of-md5",
+              "short_description": {
+                "text": "Semgrep Finding: clojure.lang.security.use-of-md5.use-of-md5"
               },
-              "fullDescription": {
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead."
+              "full_description": {
+                "text": "MD5 hash algorithm detected. This is not collision resistant and leads to easily-cracked password hashes. Replace with current recommended hashing algorithms."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/clojure.lang.security.use-of-md5.use-of-md5",
               "help": {
-                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.tainted-html-string.tainted-html-string)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "MD5 hash algorithm detected. This is not collision resistant and leads to easily-cracked password hashes. Replace with current recommended hashing algorithms.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "MD5 hash algorithm detected. This is not collision resistant and leads to easily-cracked password hashes. Replace with current recommended hashing algorithms.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/clojure.lang.security.use-of-md5.use-of-md5)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.tainted-html-string.tainted-html-string",
-              "id": "python.aws-lambda.security.tainted-html-string.tainted-html-string",
-              "name": "python.aws-lambda.security.tainted-html-string.tainted-html-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-328: Use of Weak Hash",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.tainted-html-string.tainted-html-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "yaml.kubernetes.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
+              "name": "yaml.kubernetes.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.seccomp-confinement-disabled.seccomp-confinement-disabled"
               },
-              "fullDescription": {
-                "text": "Generic Secret detected"
+              "full_description": {
+                "text": "Container is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccompProfile: unconfined' to prevent this."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
               "help": {
-                "markdown": "Generic Secret detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-generic-secret.detected-generic-secret)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Generic Secret detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Container is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccompProfile: unconfined' to prevent this.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Container is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccompProfile: unconfined' to prevent this.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.seccomp-confinement-disabled.seccomp-confinement-disabled)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-generic-secret.detected-generic-secret",
-              "id": "generic.secrets.security.detected-generic-secret.detected-generic-secret",
-              "name": "generic.secrets.security.detected-generic-secret.detected-generic-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-284: Improper Access Control",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-generic-secret.detected-generic-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.unserialize-use.unserialize-use",
+              "name": "php.lang.security.unserialize-use.unserialize-use",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.unserialize-use.unserialize-use"
               },
-              "fullDescription": {
-                "text": "Detected XOR cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead."
+              "full_description": {
+                "text": "Calling `unserialize()` with user input in the pattern can lead to arbitrary code execution. Consider using JSON or structured data approaches (e.g. Google Protocol Buffers)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.unserialize-use.unserialize-use",
               "help": {
-                "markdown": "Detected XOR cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm.insecure-cipher-algorithm-xor)\n - [https://stackoverflow.com/questions/1135186/whats-wrong-with-xor-encryption](https://stackoverflow.com/questions/1135186/whats-wrong-with-xor-encryption)\n",
-                "text": "Detected XOR cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Calling `unserialize()` with user input in the pattern can lead to arbitrary code execution. Consider using JSON or structured data approaches (e.g. Google Protocol Buffers).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Calling `unserialize()` with user input in the pattern can lead to arbitrary code execution. Consider using JSON or structured data approaches (e.g. Google Protocol Buffers).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.unserialize-use.unserialize-use)\n - [https://www.php.net/manual/en/function.unserialize.php](https://www.php.net/manual/en/function.unserialize.php)\n - [https://owasp.org/www-project-top-ten/2017/A8_2017-Insecure_Deserialization.html](https://owasp.org/www-project-top-ten/2017/A8_2017-Insecure_Deserialization.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm.insecure-cipher-algorithm-xor",
-              "id": "python.pycryptodome.security.insecure-cipher-algorithm.insecure-cipher-algorithm-xor",
-              "name": "python.pycryptodome.security.insecure-cipher-algorithm.insecure-cipher-algorithm-xor",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insecure-cipher-algorithm.insecure-cipher-algorithm-xor"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.stacktrace-disclosure.stacktrace-disclosure",
+              "name": "csharp.lang.security.stacktrace-disclosure.stacktrace-disclosure",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.stacktrace-disclosure.stacktrace-disclosure"
               },
-              "fullDescription": {
-                "text": "Flask does not automatically escape Jinja templates unless they have .html, .htm, .xml, or .xhtml extensions. This could lead to XSS attacks. Use .html, .htm, .xml, or .xhtml for your template extensions. See https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup for more information."
+              "full_description": {
+                "text": "Stacktrace information is displayed in a non-Development environment. Accidentally disclosing sensitive stack trace information in a production environment aids an attacker in reconnaissance and information gathering."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.stacktrace-disclosure.stacktrace-disclosure",
               "help": {
-                "markdown": "Flask does not automatically escape Jinja templates unless they have .html, .htm, .xml, or .xhtml extensions. This could lead to XSS attacks. Use .html, .htm, .xml, or .xhtml for your template extensions. See https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.unescaped-template-extension.unescaped-template-extension)\n - [https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup](https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup)\n - [https://semgrep.dev/blog/2020/bento-check-unescaped-template-extensions-in-flask/](https://semgrep.dev/blog/2020/bento-check-unescaped-template-extensions-in-flask/)\n - [https://bento.dev/checks/flask/unescaped-file-extension/](https://bento.dev/checks/flask/unescaped-file-extension/)\n",
-                "text": "Flask does not automatically escape Jinja templates unless they have .html, .htm, .xml, or .xhtml extensions. This could lead to XSS attacks. Use .html, .htm, .xml, or .xhtml for your template extensions. See https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Stacktrace information is displayed in a non-Development environment. Accidentally disclosing sensitive stack trace information in a production environment aids an attacker in reconnaissance and information gathering.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Stacktrace information is displayed in a non-Development environment. Accidentally disclosing sensitive stack trace information in a production environment aids an attacker in reconnaissance and information gathering.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.stacktrace-disclosure.stacktrace-disclosure)\n - [https://cwe.mitre.org/data/definitions/209.html](https://cwe.mitre.org/data/definitions/209.html)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design/](https://owasp.org/Top10/A04_2021-Insecure_Design/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.unescaped-template-extension.unescaped-template-extension",
-              "id": "python.flask.security.unescaped-template-extension.unescaped-template-extension",
-              "name": "python.flask.security.unescaped-template-extension.unescaped-template-extension",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-209: Generation of Error Message Containing Sensitive Information",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.unescaped-template-extension.unescaped-template-extension"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.deserialization.avoid-unsafe-ruamel.avoid-unsafe-ruamel",
+              "name": "python.lang.security.deserialization.avoid-unsafe-ruamel.avoid-unsafe-ruamel",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.deserialization.avoid-unsafe-ruamel.avoid-unsafe-ruamel"
               },
-              "fullDescription": {
-                "text": "The BinaryFormatter type is dangerous and is not recommended for data processing. Applications should stop using BinaryFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. BinaryFormatter is insecure and can't be made secure"
+              "full_description": {
+                "text": "Avoid using unsafe `ruamel.yaml.YAML()`. `ruamel.yaml.YAML` can create arbitrary Python objects. A malicious actor could exploit this to run arbitrary code. Use `YAML(typ='rt')` or `YAML(typ='safe')` instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.deserialization.avoid-unsafe-ruamel.avoid-unsafe-ruamel",
               "help": {
-                "markdown": "The BinaryFormatter type is dangerous and is not recommended for data processing. Applications should stop using BinaryFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. BinaryFormatter is insecure and can't be made secure\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.binary-formatter.insecure-binaryformatter-deserialization)\n - [https://docs.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide](https://docs.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide)\n",
-                "text": "The BinaryFormatter type is dangerous and is not recommended for data processing. Applications should stop using BinaryFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. BinaryFormatter is insecure and can't be made secure\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using unsafe `ruamel.yaml.YAML()`. `ruamel.yaml.YAML` can create arbitrary Python objects. A malicious actor could exploit this to run arbitrary code. Use `YAML(typ='rt')` or `YAML(typ='safe')` instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using unsafe `ruamel.yaml.YAML()`. `ruamel.yaml.YAML` can create arbitrary Python objects. A malicious actor could exploit this to run arbitrary code. Use `YAML(typ='rt')` or `YAML(typ='safe')` instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.avoid-unsafe-ruamel.avoid-unsafe-ruamel)\n - [https://yaml.readthedocs.io/en/latest/basicuse.html?highlight=typ](https://yaml.readthedocs.io/en/latest/basicuse.html?highlight=typ)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.binary-formatter.insecure-binaryformatter-deserialization",
-              "id": "csharp.lang.security.insecure-deserialization.binary-formatter.insecure-binaryformatter-deserialization",
-              "name": "csharp.lang.security.insecure-deserialization.binary-formatter.insecure-binaryformatter-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-502: Deserialization of Untrusted Data",
-                  "HIGH CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A08:2017 - Insecure Deserialization",
                   "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.binary-formatter.insecure-binaryformatter-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.dotnet.security.net-webconfig-debug.net-webconfig-debug",
+              "name": "csharp.dotnet.security.net-webconfig-debug.net-webconfig-debug",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.dotnet.security.net-webconfig-debug.net-webconfig-debug"
               },
-              "fullDescription": {
-                "text": "Detected a string argument from a public method contract in a raw SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              "full_description": {
+                "text": "ASP.NET applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Set `debug` to `false` or remove it from `<compilation ... />`"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/csharp.dotnet.security.net-webconfig-debug.net-webconfig-debug",
               "help": {
-                "markdown": "Detected a string argument from a public method contract in a raw SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spring-sqli.spring-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected a string argument from a public method contract in a raw SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "ASP.NET applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Set `debug` to `false` or remove it from `<compilation ... />`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "ASP.NET applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Set `debug` to `false` or remove it from `<compilation ... />`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.net-webconfig-debug.net-webconfig-debug)\n - [https://web.archive.org/web/20190919105353/https://blogs.msdn.microsoft.com/prashant_upadhyay/2011/07/14/why-debugfalse-in-asp-net-applications-in-production-environment/](https://web.archive.org/web/20190919105353/https://blogs.msdn.microsoft.com/prashant_upadhyay/2011/07/14/why-debugfalse-in-asp-net-applications-in-production-environment/)\n - [https://msdn.microsoft.com/en-us/library/e8z01xdh.aspx](https://msdn.microsoft.com/en-us/library/e8z01xdh.aspx)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.audit.spring-sqli.spring-sqli",
-              "id": "java.spring.security.audit.spring-sqli.spring-sqli",
-              "name": "java.spring.security.audit.spring-sqli.spring-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-11: ASP.NET Misconfiguration: Creating Debug Binary",
+                  "LOW CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.audit.spring-sqli.spring-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "python.django.security.injection.request-data-fileresponse.request-data-fileresponse",
+              "name": "python.django.security.injection.request-data-fileresponse.request-data-fileresponse",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.request-data-fileresponse.request-data-fileresponse"
               },
-              "fullDescription": {
-                "text": "Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters. This finding is reported for completeness; it is recommended to ensure your environment is not affected by testing this yourself."
+              "full_description": {
+                "text": "Found user-controlled request data being passed into a file open, which is them passed as an argument into the FileResponse. This is dangerous because an attacker could specify an arbitrary file to read, which could result in leaking important data. Be sure to validate or sanitize the user-inputted filename in the request data before using it in FileResponse."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.request-data-fileresponse.request-data-fileresponse",
               "help": {
-                "markdown": "Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters. This finding is reported for completeness; it is recommended to ensure your environment is not affected by testing this yourself.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.http-response-splitting.http-response-splitting)\n - [https://www.owasp.org/index.php/HTTP_Response_Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting)\n",
-                "text": "Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters. This finding is reported for completeness; it is recommended to ensure your environment is not affected by testing this yourself.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user-controlled request data being passed into a file open, which is them passed as an argument into the FileResponse. This is dangerous because an attacker could specify an arbitrary file to read, which could result in leaking important data. Be sure to validate or sanitize the user-inputted filename in the request data before using it in FileResponse.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user-controlled request data being passed into a file open, which is them passed as an argument into the FileResponse. This is dangerous because an attacker could specify an arbitrary file to read, which could result in leaking important data. Be sure to validate or sanitize the user-inputted filename in the request data before using it in FileResponse.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.request-data-fileresponse.request-data-fileresponse)\n - [https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss](https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.http-response-splitting.http-response-splitting",
-              "id": "java.lang.security.audit.http-response-splitting.http-response-splitting",
-              "name": "java.lang.security.audit.http-response-splitting.http-response-splitting",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.http-response-splitting.http-response-splitting"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join",
+              "name": "python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join"
               },
-              "fullDescription": {
-                "text": "'raw' renders raw HTML, as the name implies. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify."
+              "full_description": {
+                "text": "Data from request is passed to os.path.join() and to open(). This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or Path library."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join",
               "help": {
-                "markdown": "'raw' renders raw HTML, as the name implies. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-raw.avoid-raw)\n - [https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===](https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===)\n - [https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027](https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027)\n",
-                "text": "'raw' renders raw HTML, as the name implies. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Data from request is passed to os.path.join() and to open(). This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or Path library.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data from request is passed to os.path.join() and to open(). This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or Path library.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-raw.avoid-raw",
-              "id": "ruby.rails.security.audit.xss.templates.avoid-raw.avoid-raw",
-              "name": "ruby.rails.security.audit.xss.templates.avoid-raw.avoid-raw",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.avoid-raw.avoid-raw"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "kotlin.lang.security.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
+              "name": "kotlin.lang.security.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call"
               },
-              "fullDescription": {
-                "text": "A CSRF middleware was not detected in your express application. Ensure you are either using one such as `csurf` or `csrf` (see rule references) and/or you are properly doing CSRF validation in your routes with a token or cookies."
+              "full_description": {
+                "text": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
               "help": {
-                "markdown": "A CSRF middleware was not detected in your express application. Ensure you are either using one such as `csurf` or `csrf` (see rule references) and/or you are properly doing CSRF validation in your routes with a token or cookies.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage)\n - [https://www.npmjs.com/package/csurf](https://www.npmjs.com/package/csurf)\n - [https://www.npmjs.com/package/csrf](https://www.npmjs.com/package/csrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html)\n",
-                "text": "A CSRF middleware was not detected in your express application. Ensure you are either using one such as `csurf` or `csrf` (see rule references) and/or you are properly doing CSRF validation in your routes with a token or cookies.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage",
-              "id": "javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage",
-              "name": "javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.iam.no-iam-star-actions.no-iam-star-actions",
+              "name": "terraform.lang.security.iam.no-iam-star-actions.no-iam-star-actions",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-star-actions.no-iam-star-actions"
               },
-              "fullDescription": {
-                "text": "XMLDecoder should not be used to parse untrusted data. Deserializing user input can lead to arbitrary code execution. Use an alternative and explicitly disable external entities. See https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html for alternatives and vulnerability prevention."
+              "full_description": {
+                "text": "Ensure that no IAM policies allow \"*\" as a statement's actions. This allows all actions to be performed on the specified resources, and is a violation of the principle of least privilege. Instead, specify the actions that a certain user or policy is allowed to take."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-star-actions.no-iam-star-actions",
               "help": {
-                "markdown": "XMLDecoder should not be used to parse untrusted data. Deserializing user input can lead to arbitrary code execution. Use an alternative and explicitly disable external entities. See https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html for alternatives and vulnerability prevention.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xml-decoder.xml-decoder)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html)\n",
-                "text": "XMLDecoder should not be used to parse untrusted data. Deserializing user input can lead to arbitrary code execution. Use an alternative and explicitly disable external entities. See https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html for alternatives and vulnerability prevention.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure that no IAM policies allow \"*\" as a statement's actions. This allows all actions to be performed on the specified resources, and is a violation of the principle of least privilege. Instead, specify the actions that a certain user or policy is allowed to take.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure that no IAM policies allow \"*\" as a statement's actions. This allows all actions to be performed on the specified resources, and is a violation of the principle of least privilege. Instead, specify the actions that a certain user or policy is allowed to take.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-star-actions.no-iam-star-actions)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy)\n - [https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/StarActionPolicyDocument.py](https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/StarActionPolicyDocument.py)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.xml-decoder.xml-decoder",
-              "id": "java.lang.security.audit.xml-decoder.xml-decoder",
-              "name": "java.lang.security.audit.xml-decoder.xml-decoder",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "CWE-269: Improper Privilege Management",
                   "LOW CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.xml-decoder.xml-decoder"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.python-reverse-shell.python-reverse-shell",
+              "name": "python.lang.security.audit.python-reverse-shell.python-reverse-shell",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.python-reverse-shell.python-reverse-shell"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `run` or `create` method it can result in running arbitrary container."
+              "full_description": {
+                "text": "Semgrep found a Python reverse shell using $BINPATH to $IP at $PORT"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.python-reverse-shell.python-reverse-shell",
               "help": {
-                "markdown": "If unverified user data can reach the `run` or `create` method it can result in running arbitrary container.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.docker.security.audit.docker-arbitrary-container-run.docker-arbitrary-container-run)\n - [https://cwe.mitre.org/data/definitions/250.html](https://cwe.mitre.org/data/definitions/250.html)\n",
-                "text": "If unverified user data can reach the `run` or `create` method it can result in running arbitrary container.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Semgrep found a Python reverse shell using $BINPATH to $IP at $PORT\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Semgrep found a Python reverse shell using $BINPATH to $IP at $PORT\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.python-reverse-shell.python-reverse-shell)\n - [https://cwe.mitre.org/data/definitions/553.html](https://cwe.mitre.org/data/definitions/553.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.docker.security.audit.docker-arbitrary-container-run.docker-arbitrary-container-run",
-              "id": "python.docker.security.audit.docker-arbitrary-container-run.docker-arbitrary-container-run",
-              "name": "python.docker.security.audit.docker-arbitrary-container-run.docker-arbitrary-container-run",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-250: Execution with Unnecessary Privileges",
+                  "CWE-553: Command Shell in Externally Accessible Directory",
                   "LOW CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.docker.security.audit.docker-arbitrary-container-run.docker-arbitrary-container-run"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-default-name",
+              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-default-name",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-default-name"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a go-pg ORM SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, do not use strings concatenated with user-controlled input. Instead, use parameterized statements."
+              "full_description": {
+                "text": "Don’t use the default session cookie name Using the default session cookie name can open your app to attacks. The security issue posed is similar to X-Powered-By: a potential attacker can use it to fingerprint the server and target attacks accordingly."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-default-name",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a go-pg ORM SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, do not use strings concatenated with user-controlled input. Instead, use parameterized statements.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.sqli.pg-orm-sqli.pg-orm-sqli)\n - [https://pg.uptrace.dev/queries/](https://pg.uptrace.dev/queries/)\n",
-                "text": "Detected string concatenation with a non-literal variable in a go-pg ORM SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, do not use strings concatenated with user-controlled input. Instead, use parameterized statements.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Don’t use the default session cookie name Using the default session cookie name can open your app to attacks. The security issue posed is similar to X-Powered-By: a potential attacker can use it to fingerprint the server and target attacks accordingly.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Don’t use the default session cookie name Using the default session cookie name can open your app to attacks. The security issue posed is similar to X-Powered-By: a potential attacker can use it to fingerprint the server and target attacks accordingly.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-default-name)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.sqli.pg-orm-sqli.pg-orm-sqli",
-              "id": "go.lang.security.audit.sqli.pg-orm-sqli.pg-orm-sqli",
-              "name": "go.lang.security.audit.sqli.pg-orm-sqli.pg-orm-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.sqli.pg-orm-sqli.pg-orm-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.code.user-exec-format-string.user-exec-format-string",
+              "name": "python.django.security.injection.code.user-exec-format-string.user-exec-format-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.code.user-exec-format-string.user-exec-format-string"
               },
-              "fullDescription": {
-                "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
+              "full_description": {
+                "text": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.code.user-exec-format-string.user-exec-format-string",
               "help": {
-                "markdown": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.eval-detected.eval-detected)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.code.user-exec-format-string.user-exec-format-string)\n - [https://owasp.org/www-community/attacks/Code_Injection](https://owasp.org/www-community/attacks/Code_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.eval-detected.eval-detected",
-              "id": "python.lang.security.audit.eval-detected.eval-detected",
-              "name": "python.lang.security.audit.eval-detected.eval-detected",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.eval-detected.eval-detected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.lang.security.audit.cors-regex-wildcard.cors-regex-wildcard",
+              "name": "typescript.lang.security.audit.cors-regex-wildcard.cors-regex-wildcard",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.lang.security.audit.cors-regex-wildcard.cors-regex-wildcard"
               },
-              "fullDescription": {
-                "text": "Session cookie `Secure` flag is explicitly disabled. The `secure` flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the `Secure` flag by setting `secure` to `true` in configuration file."
+              "full_description": {
+                "text": "Unescaped '.' character in CORS domain regex $CORS: $PATTERN"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/typescript.lang.security.audit.cors-regex-wildcard.cors-regex-wildcard",
               "help": {
-                "markdown": "Session cookie `Secure` flag is explicitly disabled. The `secure` flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the `Secure` flag by setting `secure` to `true` in configuration file.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.play.security.conf-insecure-cookie-settings.conf-insecure-cookie-settings)\n - [https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#security](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#security)\n - [https://www.playframework.com/documentation/2.8.x/SettingsSession#Session-Configuration](https://www.playframework.com/documentation/2.8.x/SettingsSession#Session-Configuration)\n",
-                "text": "Session cookie `Secure` flag is explicitly disabled. The `secure` flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the `Secure` flag by setting `secure` to `true` in configuration file.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Unescaped '.' character in CORS domain regex $CORS: $PATTERN\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Unescaped '.' character in CORS domain regex $CORS: $PATTERN\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.lang.security.audit.cors-regex-wildcard.cors-regex-wildcard)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.play.security.conf-insecure-cookie-settings.conf-insecure-cookie-settings",
-              "id": "scala.play.security.conf-insecure-cookie-settings.conf-insecure-cookie-settings",
-              "name": "scala.play.security.conf-insecure-cookie-settings.conf-insecure-cookie-settings",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-183: Permissive List of Allowed Inputs",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.play.security.conf-insecure-cookie-settings.conf-insecure-cookie-settings"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "c.lang.security.insecure-use-strtok-fn.insecure-use-strtok-fn",
+              "name": "c.lang.security.insecure-use-strtok-fn.insecure-use-strtok-fn",
+              "short_description": {
+                "text": "Semgrep Finding: c.lang.security.insecure-use-strtok-fn.insecure-use-strtok-fn"
               },
-              "fullDescription": {
-                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)"
+              "full_description": {
+                "text": "Avoid using 'strtok()'. This function directly modifies the first argument buffer, permanently erasing the delimiter character. Use 'strtok_r()' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/c.lang.security.insecure-use-strtok-fn.insecure-use-strtok-fn",
               "help": {
-                "markdown": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.scala-jwt.security.jwt-hardcode.scala-jwt-hardcoded-secret)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using 'strtok()'. This function directly modifies the first argument buffer, permanently erasing the delimiter character. Use 'strtok_r()' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using 'strtok()'. This function directly modifies the first argument buffer, permanently erasing the delimiter character. Use 'strtok_r()' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/c.lang.security.insecure-use-strtok-fn.insecure-use-strtok-fn)\n - [https://wiki.sei.cmu.edu/confluence/display/c/STR06-C.+Do+not+assume+that+strtok%28%29+leaves+the+parse+string+unchanged](https://wiki.sei.cmu.edu/confluence/display/c/STR06-C.+Do+not+assume+that+strtok%28%29+leaves+the+parse+string+unchanged)\n - [https://man7.org/linux/man-pages/man3/strtok.3.html#BUGS](https://man7.org/linux/man-pages/man3/strtok.3.html#BUGS)\n - [https://stackoverflow.com/a/40335556](https://stackoverflow.com/a/40335556)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.scala-jwt.security.jwt-hardcode.scala-jwt-hardcoded-secret",
-              "id": "scala.scala-jwt.security.jwt-hardcode.scala-jwt-hardcoded-secret",
-              "name": "scala.scala-jwt.security.jwt-hardcode.scala-jwt-hardcoded-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-676: Use of Potentially Dangerous Function",
+                  "LOW CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.scala-jwt.security.jwt-hardcode.scala-jwt-hardcoded-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.argon2.security.unsafe-argon2-config.unsafe-argon2-config",
+              "name": "javascript.argon2.security.unsafe-argon2-config.unsafe-argon2-config",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.argon2.security.unsafe-argon2-config.unsafe-argon2-config"
               },
-              "fullDescription": {
-                "text": "Dangerous client config used, ensure SSL verification"
+              "full_description": {
+                "text": "Prefer Argon2id where possible. Per RFC9016, section 4 IETF recommends selecting Argon2id unless you can guarantee an adversary has no direct access to the computing environment."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.argon2.security.unsafe-argon2-config.unsafe-argon2-config",
               "help": {
-                "markdown": "Dangerous client config used, ensure SSL verification\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/rust.lang.security.rustls-dangerous.rustls-dangerous)\n - [https://docs.rs/rustls/latest/rustls/client/struct.DangerousClientConfig.html](https://docs.rs/rustls/latest/rustls/client/struct.DangerousClientConfig.html)\n - [https://docs.rs/rustls/latest/rustls/client/struct.ClientConfig.html#method.dangerous](https://docs.rs/rustls/latest/rustls/client/struct.ClientConfig.html#method.dangerous)\n",
-                "text": "Dangerous client config used, ensure SSL verification\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Prefer Argon2id where possible. Per RFC9016, section 4 IETF recommends selecting Argon2id unless you can guarantee an adversary has no direct access to the computing environment.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Prefer Argon2id where possible. Per RFC9016, section 4 IETF recommends selecting Argon2id unless you can guarantee an adversary has no direct access to the computing environment.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.argon2.security.unsafe-argon2-config.unsafe-argon2-config)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)\n - [https://eprint.iacr.org/2016/759.pdf](https://eprint.iacr.org/2016/759.pdf)\n - [https://www.cs.tau.ac.il/~tromer/papers/cache-joc-20090619.pdf](https://www.cs.tau.ac.il/~tromer/papers/cache-joc-20090619.pdf)\n - [https://datatracker.ietf.org/doc/html/rfc9106#section-4](https://datatracker.ietf.org/doc/html/rfc9106#section-4)\n"
               },
-              "helpUri": "https://semgrep.dev/r/rust.lang.security.rustls-dangerous.rustls-dangerous",
-              "id": "rust.lang.security.rustls-dangerous.rustls-dangerous",
-              "name": "rust.lang.security.rustls-dangerous.rustls-dangerous",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-295: Improper Certificate Validation",
-                  "HIGH CONFIDENCE",
+                  "CWE-916: Use of Password Hash With Insufficient Computational Effort",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: rust.lang.security.rustls-dangerous.rustls-dangerous"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-ssm-document-logging-issues.aws-ssm-document-logging-issues",
+              "name": "terraform.aws.security.aws-ssm-document-logging-issues.aws-ssm-document-logging-issues",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-ssm-document-logging-issues.aws-ssm-document-logging-issues"
               },
-              "fullDescription": {
-                "text": "Autoescape is globally disbaled for this Django application. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'."
+              "full_description": {
+                "text": "The AWS SSM logs are unencrypted or disabled. Please enable logs and use AWS KMS encryption key to protect SSM logs. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-ssm-document-logging-issues.aws-ssm-document-logging-issues",
               "help": {
-                "markdown": "Autoescape is globally disbaled for this Django application. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.global-autoescape-off.global-autoescape-off)\n - [https://docs.djangoproject.com/en/3.1/ref/settings/#templates](https://docs.djangoproject.com/en/3.1/ref/settings/#templates)\n - [https://docs.djangoproject.com/en/3.1/topics/templates/#django.template.backends.django.DjangoTemplates](https://docs.djangoproject.com/en/3.1/topics/templates/#django.template.backends.django.DjangoTemplates)\n",
-                "text": "Autoescape is globally disbaled for this Django application. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS SSM logs are unencrypted or disabled. Please enable logs and use AWS KMS encryption key to protect SSM logs. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS SSM logs are unencrypted or disabled. Please enable logs and use AWS KMS encryption key to protect SSM logs. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ssm-document-logging-issues.aws-ssm-document-logging-issues)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.global-autoescape-off.global-autoescape-off",
-              "id": "python.django.security.audit.xss.global-autoescape-off.global-autoescape-off",
-              "name": "python.django.security.audit.xss.global-autoescape-off.global-autoescape-off",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-326: Inadequate Encryption Strength",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.global-autoescape-off.global-autoescape-off"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.xss.ejs.var-in-href.var-in-href",
+              "name": "javascript.express.security.audit.xss.ejs.var-in-href.var-in-href",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.ejs.var-in-href.var-in-href"
               },
-              "fullDescription": {
-                "text": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'."
+              "full_description": {
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link %>'. You may also consider setting the Content Security Policy (CSP) header."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-href.var-in-href",
               "help": {
-                "markdown": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.nan-injection.nan-injection)\n - [https://discuss.python.org/t/nan-breaks-min-max-and-sorting-functions-a-solution/2868](https://discuss.python.org/t/nan-breaks-min-max-and-sorting-functions-a-solution/2868)\n - [https://blog.bitdiscovery.com/2021/12/python-nan-injection/](https://blog.bitdiscovery.com/2021/12/python-nan-injection/)\n",
-                "text": "Found user input going directly into typecast for bool(), float(), or complex(). This allows an attacker to inject Python's not-a-number (NaN) into the typecast. This results in undefind behavior, particularly when doing comparisons. Either cast to a different type, or add a guard checking for all capitalizations of the string 'nan'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link %>'. You may also consider setting the Content Security Policy (CSP) header.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link %>'. You may also consider setting the Content Security Policy (CSP) header.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-href.var-in-href)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI)\n - [https://github.com/pugjs/pug/issues/2952](https://github.com/pugjs/pug/issues/2952)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.nan-injection.nan-injection",
-              "id": "python.django.security.nan-injection.nan-injection",
-              "name": "python.django.security.nan-injection.nan-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-704: Incorrect Type Conversion or Cast",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.nan-injection.nan-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.aws-lambda.security.sequelize-sqli.sequelize-sqli",
+              "name": "javascript.aws-lambda.security.sequelize-sqli.sequelize-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.sequelize-sqli.sequelize-sqli"
               },
-              "fullDescription": {
-                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)"
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `sequelize.query('SELECT * FROM projects WHERE status = ?', { replacements: ['active'], type: QueryTypes.SELECT });`"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.sequelize-sqli.sequelize-sqli",
               "help": {
-                "markdown": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret)\n - [https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/](https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/)\n",
-                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `sequelize.query('SELECT * FROM projects WHERE status = ?', { replacements: ['active'], type: QueryTypes.SELECT });`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `sequelize.query('SELECT * FROM projects WHERE status = ?', { replacements: ['active'], type: QueryTypes.SELECT });`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.sequelize-sqli.sequelize-sqli)\n - [https://sequelize.org/master/manual/raw-queries.html](https://sequelize.org/master/manual/raw-queries.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret",
-              "id": "python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret",
-              "name": "python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.dangerous-system-call.dangerous-system-call",
+              "name": "python.lang.security.dangerous-system-call.dangerous-system-call",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.dangerous-system-call.dangerous-system-call"
               },
-              "fullDescription": {
-                "text": "Make sure that unverified user data can not reach `sandbox`."
+              "full_description": {
+                "text": "Found user-controlled data used in a system call. This could allow a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.dangerous-system-call.dangerous-system-call",
               "help": {
-                "markdown": "Make sure that unverified user data can not reach `sandbox`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sandbox.security.audit.sandbox-code-injection.sandbox-code-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Make sure that unverified user data can not reach `sandbox`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user-controlled data used in a system call. This could allow a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user-controlled data used in a system call. This could allow a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-system-call.dangerous-system-call)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.sandbox.security.audit.sandbox-code-injection.sandbox-code-injection",
-              "id": "javascript.sandbox.security.audit.sandbox-code-injection.sandbox-code-injection",
-              "name": "javascript.sandbox.security.audit.sandbox-code-injection.sandbox-code-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.sandbox.security.audit.sandbox-code-injection.sandbox-code-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-github-token.detected-github-token",
+              "name": "generic.secrets.security.detected-github-token.detected-github-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-github-token.detected-github-token"
               },
-              "fullDescription": {
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              "full_description": {
+                "text": "GitHub Token detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-github-token.detected-github-token",
               "help": {
-                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jose.security.jwt-hardcode.hardcoded-jwt-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n",
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "GitHub Token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "GitHub Token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-github-token.detected-github-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.jose.security.jwt-hardcode.hardcoded-jwt-secret",
-              "id": "javascript.jose.security.jwt-hardcode.hardcoded-jwt-secret",
-              "name": "javascript.jose.security.jwt-hardcode.hardcoded-jwt-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-798: Use of Hard-coded Credentials",
-                  "HIGH CONFIDENCE",
+                  "LOW CONFIDENCE",
                   "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.jose.security.jwt-hardcode.hardcoded-jwt-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.jboss.security.session_sqli.find-sql-string-concatenation",
+              "name": "java.jboss.security.session_sqli.find-sql-string-concatenation",
+              "short_description": {
+                "text": "Semgrep Finding: java.jboss.security.session_sqli.find-sql-string-concatenation"
               },
-              "fullDescription": {
-                "text": "Checks for outgoing connections to ftp servers with the ftp package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol."
+              "full_description": {
+                "text": "In $METHOD, $X is used to construct a SQL query via string concatenation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.jboss.security.session_sqli.find-sql-string-concatenation",
               "help": {
-                "markdown": "Checks for outgoing connections to ftp servers with the ftp package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.ftp-request.ftp-request)\n - [https://godoc.org/github.com/jlaffaye/ftp#Dial](https://godoc.org/github.com/jlaffaye/ftp#Dial)\n - [https://github.com/jlaffaye/ftp](https://github.com/jlaffaye/ftp)\n",
-                "text": "Checks for outgoing connections to ftp servers with the ftp package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "In $METHOD, $X is used to construct a SQL query via string concatenation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "In $METHOD, $X is used to construct a SQL query via string concatenation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.jboss.security.session_sqli.find-sql-string-concatenation)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.ftp-request.ftp-request",
-              "id": "problem-based-packs.insecure-transport.go-stdlib.ftp-request.ftp-request",
-              "name": "problem-based-packs.insecure-transport.go-stdlib.ftp-request.ftp-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.ftp-request.ftp-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.jose.security.audit.jose-exposed-data.jose-exposed-data",
+              "name": "javascript.jose.security.audit.jose-exposed-data.jose-exposed-data",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.jose.security.audit.jose-exposed-data.jose-exposed-data"
               },
-              "fullDescription": {
-                "text": "Detected a Context with autoescape disabled. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'."
+              "full_description": {
+                "text": "The object is passed strictly to jose.JWT.sign(...) Make sure that sensitive information is not exposed through JWT token payload."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.jose.security.audit.jose-exposed-data.jose-exposed-data",
               "help": {
-                "markdown": "Detected a Context with autoescape disabled. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.context-autoescape-off.context-autoescape-off)\n - [https://docs.djangoproject.com/en/3.1/ref/settings/#templates](https://docs.djangoproject.com/en/3.1/ref/settings/#templates)\n - [https://docs.djangoproject.com/en/3.1/topics/templates/#django.template.backends.django.DjangoTemplates](https://docs.djangoproject.com/en/3.1/topics/templates/#django.template.backends.django.DjangoTemplates)\n",
-                "text": "Detected a Context with autoescape disabled. If you are rendering any web pages, this exposes your application to cross-site scripting (XSS) vulnerabilities. Remove 'autoescape: False' or set it to 'True'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The object is passed strictly to jose.JWT.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The object is passed strictly to jose.JWT.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jose.security.audit.jose-exposed-data.jose-exposed-data)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.context-autoescape-off.context-autoescape-off",
-              "id": "python.django.security.audit.xss.context-autoescape-off.context-autoescape-off",
-              "name": "python.django.security.audit.xss.context-autoescape-off.context-autoescape-off",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-522: Insufficiently Protected Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.context-autoescape-off.context-autoescape-off"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.filepath-clean-misuse.filepath-clean-misuse",
+              "name": "go.lang.security.filepath-clean-misuse.filepath-clean-misuse",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.filepath-clean-misuse.filepath-clean-misuse"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`)."
+              "full_description": {
+                "text": "`Clean` is not intended to sanitize against path traversal attacks. This function is for finding the shortest path name equivalent to the given input. Using `Clean` to sanitize file reads may expose this application to path traversal attacks, where an attacker could access arbitrary files on the server. To fix this easily, write this: `filepath.FromSlash(path.Clean(\"/\"+strings.Trim(req.URL.Path, \"/\")))` However, a better solution is using the `SecureJoin` function in the package `filepath-securejoin`. See https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.filepath-clean-misuse.filepath-clean-misuse",
               "help": {
-                "markdown": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.var-in-script-tag.var-in-script-tag)\n - [https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A](https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n",
-                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "`Clean` is not intended to sanitize against path traversal attacks. This function is for finding the shortest path name equivalent to the given input. Using `Clean` to sanitize file reads may expose this application to path traversal attacks, where an attacker could access arbitrary files on the server. To fix this easily, write this: `filepath.FromSlash(path.Clean(\"/\"+strings.Trim(req.URL.Path, \"/\")))` However, a better solution is using the `SecureJoin` function in the package `filepath-securejoin`. See https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "`Clean` is not intended to sanitize against path traversal attacks. This function is for finding the shortest path name equivalent to the given input. Using `Clean` to sanitize file reads may expose this application to path traversal attacks, where an attacker could access arbitrary files on the server. To fix this easily, write this: `filepath.FromSlash(path.Clean(\"/\"+strings.Trim(req.URL.Path, \"/\")))` However, a better solution is using the `SecureJoin` function in the package `filepath-securejoin`. See https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.filepath-clean-misuse.filepath-clean-misuse)\n - [https://pkg.go.dev/path#Clean](https://pkg.go.dev/path#Clean)\n - [http://technosophos.com/2016/03/31/go-quickly-cleaning-filepaths.html](http://technosophos.com/2016/03/31/go-quickly-cleaning-filepaths.html)\n - [https://labs.detectify.com/2021/12/15/zero-day-path-traversal-grafana/](https://labs.detectify.com/2021/12/15/zero-day-path-traversal-grafana/)\n - [https://dzx.cz/2021/04/02/go_path_traversal/](https://dzx.cz/2021/04/02/go_path_traversal/)\n - [https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme](https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.var-in-script-tag.var-in-script-tag",
-              "id": "python.django.security.audit.xss.var-in-script-tag.var-in-script-tag",
-              "name": "python.django.security.audit.xss.var-in-script-tag.var-in-script-tag",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.var-in-script-tag.var-in-script-tag"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.audit.xss.html-magic-method.html-magic-method",
+              "name": "python.django.security.audit.xss.html-magic-method.html-magic-method",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.html-magic-method.html-magic-method"
               },
-              "fullDescription": {
-                "text": "Detected non-literal calls to $EXEC(). This could lead to a command injection vulnerability."
+              "full_description": {
+                "text": "The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.html-magic-method.html-magic-method",
               "help": {
-                "markdown": "Detected non-literal calls to $EXEC(). This could lead to a command injection vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.dangerous-spawn-shell.dangerous-spawn-shell)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html#do-not-use-dangerous-functions](https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html#do-not-use-dangerous-functions)\n",
-                "text": "Detected non-literal calls to $EXEC(). This could lead to a command injection vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.html-magic-method.html-magic-method)\n - [https://docs.djangoproject.com/en/3.0/_modules/django/utils/html/#conditional_escape](https://docs.djangoproject.com/en/3.0/_modules/django/utils/html/#conditional_escape)\n - [https://gist.github.com/minusworld/7885d8a81dba3ea2d1e4b8fd3c218ef5](https://gist.github.com/minusworld/7885d8a81dba3ea2d1e4b8fd3c218ef5)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.dangerous-spawn-shell.dangerous-spawn-shell",
-              "id": "javascript.lang.security.audit.dangerous-spawn-shell.dangerous-spawn-shell",
-              "name": "javascript.lang.security.audit.dangerous-spawn-shell.dangerous-spawn-shell",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.dangerous-spawn-shell.dangerous-spawn-shell"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "kotlin.lang.security.bad-hexa-conversion.bad-hexa-conversion",
+              "name": "kotlin.lang.security.bad-hexa-conversion.bad-hexa-conversion",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.bad-hexa-conversion.bad-hexa-conversion"
               },
-              "fullDescription": {
-                "text": "Cluster is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecure-skip-tls-verify: true' key to secure communication."
+              "full_description": {
+                "text": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.bad-hexa-conversion.bad-hexa-conversion",
               "help": {
-                "markdown": "Cluster is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecure-skip-tls-verify: true' key to secure communication.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.skip-tls-verify-cluster.skip-tls-verify-cluster)\n - [https://kubernetes.io/docs/reference/config-api/client-authentication.v1beta1/#client-authentication-k8s-io-v1beta1-Cluster](https://kubernetes.io/docs/reference/config-api/client-authentication.v1beta1/#client-authentication-k8s-io-v1beta1-Cluster)\n",
-                "text": "Cluster is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecure-skip-tls-verify: true' key to secure communication.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.bad-hexa-conversion.bad-hexa-conversion)\n - [https://cwe.mitre.org/data/definitions/704.html](https://cwe.mitre.org/data/definitions/704.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.skip-tls-verify-cluster.skip-tls-verify-cluster",
-              "id": "yaml.kubernetes.security.skip-tls-verify-cluster.skip-tls-verify-cluster",
-              "name": "yaml.kubernetes.security.skip-tls-verify-cluster.skip-tls-verify-cluster",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-704: Incorrect Type Conversion or Cast",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.skip-tls-verify-cluster.skip-tls-verify-cluster"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.jdbc-sql-formatted-string.jdbc-sql-formatted-string",
+              "name": "java.lang.security.audit.jdbc-sql-formatted-string.jdbc-sql-formatted-string",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.jdbc-sql-formatted-string.jdbc-sql-formatted-string"
               },
-              "fullDescription": {
-                "text": "Default routes are enabled in this routes file. This means any public method on a controller can be called as an action. It is very easy to accidentally expose a method you didn't mean to. Instead, remove this line and explicitly include all routes you intend external users to follow."
+              "full_description": {
+                "text": "Possible JDBC injection detected. Use the parameterized query feature available in queryForObject instead of concatenating or formatting strings: 'jdbc.queryForObject(\"select * from table where name = ?\", Integer.class, parameterName);'"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.jdbc-sql-formatted-string.jdbc-sql-formatted-string",
               "help": {
-                "markdown": "Default routes are enabled in this routes file. This means any public method on a controller can be called as an action. It is very easy to accidentally expose a method you didn't mean to. Instead, remove this line and explicitly include all routes you intend external users to follow.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-default-routes.avoid-default-routes)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/default_routes/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/default_routes/index.markdown)\n",
-                "text": "Default routes are enabled in this routes file. This means any public method on a controller can be called as an action. It is very easy to accidentally expose a method you didn't mean to. Instead, remove this line and explicitly include all routes you intend external users to follow.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Possible JDBC injection detected. Use the parameterized query feature available in queryForObject instead of concatenating or formatting strings: 'jdbc.queryForObject(\"select * from table where name = ?\", Integer.class, parameterName);'\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Possible JDBC injection detected. Use the parameterized query feature available in queryForObject instead of concatenating or formatting strings: 'jdbc.queryForObject(\"select * from table where name = ?\", Integer.class, parameterName);'\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.jdbc-sql-formatted-string.jdbc-sql-formatted-string)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-default-routes.avoid-default-routes",
-              "id": "ruby.rails.security.audit.xss.avoid-default-routes.avoid-default-routes",
-              "name": "ruby.rails.security.audit.xss.avoid-default-routes.avoid-default-routes",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-276: Incorrect Default Permissions",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-default-routes.avoid-default-routes"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.audit.avoid-mark-safe.avoid-mark-safe",
+              "name": "python.django.security.audit.avoid-mark-safe.avoid-mark-safe",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.avoid-mark-safe.avoid-mark-safe"
               },
-              "fullDescription": {
-                "text": "Detected wildcard access granted to Glacier Vault. This means anyone within your AWS account ID can perform actions on Glacier resources. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:<identity>`."
+              "full_description": {
+                "text": "'mark_safe()' is used to mark a string as \"safe\" for HTML output. This disables escaping and could therefore subject the content to XSS attacks. Use 'django.utils.html.format_html()' to build HTML for rendering instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.avoid-mark-safe.avoid-mark-safe",
               "help": {
-                "markdown": "Detected wildcard access granted to Glacier Vault. This means anyone within your AWS account ID can perform actions on Glacier resources. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:<identity>`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-glacier-vault-any-principal.aws-glacier-vault-any-principal)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n",
-                "text": "Detected wildcard access granted to Glacier Vault. This means anyone within your AWS account ID can perform actions on Glacier resources. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:<identity>`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'mark_safe()' is used to mark a string as \"safe\" for HTML output. This disables escaping and could therefore subject the content to XSS attacks. Use 'django.utils.html.format_html()' to build HTML for rendering instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'mark_safe()' is used to mark a string as \"safe\" for HTML output. This disables escaping and could therefore subject the content to XSS attacks. Use 'django.utils.html.format_html()' to build HTML for rendering instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.avoid-mark-safe.avoid-mark-safe)\n - [https://docs.djangoproject.com/en/3.0/ref/utils/#django.utils.safestring.mark_safe](https://docs.djangoproject.com/en/3.0/ref/utils/#django.utils.safestring.mark_safe)\n - [https://docs.djangoproject.com/en/3.0/ref/utils/#django.utils.html.format_html](https://docs.djangoproject.com/en/3.0/ref/utils/#django.utils.html.format_html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-glacier-vault-any-principal.aws-glacier-vault-any-principal",
-              "id": "terraform.aws.security.aws-glacier-vault-any-principal.aws-glacier-vault-any-principal",
-              "name": "terraform.aws.security.aws-glacier-vault-any-principal.aws-glacier-vault-any-principal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-glacier-vault-any-principal.aws-glacier-vault-any-principal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.cryptography.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
+              "name": "python.cryptography.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
+              "short_description": {
+                "text": "Semgrep Finding: python.cryptography.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1"
               },
-              "fullDescription": {
-                "text": "Detects creations of $HTTPS servers from option objects that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities."
+              "full_description": {
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.cryptography.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
               "help": {
-                "markdown": "Detects creations of $HTTPS servers from option objects that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions2.disallow-old-tls-versions2)\n - [https://us-cert.cisa.gov/ncas/alerts/TA14-290A](https://us-cert.cisa.gov/ncas/alerts/TA14-290A)\n - [https://stackoverflow.com/questions/40434934/how-to-disable-the-ssl-3-0-and-tls-1-0-in-nodejs](https://stackoverflow.com/questions/40434934/how-to-disable-the-ssl-3-0-and-tls-1-0-in-nodejs)\n - [https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener)\n",
-                "text": "Detects creations of $HTTPS servers from option objects that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1)\n - [https://cryptography.io/en/latest/hazmat/primitives/cryptographic-hashes/#sha-1](https://cryptography.io/en/latest/hazmat/primitives/cryptographic-hashes/#sha-1)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions2.disallow-old-tls-versions2",
-              "id": "problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions2.disallow-old-tls-versions2",
-              "name": "problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions2.disallow-old-tls-versions2",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions2.disallow-old-tls-versions2"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "problem-based-packs.insecure-transport.js-node.bypass-tls-verification.bypass-tls-verification",
+              "name": "problem-based-packs.insecure-transport.js-node.bypass-tls-verification.bypass-tls-verification",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.bypass-tls-verification.bypass-tls-verification"
               },
-              "fullDescription": {
-                "text": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your appservice resource block"
+              "full_description": {
+                "text": "Checks for setting the environment variable NODE_TLS_REJECT_UNAUTHORIZED to 0, which disables TLS verification. This should only be used for debugging purposes. Setting the option rejectUnauthorized to false bypasses verification against the list of trusted CAs, which also leads to insecure transport. These options lead to vulnerability to MTM attacks, and should not be used."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.bypass-tls-verification.bypass-tls-verification",
               "help": {
-                "markdown": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your appservice resource block\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-enable-http2.appservice-enable-http2)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#http2_enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#http2_enabled)\n",
-                "text": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your appservice resource block\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for setting the environment variable NODE_TLS_REJECT_UNAUTHORIZED to 0, which disables TLS verification. This should only be used for debugging purposes. Setting the option rejectUnauthorized to false bypasses verification against the list of trusted CAs, which also leads to insecure transport. These options lead to vulnerability to MTM attacks, and should not be used.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for setting the environment variable NODE_TLS_REJECT_UNAUTHORIZED to 0, which disables TLS verification. This should only be used for debugging purposes. Setting the option rejectUnauthorized to false bypasses verification against the list of trusted CAs, which also leads to insecure transport. These options lead to vulnerability to MTM attacks, and should not be used.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.bypass-tls-verification.bypass-tls-verification)\n - [https://nodejs.org/api/https.html#https_https_request_options_callback](https://nodejs.org/api/https.html#https_https_request_options_callback)\n - [https://stackoverflow.com/questions/20433287/node-js-request-cert-has-expired#answer-29397100](https://stackoverflow.com/questions/20433287/node-js-request-cert-has-expired#answer-29397100)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-enable-http2.appservice-enable-http2",
-              "id": "terraform.azure.security.appservice.appservice-enable-http2.appservice-enable-http2",
-              "name": "terraform.azure.security.appservice.appservice-enable-http2.appservice-enable-http2",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-enable-http2.appservice-enable-http2"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "csharp.lang.security.regular-expression-dos.regular-expression-dos-infinite-timeout.regular-expression-dos-infinite-timeout",
+              "name": "csharp.lang.security.regular-expression-dos.regular-expression-dos-infinite-timeout.regular-expression-dos-infinite-timeout",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.regular-expression-dos.regular-expression-dos-infinite-timeout.regular-expression-dos-infinite-timeout"
               },
-              "fullDescription": {
-                "text": "Detected calls to child_process from a function argument `$FUNC`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. "
+              "full_description": {
+                "text": "Specifying the regex timeout leaves the system vulnerable to a regex-based Denial of Service (DoS) attack. Consider setting the timeout to a short amount of time like 2 or 3 seconds. If you are sure you need an infinite timeout, double check that your context meets the conditions outlined in the \"Notes to Callers\" section at the bottom of this page: https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.-ctor?view=net-6.0"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.regular-expression-dos.regular-expression-dos-infinite-timeout.regular-expression-dos-infinite-timeout",
               "help": {
-                "markdown": "Detected calls to child_process from a function argument `$FUNC`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. \n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-child-process.detect-child-process)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html#do-not-use-dangerous-functions](https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html#do-not-use-dangerous-functions)\n",
-                "text": "Detected calls to child_process from a function argument `$FUNC`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. \n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Specifying the regex timeout leaves the system vulnerable to a regex-based Denial of Service (DoS) attack. Consider setting the timeout to a short amount of time like 2 or 3 seconds. If you are sure you need an infinite timeout, double check that your context meets the conditions outlined in the \"Notes to Callers\" section at the bottom of this page: https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.-ctor?view=net-6.0\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Specifying the regex timeout leaves the system vulnerable to a regex-based Denial of Service (DoS) attack. Consider setting the timeout to a short amount of time like 2 or 3 seconds. If you are sure you need an infinite timeout, double check that your context meets the conditions outlined in the \"Notes to Callers\" section at the bottom of this page: https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.-ctor?view=net-6.0\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.regular-expression-dos.regular-expression-dos-infinite-timeout.regular-expression-dos-infinite-timeout)\n - [https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.infinitematchtimeout](https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.infinitematchtimeout)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.-ctor?view=net-6.0](https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.-ctor?view=net-6.0)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.detect-child-process.detect-child-process",
-              "id": "javascript.lang.security.detect-child-process.detect-child-process",
-              "name": "javascript.lang.security.detect-child-process.detect-child-process",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
+                  "CWE-1333: Inefficient Regular Expression Complexity",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.detect-child-process.detect-child-process"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.jwt.security.jwt-hardcode.ruby-jwt-hardcoded-secret",
+              "name": "ruby.jwt.security.jwt-hardcode.ruby-jwt-hardcoded-secret",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.jwt.security.jwt-hardcode.ruby-jwt-hardcoded-secret"
               },
-              "fullDescription": {
-                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information."
+              "full_description": {
+                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.jwt.security.jwt-hardcode.ruby-jwt-hardcoded-secret",
               "help": {
-                "markdown": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.anonymous-ldap-bind.anonymous-ldap-bind)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.jwt.security.jwt-hardcode.ruby-jwt-hardcoded-secret)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.anonymous-ldap-bind.anonymous-ldap-bind",
-              "id": "java.lang.security.audit.anonymous-ldap-bind.anonymous-ldap-bind",
-              "name": "java.lang.security.audit.anonymous-ldap-bind.anonymous-ldap-bind",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-287: Improper Authentication",
+                  "CWE-522: Insufficiently Protected Credentials",
                   "LOW CONFIDENCE",
                   "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.anonymous-ldap-bind.anonymous-ldap-bind"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.backticks-use.backticks-use",
+              "name": "php.lang.security.backticks-use.backticks-use",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.backticks-use.backticks-use"
               },
-              "fullDescription": {
-                "text": "By default, the AWS Lambda Environment is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your environment variables in Lambda. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so."
+              "full_description": {
+                "text": "Backticks use may lead to command injection vulnerabilities."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.backticks-use.backticks-use",
               "help": {
-                "markdown": "By default, the AWS Lambda Environment is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your environment variables in Lambda. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-lambda-environment-unencrypted.aws-lambda-environment-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "By default, the AWS Lambda Environment is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your environment variables in Lambda. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Backticks use may lead to command injection vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Backticks use may lead to command injection vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.backticks-use.backticks-use)\n - [https://www.php.net/manual/en/language.operators.execution.php](https://www.php.net/manual/en/language.operators.execution.php)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/BackticksSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/BackticksSniff.php)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-lambda-environment-unencrypted.aws-lambda-environment-unencrypted",
-              "id": "terraform.aws.security.aws-lambda-environment-unencrypted.aws-lambda-environment-unencrypted",
-              "name": "terraform.aws.security.aws-lambda-environment-unencrypted.aws-lambda-environment-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-lambda-environment-unencrypted.aws-lambda-environment-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `$REQ` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements. An example of parameterized queries like so: `knex.raw('SELECT $1 from table', [userinput])` can help prevent SQLi."
-              },
-              "help": {
-                "markdown": "Detected SQL statement that is tainted by `$REQ` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements. An example of parameterized queries like so: `knex.raw('SELECT $1 from table', [userinput])` can help prevent SQLi.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-knex-sqli.node-knex-sqli)\n - [https://knexjs.org/#Builder-fromRaw](https://knexjs.org/#Builder-fromRaw)\n - [https://knexjs.org/#Builder-whereRaw](https://knexjs.org/#Builder-whereRaw)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n",
-                "text": "Detected SQL statement that is tainted by `$REQ` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements. An example of parameterized queries like so: `knex.raw('SELECT $1 from table', [userinput])` can help prevent SQLi.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "id": "javascript.puppeteer.security.audit.puppeteer-evaluate-arg-injection.puppeteer-evaluate-arg-injection",
+              "name": "javascript.puppeteer.security.audit.puppeteer-evaluate-arg-injection.puppeteer-evaluate-arg-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.puppeteer.security.audit.puppeteer-evaluate-arg-injection.puppeteer-evaluate-arg-injection"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-knex-sqli.node-knex-sqli",
-              "id": "javascript.lang.security.audit.sqli.node-knex-sqli.node-knex-sqli",
-              "name": "javascript.lang.security.audit.sqli.node-knex-sqli.node-knex-sqli",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
+              "full_description": {
+                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.sqli.node-knex-sqli.node-knex-sqli"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding a `securityContext` to your Kubernetes pod, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks."
-              },
+              "help_uri": "https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-evaluate-arg-injection.puppeteer-evaluate-arg-injection",
               "help": {
-                "markdown": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding a `securityContext` to your Kubernetes pod, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation-no-securitycontext.allow-privilege-escalation-no-securitycontext)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n - [https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag)\n",
-                "text": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding a `securityContext` to your Kubernetes pod, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-evaluate-arg-injection.puppeteer-evaluate-arg-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation-no-securitycontext.allow-privilege-escalation-no-securitycontext",
-              "id": "yaml.kubernetes.security.allow-privilege-escalation-no-securitycontext.allow-privilege-escalation-no-securitycontext",
-              "name": "yaml.kubernetes.security.allow-privilege-escalation-no-securitycontext.allow-privilege-escalation-no-securitycontext",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.allow-privilege-escalation-no-securitycontext.allow-privilege-escalation-no-securitycontext"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-emr-encrypted-with-cmk.aws-emr-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-emr-encrypted-with-cmk.aws-emr-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-emr-encrypted-with-cmk.aws-emr-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "Found a class extending 'SafeString', 'SafeText' or 'SafeData'. These classes are for bypassing the escaping engine built in to Django and should not be used directly. Improper use of this class exposes your application to cross-site scripting (XSS) vulnerabilities. If you need this functionality, use 'mark_safe' instead and ensure no user data can reach it."
+              "full_description": {
+                "text": "Ensure EMR is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-emr-encrypted-with-cmk.aws-emr-encrypted-with-cmk",
               "help": {
-                "markdown": "Found a class extending 'SafeString', 'SafeText' or 'SafeData'. These classes are for bypassing the escaping engine built in to Django and should not be used directly. Improper use of this class exposes your application to cross-site scripting (XSS) vulnerabilities. If you need this functionality, use 'mark_safe' instead and ensure no user data can reach it.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.class-extends-safestring.class-extends-safestring)\n - [https://docs.djangoproject.com/en/3.1/howto/custom-template-tags/#filters-and-auto-escaping](https://docs.djangoproject.com/en/3.1/howto/custom-template-tags/#filters-and-auto-escaping)\n - [https://github.com/django/django/blob/f138e75910b1e541686c4dce3d8f467f6fc234cb/django/utils/safestring.py#L11](https://github.com/django/django/blob/f138e75910b1e541686c4dce3d8f467f6fc234cb/django/utils/safestring.py#L11)\n",
-                "text": "Found a class extending 'SafeString', 'SafeText' or 'SafeData'. These classes are for bypassing the escaping engine built in to Django and should not be used directly. Improper use of this class exposes your application to cross-site scripting (XSS) vulnerabilities. If you need this functionality, use 'mark_safe' instead and ensure no user data can reach it.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure EMR is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure EMR is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-emr-encrypted-with-cmk.aws-emr-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.class-extends-safestring.class-extends-safestring",
-              "id": "python.django.security.audit.xss.class-extends-safestring.class-extends-safestring",
-              "name": "python.django.security.audit.xss.class-extends-safestring.class-extends-safestring",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.class-extends-safestring.class-extends-safestring"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check",
+              "name": "go.gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check",
+              "short_description": {
+                "text": "Semgrep Finding: go.gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check"
               },
-              "fullDescription": {
-                "text": "'syscall' is essentially unsafe and unportable. The DL (https://apidock.com/ruby/Fiddle) library is preferred for safer and a bit more portable programming."
+              "full_description": {
+                "text": "The Origin header in the HTTP WebSocket handshake is used to guarantee that the connection accepted by the WebSocket is from a trusted origin domain. Failure to enforce can lead to Cross Site Request Forgery (CSRF). As per \"gorilla/websocket\" documentation: \"A CheckOrigin function should carefully validate the request origin to prevent cross-site request forgery.\""
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check",
               "help": {
-                "markdown": "'syscall' is essentially unsafe and unportable. The DL (https://apidock.com/ruby/Fiddle) library is preferred for safer and a bit more portable programming.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.dangerous-syscall.dangerous-syscall)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "'syscall' is essentially unsafe and unportable. The DL (https://apidock.com/ruby/Fiddle) library is preferred for safer and a bit more portable programming.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The Origin header in the HTTP WebSocket handshake is used to guarantee that the connection accepted by the WebSocket is from a trusted origin domain. Failure to enforce can lead to Cross Site Request Forgery (CSRF). As per \"gorilla/websocket\" documentation: \"A CheckOrigin function should carefully validate the request origin to prevent cross-site request forgery.\"\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The Origin header in the HTTP WebSocket handshake is used to guarantee that the connection accepted by the WebSocket is from a trusted origin domain. Failure to enforce can lead to Cross Site Request Forgery (CSRF). As per \"gorilla/websocket\" documentation: \"A CheckOrigin function should carefully validate the request origin to prevent cross-site request forgery.\"\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check)\n - [https://pkg.go.dev/github.com/gorilla/websocket#Upgrader](https://pkg.go.dev/github.com/gorilla/websocket#Upgrader)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.dangerous-syscall.dangerous-syscall",
-              "id": "ruby.lang.security.dangerous-syscall.dangerous-syscall",
-              "name": "ruby.lang.security.dangerous-syscall.dangerous-syscall",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.dangerous-syscall.dangerous-syscall"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.tainted-env-from-http-request.tainted-env-from-http-request",
+              "name": "java.lang.security.audit.tainted-env-from-http-request.tainted-env-from-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.tainted-env-from-http-request.tainted-env-from-http-request"
               },
-              "fullDescription": {
-                "text": "Functions reliant on pickle can result in arbitrary code execution.  Consider using fickling or switching to a safer serialization method"
+              "full_description": {
+                "text": "Detected input from a HTTPServletRequest going into the environment variables of an 'exec' command.  Instead, call the command with user-supplied arguments by using the overloaded method with one String array as the argument. `exec({\"command\", \"arg1\", \"arg2\"})`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.tainted-env-from-http-request.tainted-env-from-http-request",
               "help": {
-                "markdown": "Functions reliant on pickle can result in arbitrary code execution.  Consider using fickling or switching to a safer serialization method\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.pickles-in-numpy.pickles-in-numpy)\n - [https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/](https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/)\n",
-                "text": "Functions reliant on pickle can result in arbitrary code execution.  Consider using fickling or switching to a safer serialization method\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected input from a HTTPServletRequest going into the environment variables of an 'exec' command.  Instead, call the command with user-supplied arguments by using the overloaded method with one String array as the argument. `exec({\"command\", \"arg1\", \"arg2\"})`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected input from a HTTPServletRequest going into the environment variables of an 'exec' command.  Instead, call the command with user-supplied arguments by using the overloaded method with one String array as the argument. `exec({\"command\", \"arg1\", \"arg2\"})`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.tainted-env-from-http-request.tainted-env-from-http-request)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.python.pickles-in-numpy.pickles-in-numpy",
-              "id": "trailofbits.python.pickles-in-numpy.pickles-in-numpy",
-              "name": "trailofbits.python.pickles-in-numpy.pickles-in-numpy",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
+                  "CWE-454: External Initialization of Trusted Variables or Data Stores",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.python.pickles-in-numpy.pickles-in-numpy"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopen.insecure-urlopen",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopen.insecure-urlopen",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopen.insecure-urlopen"
               },
-              "fullDescription": {
-                "text": "Using 'globals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'globals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead."
+              "full_description": {
+                "text": "Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopen.insecure-urlopen",
               "help": {
-                "markdown": "Using 'globals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'globals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.globals-as-template-context.globals-as-template-context)\n - [https://docs.djangoproject.com/en/3.2/ref/settings/#templates](https://docs.djangoproject.com/en/3.2/ref/settings/#templates)\n - [https://docs.djangoproject.com/en/3.2/topics/templates/#django.template.backends.django.DjangoTemplates](https://docs.djangoproject.com/en/3.2/topics/templates/#django.template.backends.django.DjangoTemplates)\n - [https://docs.djangoproject.com/en/3.2/ref/templates/api/#rendering-a-context](https://docs.djangoproject.com/en/3.2/ref/templates/api/#rendering-a-context)\n",
-                "text": "Using 'globals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'globals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopen.insecure-urlopen)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.urlopen](https://docs.python.org/3/library/urllib.request.html#urllib.request.urlopen)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.globals-as-template-context.globals-as-template-context",
-              "id": "python.django.security.globals-as-template-context.globals-as-template-context",
-              "name": "python.django.security.globals-as-template-context.globals-as-template-context",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.globals-as-template-context.globals-as-template-context"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.lang.security.s3-public-read-bucket.s3-public-read-bucket",
+              "name": "terraform.lang.security.s3-public-read-bucket.s3-public-read-bucket",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.s3-public-read-bucket.s3-public-read-bucket"
               },
-              "fullDescription": {
-                "text": "The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component."
+              "full_description": {
+                "text": "S3 bucket with public read access detected."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.s3-public-read-bucket.s3-public-read-bucket",
               "help": {
-                "markdown": "The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.injections.os-command.os-command-injection)\n - [https://owasp.org/www-community/attacks/Command_Injection](https://owasp.org/www-community/attacks/Command_Injection)\n",
-                "text": "The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "S3 bucket with public read access detected.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "S3 bucket with public read access detected.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.s3-public-read-bucket.s3-public-read-bucket)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl)\n - [https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.injections.os-command.os-command-injection",
-              "id": "csharp.lang.security.injections.os-command.os-command-injection",
-              "name": "csharp.lang.security.injections.os-command.os-command-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.injections.os-command.os-command-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.html-templates.security.var-in-script-src.var-in-script-src",
+              "name": "generic.html-templates.security.var-in-script-src.var-in-script-src",
+              "short_description": {
+                "text": "Semgrep Finding: generic.html-templates.security.var-in-script-src.var-in-script-src"
               },
-              "fullDescription": {
-                "text": "'$VAR' is the empty string and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the password to None or call 'set_unusable_password()'."
+              "full_description": {
+                "text": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.html-templates.security.var-in-script-src.var-in-script-src",
               "help": {
-                "markdown": "'$VAR' is the empty string and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the password to None or call 'set_unusable_password()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.passwords.password-empty-string.password-empty-string)\n - [https://docs.djangoproject.com/en/3.0/ref/contrib/auth/#django.contrib.auth.models.User.set_password](https://docs.djangoproject.com/en/3.0/ref/contrib/auth/#django.contrib.auth.models.User.set_password)\n",
-                "text": "'$VAR' is the empty string and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the password to None or call 'set_unusable_password()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.html-templates.security.var-in-script-src.var-in-script-src)\n - [https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A](https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.passwords.password-empty-string.password-empty-string",
-              "id": "python.django.security.passwords.password-empty-string.password-empty-string",
-              "name": "python.django.security.passwords.password-empty-string.password-empty-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-521: Weak Password Requirements",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.passwords.password-empty-string.password-empty-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "python.django.security.injection.sql.sql-injection-rawsql.sql-injection-using-rawsql",
+              "name": "python.django.security.injection.sql.sql-injection-rawsql.sql-injection-using-rawsql",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.sql.sql-injection-rawsql.sql-injection-using-rawsql"
               },
-              "fullDescription": {
-                "text": "Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Make sure that no arbitrary value can be written as the annotation and passed to `typing.get_type_hints` function."
+              "full_description": {
+                "text": "User-controlled data from request is passed to 'RawSQL()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-rawsql.sql-injection-using-rawsql",
               "help": {
-                "markdown": "Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Make sure that no arbitrary value can be written as the annotation and passed to `typing.get_type_hints` function.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.dangerous-annotations-usage.dangerous-annotations-usage)\n - [https://docs.python.org/3/library/typing.html#typing.get_type_hints](https://docs.python.org/3/library/typing.html#typing.get_type_hints)\n",
-                "text": "Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Make sure that no arbitrary value can be written as the annotation and passed to `typing.get_type_hints` function.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User-controlled data from request is passed to 'RawSQL()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User-controlled data from request is passed to 'RawSQL()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-rawsql.sql-injection-using-rawsql)\n - [https://docs.djangoproject.com/en/3.0/ref/models/expressions/#django.db.models.expressions.RawSQL](https://docs.djangoproject.com/en/3.0/ref/models/expressions/#django.db.models.expressions.RawSQL)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.dangerous-annotations-usage.dangerous-annotations-usage",
-              "id": "python.lang.security.audit.dangerous-annotations-usage.dangerous-annotations-usage",
-              "name": "python.lang.security.audit.dangerous-annotations-usage.dangerous-annotations-usage",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "LOW CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.dangerous-annotations-usage.dangerous-annotations-usage"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-cloudwatch-log-group-no-retention.aws-cloudwatch-log-group-no-retention",
+              "name": "terraform.aws.security.aws-cloudwatch-log-group-no-retention.aws-cloudwatch-log-group-no-retention",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-cloudwatch-log-group-no-retention.aws-cloudwatch-log-group-no-retention"
               },
-              "fullDescription": {
-                "text": "A request was found to be crafted from user-input `$REQUEST`. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, potentially exposing sensitive data. It is recommend where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to prevent abuse, including using an allowlist."
+              "full_description": {
+                "text": "The AWS CloudWatch Log Group has no retention. Missing retention in log groups can cause losing important event information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-cloudwatch-log-group-no-retention.aws-cloudwatch-log-group-no-retention",
               "help": {
-                "markdown": "A request was found to be crafted from user-input `$REQUEST`. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, potentially exposing sensitive data. It is recommend where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to prevent abuse, including using an allowlist.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.injection.tainted-url-host.tainted-url-host)\n - [https://goteleport.com/blog/ssrf-attacks/](https://goteleport.com/blog/ssrf-attacks/)\n",
-                "text": "A request was found to be crafted from user-input `$REQUEST`. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, potentially exposing sensitive data. It is recommend where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to prevent abuse, including using an allowlist.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS CloudWatch Log Group has no retention. Missing retention in log groups can cause losing important event information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS CloudWatch Log Group has no retention. Missing retention in log groups can cause losing important event information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-cloudwatch-log-group-no-retention.aws-cloudwatch-log-group-no-retention)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.injection.tainted-url-host.tainted-url-host",
-              "id": "go.lang.security.injection.tainted-url-host.tainted-url-host",
-              "name": "go.lang.security.injection.tainted-url-host.tainted-url-host",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.injection.tainted-url-host.tainted-url-host"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.audit.wtf-csrf-disabled.flask-wtf-csrf-disabled",
+              "name": "python.flask.security.audit.wtf-csrf-disabled.flask-wtf-csrf-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.wtf-csrf-disabled.flask-wtf-csrf-disabled"
               },
-              "fullDescription": {
-                "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+              "full_description": {
+                "text": "Setting 'WTF_CSRF_ENABLED' to 'False' explicitly disables CSRF protection."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.wtf-csrf-disabled.flask-wtf-csrf-disabled",
               "help": {
-                "markdown": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.csrf-exempt.no-csrf-exempt)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Setting 'WTF_CSRF_ENABLED' to 'False' explicitly disables CSRF protection.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Setting 'WTF_CSRF_ENABLED' to 'False' explicitly disables CSRF protection.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.wtf-csrf-disabled.flask-wtf-csrf-disabled)\n - [https://flask-wtf.readthedocs.io/en/1.2.x/csrf/](https://flask-wtf.readthedocs.io/en/1.2.x/csrf/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.csrf-exempt.no-csrf-exempt",
-              "id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
-              "name": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -10489,1880 +11163,1910 @@
                   "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.csrf-exempt.no-csrf-exempt"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-importlib",
+              "name": "python.lang.compatibility.python37.python37-compatibility-importlib",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-importlib"
               },
-              "fullDescription": {
-                "text": "If possible, it is better to rely on automatic pinning in PyTorch to avoid undefined behavior and for efficiency"
+              "full_description": {
+                "text": "source_hash' is only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Instead, use another hash function."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib",
               "help": {
-                "markdown": "If possible, it is better to rely on automatic pinning in PyTorch to avoid undefined behavior and for efficiency\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.automatic-memory-pinning.automatic-memory-pinning)\n - [https://pytorch.org/docs/stable/data.html#memory-pinning](https://pytorch.org/docs/stable/data.html#memory-pinning)\n",
-                "text": "If possible, it is better to rely on automatic pinning in PyTorch to avoid undefined behavior and for efficiency\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "source_hash' is only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Instead, use another hash function.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "source_hash' is only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Instead, use another hash function.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.python.automatic-memory-pinning.automatic-memory-pinning",
-              "id": "trailofbits.python.automatic-memory-pinning.automatic-memory-pinning",
-              "name": "trailofbits.python.automatic-memory-pinning.automatic-memory-pinning",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-676: Use of Potentially Dangerous Function",
-                  "HIGH CONFIDENCE",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.python.automatic-memory-pinning.automatic-memory-pinning"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.command-injection-process-builder.command-injection-process-builder",
+              "name": "java.lang.security.audit.command-injection-process-builder.command-injection-process-builder",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.command-injection-process-builder.command-injection-process-builder"
               },
-              "fullDescription": {
-                "text": "Calling assert with user input is equivalent to eval'ing."
+              "full_description": {
+                "text": "A formatted or concatenated string was detected as input to a ProcessBuilder call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.command-injection-process-builder.command-injection-process-builder",
               "help": {
-                "markdown": "Calling assert with user input is equivalent to eval'ing.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.assert-use.assert-use)\n - [https://www.php.net/manual/en/function.assert](https://www.php.net/manual/en/function.assert)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/AssertsSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/AssertsSniff.php)\n",
-                "text": "Calling assert with user input is equivalent to eval'ing.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A formatted or concatenated string was detected as input to a ProcessBuilder call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A formatted or concatenated string was detected as input to a ProcessBuilder call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.command-injection-process-builder.command-injection-process-builder)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.assert-use.assert-use",
-              "id": "php.lang.security.assert-use.assert-use",
-              "name": "php.lang.security.assert-use.assert-use",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "HIGH CONFIDENCE",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.assert-use.assert-use"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.non-literal-import.non-literal-import",
+              "name": "python.lang.security.audit.non-literal-import.non-literal-import",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.non-literal-import.non-literal-import"
               },
-              "fullDescription": {
-                "text": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
+              "full_description": {
+                "text": "Untrusted user input in `importlib.import_module()` function allows an attacker to load arbitrary code. Avoid dynamic values in `importlib.import_module()` or use a whitelist to prevent running untrusted code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.non-literal-import.non-literal-import",
               "help": {
-                "markdown": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.no-null-cipher.no-null-cipher)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Untrusted user input in `importlib.import_module()` function allows an attacker to load arbitrary code. Avoid dynamic values in `importlib.import_module()` or use a whitelist to prevent running untrusted code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Untrusted user input in `importlib.import_module()` function allows an attacker to load arbitrary code. Avoid dynamic values in `importlib.import_module()` or use a whitelist to prevent running untrusted code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.non-literal-import.non-literal-import)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.no-null-cipher.no-null-cipher",
-              "id": "java.lang.security.audit.crypto.no-null-cipher.no-null-cipher",
-              "name": "java.lang.security.audit.crypto.no-null-cipher.no-null-cipher",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-706: Use of Incorrectly-Resolved Name or Reference",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.no-null-cipher.no-null-cipher"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.xss.no-interpolation-in-tag.no-interpolation-in-tag",
+              "name": "go.lang.security.audit.xss.no-interpolation-in-tag.no-interpolation-in-tag",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.xss.no-interpolation-in-tag.no-interpolation-in-tag"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `wkhtmltopdf` methods it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "Detected template variable interpolation in an HTML tag. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over HTML but without the need to use escaped characters. Use explicit tags instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-interpolation-in-tag.no-interpolation-in-tag",
               "help": {
-                "markdown": "If unverified user data can reach the `wkhtmltopdf` methods it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-wkhtml-injection.express-wkhtmltopdf-injection)\n - [https://www.npmjs.com/package/wkhtmltopdf](https://www.npmjs.com/package/wkhtmltopdf)\n",
-                "text": "If unverified user data can reach the `wkhtmltopdf` methods it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected template variable interpolation in an HTML tag. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over HTML but without the need to use escaped characters. Use explicit tags instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected template variable interpolation in an HTML tag. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over HTML but without the need to use escaped characters. Use explicit tags instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-interpolation-in-tag.no-interpolation-in-tag)\n - [https://github.com/golang/go/issues/19669](https://github.com/golang/go/issues/19669)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-wkhtml-injection.express-wkhtmltopdf-injection",
-              "id": "javascript.express.security.express-wkhtml-injection.express-wkhtmltopdf-injection",
-              "name": "javascript.express.security.express-wkhtml-injection.express-wkhtmltopdf-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-wkhtml-injection.express-wkhtmltopdf-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.audit.extends-custom-expression.extends-custom-expression",
+              "name": "python.django.security.audit.extends-custom-expression.extends-custom-expression",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.extends-custom-expression.extends-custom-expression"
               },
-              "fullDescription": {
-                "text": "Writing `$MAP` from multiple goroutines is not concurrency safe"
+              "full_description": {
+                "text": "Found extension of custom expression: $CLASS. Extending expressions in this way could inadvertently lead to a SQL injection vulnerability, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.extends-custom-expression.extends-custom-expression",
               "help": {
-                "markdown": "Writing `$MAP` from multiple goroutines is not concurrency safe\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.racy-write-to-map.racy-write-to-map)\n - [https://go.dev/blog/maps#concurrency](https://go.dev/blog/maps#concurrency)\n",
-                "text": "Writing `$MAP` from multiple goroutines is not concurrency safe\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found extension of custom expression: $CLASS. Extending expressions in this way could inadvertently lead to a SQL injection vulnerability, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found extension of custom expression: $CLASS. Extending expressions in this way could inadvertently lead to a SQL injection vulnerability, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.extends-custom-expression.extends-custom-expression)\n - [https://docs.djangoproject.com/en/3.0/ref/models/expressions/#avoiding-sql-injection](https://docs.djangoproject.com/en/3.0/ref/models/expressions/#avoiding-sql-injection)\n - [https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/](https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.racy-write-to-map.racy-write-to-map",
-              "id": "trailofbits.go.racy-write-to-map.racy-write-to-map",
-              "name": "trailofbits.go.racy-write-to-map.racy-write-to-map",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.racy-write-to-map.racy-write-to-map"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.ssl-mode-no-verify.ssl-mode-no-verify",
+              "name": "ruby.lang.security.ssl-mode-no-verify.ssl-mode-no-verify",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.ssl-mode-no-verify.ssl-mode-no-verify"
               },
-              "fullDescription": {
-                "text": "Ensure FSX ONTAP file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Detected SSL that will accept an unverified connection. This makes the connections susceptible to man-in-the-middle attacks. Use 'OpenSSL::SSL::VERIFY_PEER' instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.ssl-mode-no-verify.ssl-mode-no-verify",
               "help": {
-                "markdown": "Ensure FSX ONTAP file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-fsx-ontapfs-encrypted-with-cmk.aws-fsx-ontapfs-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure FSX ONTAP file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SSL that will accept an unverified connection. This makes the connections susceptible to man-in-the-middle attacks. Use 'OpenSSL::SSL::VERIFY_PEER' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SSL that will accept an unverified connection. This makes the connections susceptible to man-in-the-middle attacks. Use 'OpenSSL::SSL::VERIFY_PEER' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.ssl-mode-no-verify.ssl-mode-no-verify)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-fsx-ontapfs-encrypted-with-cmk.aws-fsx-ontapfs-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-fsx-ontapfs-encrypted-with-cmk.aws-fsx-ontapfs-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-fsx-ontapfs-encrypted-with-cmk.aws-fsx-ontapfs-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
+                  "CWE-295: Improper Certificate Validation",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-fsx-ontapfs-encrypted-with-cmk.aws-fsx-ontapfs-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc",
+              "name": "python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc"
               },
-              "fullDescription": {
-                "text": "Detected HTTPConnectionPool. This will transmit data in cleartext. It is recommended to use HTTPSConnectionPool instead for to encrypt communications."
+              "full_description": {
+                "text": "Detected use of xmlrpc. xmlrpc is not inherently safe from vulnerabilities. Use defusedxml.xmlrpc instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc",
               "help": {
-                "markdown": "Detected HTTPConnectionPool. This will transmit data in cleartext. It is recommended to use HTTPSConnectionPool instead for to encrypt communications.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.network.http-not-https-connection.http-not-https-connection)\n - [https://urllib3.readthedocs.io/en/1.2.1/pools.html#urllib3.connectionpool.HTTPSConnectionPool](https://urllib3.readthedocs.io/en/1.2.1/pools.html#urllib3.connectionpool.HTTPSConnectionPool)\n",
-                "text": "Detected HTTPConnectionPool. This will transmit data in cleartext. It is recommended to use HTTPSConnectionPool instead for to encrypt communications.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected use of xmlrpc. xmlrpc is not inherently safe from vulnerabilities. Use defusedxml.xmlrpc instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of xmlrpc. xmlrpc is not inherently safe from vulnerabilities. Use defusedxml.xmlrpc instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc)\n - [https://pypi.org/project/defusedxml/](https://pypi.org/project/defusedxml/)\n - [https://docs.python.org/3/library/xml.html#xml-vulnerabilities](https://docs.python.org/3/library/xml.html#xml-vulnerabilities)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.network.http-not-https-connection.http-not-https-connection",
-              "id": "python.lang.security.audit.network.http-not-https-connection.http-not-https-connection",
-              "name": "python.lang.security.audit.network.http-not-https-connection.http-not-https-connection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.network.http-not-https-connection.http-not-https-connection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load",
+              "name": "python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load"
               },
-              "fullDescription": {
-                "text": "This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL if possible."
+              "full_description": {
+                "text": "Detected a possible YAML deserialization vulnerability. `yaml.unsafe_load`, `yaml.Loader`, `yaml.CLoader`, and `yaml.UnsafeLoader` are all known to be unsafe methods of deserializing YAML. An attacker with control over the YAML input could create special YAML input that allows the attacker to run arbitrary Python code. This would allow the attacker to steal files, download and install malware, or otherwise take over the machine. Use `yaml.safe_load` or `yaml.SafeLoader` instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load",
               "help": {
-                "markdown": "This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL if possible.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/html.security.plaintext-http-link.plaintext-http-link)\n - [https://cwe.mitre.org/data/definitions/319.html](https://cwe.mitre.org/data/definitions/319.html)\n",
-                "text": "This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL if possible.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a possible YAML deserialization vulnerability. `yaml.unsafe_load`, `yaml.Loader`, `yaml.CLoader`, and `yaml.UnsafeLoader` are all known to be unsafe methods of deserializing YAML. An attacker with control over the YAML input could create special YAML input that allows the attacker to run arbitrary Python code. This would allow the attacker to steal files, download and install malware, or otherwise take over the machine. Use `yaml.safe_load` or `yaml.SafeLoader` instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a possible YAML deserialization vulnerability. `yaml.unsafe_load`, `yaml.Loader`, `yaml.CLoader`, and `yaml.UnsafeLoader` are all known to be unsafe methods of deserializing YAML. An attacker with control over the YAML input could create special YAML input that allows the attacker to run arbitrary Python code. This would allow the attacker to steal files, download and install malware, or otherwise take over the machine. Use `yaml.safe_load` or `yaml.SafeLoader` instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load)\n - [https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation](https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation)\n - [https://nvd.nist.gov/vuln/detail/CVE-2017-18342](https://nvd.nist.gov/vuln/detail/CVE-2017-18342)\n"
               },
-              "helpUri": "https://semgrep.dev/r/html.security.plaintext-http-link.plaintext-http-link",
-              "id": "html.security.plaintext-http-link.plaintext-http-link",
-              "name": "html.security.plaintext-http-link.plaintext-http-link",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: html.security.plaintext-http-link.plaintext-http-link"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.sql.sql-injection-using-raw.sql-injection-using-raw",
+              "name": "python.django.security.injection.sql.sql-injection-using-raw.sql-injection-using-raw",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.sql.sql-injection-using-raw.sql-injection-using-raw"
               },
-              "fullDescription": {
-                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information."
+              "full_description": {
+                "text": "Data that is possible user-controlled from a python request is passed to `raw()`. This could lead to SQL injection and attackers gaining access to protected information. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-using-raw.sql-injection-using-raw",
               "help": {
-                "markdown": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.anonymous-ldap-bind.anonymous-ldap-bind)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP. See https://docs.oracle.com/javase/tutorial/jndi/ldap/auth_mechs.html for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Data that is possible user-controlled from a python request is passed to `raw()`. This could lead to SQL injection and attackers gaining access to protected information. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data that is possible user-controlled from a python request is passed to `raw()`. This could lead to SQL injection and attackers gaining access to protected information. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-using-raw.sql-injection-using-raw)\n - [https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection](https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.anonymous-ldap-bind.anonymous-ldap-bind",
-              "id": "kotlin.lang.security.anonymous-ldap-bind.anonymous-ldap-bind",
-              "name": "kotlin.lang.security.anonymous-ldap-bind.anonymous-ldap-bind",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-287: Improper Authentication",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.anonymous-ldap-bind.anonymous-ldap-bind"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-httpconn",
+              "name": "python.lang.compatibility.python37.python37-compatibility-httpconn",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-httpconn"
               },
-              "fullDescription": {
-                "text": "Ensure Kinesis stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Found usage of the 'blocksize' argument in a HTTPConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-httpconn",
               "help": {
-                "markdown": "Ensure Kinesis stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-kinesis-stream-encrypted-with-cmk.aws-kinesis-stream-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure Kinesis stream is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found usage of the 'blocksize' argument in a HTTPConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found usage of the 'blocksize' argument in a HTTPConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-httpconn)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-kinesis-stream-encrypted-with-cmk.aws-kinesis-stream-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-kinesis-stream-encrypted-with-cmk.aws-kinesis-stream-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-kinesis-stream-encrypted-with-cmk.aws-kinesis-stream-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-kinesis-stream-encrypted-with-cmk.aws-kinesis-stream-encrypted-with-cmk"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-docdb-encrypted-with-cmk.aws-docdb-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-docdb-encrypted-with-cmk.aws-docdb-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-docdb-encrypted-with-cmk.aws-docdb-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'"
+              "full_description": {
+                "text": "Ensure DocDB is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-docdb-encrypted-with-cmk.aws-docdb-encrypted-with-cmk",
               "help": {
-                "markdown": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n",
-                "text": "A cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie. Set the 'HttpOnly' flag by calling 'cookie.setHttpOnly(true);'\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure DocDB is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure DocDB is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-docdb-encrypted-with-cmk.aws-docdb-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly",
-              "id": "java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly",
-              "name": "java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.lang.security.file-disclosure.file-disclosure",
+              "name": "ruby.lang.security.file-disclosure.file-disclosure",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.file-disclosure.file-disclosure"
               },
-              "fullDescription": {
-                "text": "MailChimp API Key detected"
+              "full_description": {
+                "text": "Special requests can determine whether a file exists on a filesystem that's outside the Rails app's root directory. To fix this, set config.serve_static_assets = false."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.file-disclosure.file-disclosure",
               "help": {
-                "markdown": "MailChimp API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "MailChimp API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Special requests can determine whether a file exists on a filesystem that's outside the Rails app's root directory. To fix this, set config.serve_static_assets = false.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Special requests can determine whether a file exists on a filesystem that's outside the Rails app's root directory. To fix this, set config.serve_static_assets = false.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.file-disclosure.file-disclosure)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_file_disclosure.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_file_disclosure.rb)\n - [https://groups.google.com/g/rubyonrails-security/c/23fiuwb1NBA/m/MQVM1-5GkPMJ](https://groups.google.com/g/rubyonrails-security/c/23fiuwb1NBA/m/MQVM1-5GkPMJ)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key",
-              "id": "generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key",
-              "name": "generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.use-of-md5-digest-utils.use-of-md5-digest-utils",
+              "name": "java.lang.security.audit.crypto.use-of-md5-digest-utils.use-of-md5-digest-utils",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-md5-digest-utils.use-of-md5-digest-utils"
               },
-              "fullDescription": {
-                "text": "Visualforce Pages must use API version 55 or higher for required use of the cspHeader attribute set to true."
+              "full_description": {
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-md5-digest-utils.use-of-md5-digest-utils",
               "help": {
-                "markdown": "Visualforce Pages must use API version 55 or higher for required use of the cspHeader attribute set to true.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.visualforce.security.ncino.xml.visualforceapiversion.visualforce-page-api-version)\n - [https://developer.salesforce.com/docs/atlas.en-us.api_meta.meta/api_meta/meta_pages.htm](https://developer.salesforce.com/docs/atlas.en-us.api_meta.meta/api_meta/meta_pages.htm)\n",
-                "text": "Visualforce Pages must use API version 55 or higher for required use of the cspHeader attribute set to true.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-md5-digest-utils.use-of-md5-digest-utils)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.visualforce.security.ncino.xml.visualforceapiversion.visualforce-page-api-version",
-              "id": "generic.visualforce.security.ncino.xml.visualforceapiversion.visualforce-page-api-version",
-              "name": "generic.visualforce.security.ncino.xml.visualforceapiversion.visualforce-page-api-version",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-328: Use of Weak Hash",
                   "HIGH CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.visualforce.security.ncino.xml.visualforceapiversion.visualforce-page-api-version"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.wkhtmltopdf.security.audit.wkhtmltopdf-injection.wkhtmltopdf-injection",
+              "name": "javascript.wkhtmltopdf.security.audit.wkhtmltopdf-injection.wkhtmltopdf-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.wkhtmltopdf.security.audit.wkhtmltopdf-injection.wkhtmltopdf-injection"
               },
-              "fullDescription": {
-                "text": "The $$VARIABLE path parameter is added as a header in the response. This could allow an attacker to inject a newline and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace in the path parameter: '[^\\s]+'."
+              "full_description": {
+                "text": "If unverified user data can reach the `wkhtmltopdf` it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.wkhtmltopdf.security.audit.wkhtmltopdf-injection.wkhtmltopdf-injection",
               "help": {
-                "markdown": "The $$VARIABLE path parameter is added as a header in the response. This could allow an attacker to inject a newline and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace in the path parameter: '[^\\s]+'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.header-injection.header-injection)\n - [https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md](https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md)\n - [https://owasp.org/www-community/attacks/HTTP_Response_Splitting](https://owasp.org/www-community/attacks/HTTP_Response_Splitting)\n",
-                "text": "The $$VARIABLE path parameter is added as a header in the response. This could allow an attacker to inject a newline and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace in the path parameter: '[^\\s]+'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `wkhtmltopdf` it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `wkhtmltopdf` it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.wkhtmltopdf.security.audit.wkhtmltopdf-injection.wkhtmltopdf-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.nginx.security.header-injection.header-injection",
-              "id": "generic.nginx.security.header-injection.header-injection",
-              "name": "generic.nginx.security.header-injection.header-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.nginx.security.header-injection.header-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "php.lang.security.phpinfo-use.phpinfo-use",
+              "name": "php.lang.security.phpinfo-use.phpinfo-use",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.phpinfo-use.phpinfo-use"
               },
-              "fullDescription": {
-                "text": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead."
+              "full_description": {
+                "text": "The 'phpinfo' function may reveal sensitive information about your environment."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.phpinfo-use.phpinfo-use",
               "help": {
-                "markdown": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-session-http-in-with-context.request-session-http-in-with-context)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The 'phpinfo' function may reveal sensitive information about your environment.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The 'phpinfo' function may reveal sensitive information about your environment.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.phpinfo-use.phpinfo-use)\n - [https://www.php.net/manual/en/function.phpinfo](https://www.php.net/manual/en/function.phpinfo)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/PhpinfosSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/PhpinfosSniff.php)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-session-http-in-with-context.request-session-http-in-with-context",
-              "id": "python.lang.security.audit.insecure-transport.requests.request-session-http-in-with-context.request-session-http-in-with-context",
-              "name": "python.lang.security.audit.insecure-transport.requests.request-session-http-in-with-context.request-session-http-in-with-context",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.requests.request-session-http-in-with-context.request-session-http-in-with-context"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.audit.xss.formathtml-fstring-parameter.formathtml-fstring-parameter",
+              "name": "python.django.security.audit.xss.formathtml-fstring-parameter.formathtml-fstring-parameter",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.formathtml-fstring-parameter.formathtml-fstring-parameter"
               },
-              "fullDescription": {
-                "text": "Checks for models that do not use attr_accessible. This means there is no limiting of which variables can be manipulated through mass assignment. For newer Rails applications, parameters should be allowlisted using strong parameters. For older Rails versions, they should be allowlisted using strong_attributes."
+              "full_description": {
+                "text": "Passing a formatted string as first parameter to `format_html` disables the proper encoding of variables. Any HTML in the first parameter is not encoded. Using a formatted string as first parameter obscures which parameters are encoded. Correct use of `format_html` is passing a static format string as first parameter, and the variables to substitute as subsequent parameters."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.formathtml-fstring-parameter.formathtml-fstring-parameter",
               "help": {
-                "markdown": "Checks for models that do not use attr_accessible. This means there is no limiting of which variables can be manipulated through mass assignment. For newer Rails applications, parameters should be allowlisted using strong parameters. For older Rails versions, they should be allowlisted using strong_attributes.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.model-attributes-attr-accessible.model-attributes-attr-accessible)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_model_attributes.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_model_attributes.rb)\n",
-                "text": "Checks for models that do not use attr_accessible. This means there is no limiting of which variables can be manipulated through mass assignment. For newer Rails applications, parameters should be allowlisted using strong parameters. For older Rails versions, they should be allowlisted using strong_attributes.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Passing a formatted string as first parameter to `format_html` disables the proper encoding of variables. Any HTML in the first parameter is not encoded. Using a formatted string as first parameter obscures which parameters are encoded. Correct use of `format_html` is passing a static format string as first parameter, and the variables to substitute as subsequent parameters.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Passing a formatted string as first parameter to `format_html` disables the proper encoding of variables. Any HTML in the first parameter is not encoded. Using a formatted string as first parameter obscures which parameters are encoded. Correct use of `format_html` is passing a static format string as first parameter, and the variables to substitute as subsequent parameters.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.formathtml-fstring-parameter.formathtml-fstring-parameter)\n - [https://docs.djangoproject.com/en/3.2/ref/utils/#django.utils.html.format_html](https://docs.djangoproject.com/en/3.2/ref/utils/#django.utils.html.format_html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.model-attributes-attr-accessible.model-attributes-attr-accessible",
-              "id": "ruby.lang.security.model-attributes-attr-accessible.model-attributes-attr-accessible",
-              "name": "ruby.lang.security.model-attributes-attr-accessible.model-attributes-attr-accessible",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.model-attributes-attr-accessible.model-attributes-attr-accessible"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.rds-public-access.rds-public-access",
+              "name": "terraform.lang.security.rds-public-access.rds-public-access",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.rds-public-access.rds-public-access"
               },
-              "fullDescription": {
-                "text": "XMLInputFactory being instantiated without calling the setProperty functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality."
+              "full_description": {
+                "text": "RDS instance accessible from the Internet detected."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.rds-public-access.rds-public-access",
               "help": {
-                "markdown": "XMLInputFactory being instantiated without calling the setProperty functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.xmlinputfactory-dtd-enabled.xmlinputfactory-dtd-enabled)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n",
-                "text": "XMLInputFactory being instantiated without calling the setProperty functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "RDS instance accessible from the Internet detected.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "RDS instance accessible from the Internet detected.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.rds-public-access.rds-public-access)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#publicly_accessible](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#publicly_accessible)\n - [https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html#USER_VPC.Hiding](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html#USER_VPC.Hiding)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.xmlinputfactory-dtd-enabled.xmlinputfactory-dtd-enabled",
-              "id": "scala.lang.security.audit.xmlinputfactory-dtd-enabled.xmlinputfactory-dtd-enabled",
-              "name": "scala.lang.security.audit.xmlinputfactory-dtd-enabled.xmlinputfactory-dtd-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-284: Improper Access Control",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.xmlinputfactory-dtd-enabled.xmlinputfactory-dtd-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-slack-webhook.detected-slack-webhook",
+              "name": "generic.secrets.security.detected-slack-webhook.detected-slack-webhook",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-slack-webhook.detected-slack-webhook"
               },
-              "fullDescription": {
-                "text": "The 'add_header' directive is called in a 'location' block after headers have been set at the server block. Calling 'add_header' in the location block will actually overwrite the headers defined in the server block, no matter which headers are set. To fix this, explicitly set all headers or set all headers in the server block."
+              "full_description": {
+                "text": "Slack Webhook detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-slack-webhook.detected-slack-webhook",
               "help": {
-                "markdown": "The 'add_header' directive is called in a 'location' block after headers have been set at the server block. Calling 'add_header' in the location block will actually overwrite the headers defined in the server block, no matter which headers are set. To fix this, explicitly set all headers or set all headers in the server block.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.header-redefinition.header-redefinition)\n - [https://github.com/yandex/gixy/blob/master/docs/en/plugins/addheaderredefinition.md](https://github.com/yandex/gixy/blob/master/docs/en/plugins/addheaderredefinition.md)\n",
-                "text": "The 'add_header' directive is called in a 'location' block after headers have been set at the server block. Calling 'add_header' in the location block will actually overwrite the headers defined in the server block, no matter which headers are set. To fix this, explicitly set all headers or set all headers in the server block.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Slack Webhook detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Slack Webhook detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-slack-webhook.detected-slack-webhook)\n - [https://api.slack.com/messaging/webhooks](https://api.slack.com/messaging/webhooks)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.nginx.security.header-redefinition.header-redefinition",
-              "id": "generic.nginx.security.header-redefinition.header-redefinition",
-              "name": "generic.nginx.security.header-redefinition.header-redefinition",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-16: CWE CATEGORY: Configuration",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.nginx.security.header-redefinition.header-redefinition"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.brakeman.check-render-local-file-include.check-render-local-file-include",
+              "name": "ruby.rails.security.brakeman.check-render-local-file-include.check-render-local-file-include",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-render-local-file-include.check-render-local-file-include"
               },
-              "fullDescription": {
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              "full_description": {
+                "text": "Found request parameters in a call to `render`. This can allow end users to request arbitrary local files which may result in leaking sensitive information persisted on disk. Where possible, avoid letting users specify template paths for `render`. If you must allow user input, use an allow-list of known templates or normalize the user-supplied value with `File.basename(...)`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-render-local-file-include.check-render-local-file-include",
               "help": {
-                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md5.insecure-hash-algorithm-md5)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n",
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found request parameters in a call to `render`. This can allow end users to request arbitrary local files which may result in leaking sensitive information persisted on disk. Where possible, avoid letting users specify template paths for `render`. If you must allow user input, use an allow-list of known templates or normalize the user-supplied value with `File.basename(...)`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found request parameters in a call to `render`. This can allow end users to request arbitrary local files which may result in leaking sensitive information persisted on disk. Where possible, avoid letting users specify template paths for `render`. If you must allow user input, use an allow-list of known templates or normalize the user-supplied value with `File.basename(...)`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-render-local-file-include.check-render-local-file-include)\n - [https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion](https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion)\n - [https://github.com/presidentbeef/brakeman/blob/f74cb53/test/apps/rails2/app/controllers/home_controller.rb#L48-L60](https://github.com/presidentbeef/brakeman/blob/f74cb53/test/apps/rails2/app/controllers/home_controller.rb#L48-L60)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md5.insecure-hash-algorithm-md5",
-              "id": "python.pycryptodome.security.insecure-hash-algorithm-md5.insecure-hash-algorithm-md5",
-              "name": "python.pycryptodome.security.insecure-hash-algorithm-md5.insecure-hash-algorithm-md5",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insecure-hash-algorithm-md5.insecure-hash-algorithm-md5"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.insecure-load-balancer-tls-version.insecure-load-balancer-tls-version",
+              "name": "terraform.aws.security.insecure-load-balancer-tls-version.insecure-load-balancer-tls-version",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.insecure-load-balancer-tls-version.insecure-load-balancer-tls-version"
               },
-              "fullDescription": {
-                "text": "IDEA (International Data Encryption Algorithm) is a block cipher created in 1991.  It is an optional component of the OpenPGP standard. This cipher is susceptible to attacks when using weak keys.  It is recommended that you do not use this cipher for new applications. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead."
+              "full_description": {
+                "text": "Detected an AWS load balancer with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `ssl_policy` to `\"ELBSecurityPolicy-TLS13-1-2-2021-06\"`, or include a default action to redirect to HTTPS."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.insecure-load-balancer-tls-version.insecure-load-balancer-tls-version",
               "help": {
-                "markdown": "IDEA (International Data Encryption Algorithm) is a block cipher created in 1991.  It is an optional component of the OpenPGP standard. This cipher is susceptible to attacks when using weak keys.  It is recommended that you do not use this cipher for new applications. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms.insecure-cipher-algorithm-idea)\n - [https://tools.ietf.org/html/rfc5469](https://tools.ietf.org/html/rfc5469)\n - [https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.IDEA](https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.IDEA)\n",
-                "text": "IDEA (International Data Encryption Algorithm) is a block cipher created in 1991.  It is an optional component of the OpenPGP standard. This cipher is susceptible to attacks when using weak keys.  It is recommended that you do not use this cipher for new applications. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an AWS load balancer with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `ssl_policy` to `\"ELBSecurityPolicy-TLS13-1-2-2021-06\"`, or include a default action to redirect to HTTPS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an AWS load balancer with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `ssl_policy` to `\"ELBSecurityPolicy-TLS13-1-2-2021-06\"`, or include a default action to redirect to HTTPS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.insecure-load-balancer-tls-version.insecure-load-balancer-tls-version)\n - [https://www.ietf.org/rfc/rfc5246.txt](https://www.ietf.org/rfc/rfc5246.txt)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms.insecure-cipher-algorithm-idea",
-              "id": "python.cryptography.security.insecure-cipher-algorithms.insecure-cipher-algorithm-idea",
-              "name": "python.cryptography.security.insecure-cipher-algorithms.insecure-cipher-algorithm-idea",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-326: Inadequate Encryption Strength",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.cryptography.security.insecure-cipher-algorithms.insecure-cipher-algorithm-idea"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.lang.security.audit.dangerous-shell-run.dangerous-shell-run",
+              "name": "scala.lang.security.audit.dangerous-shell-run.dangerous-shell-run",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.dangerous-shell-run.dangerous-shell-run"
               },
-              "fullDescription": {
-                "text": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'"
+              "full_description": {
+                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.dangerous-shell-run.dangerous-shell-run",
               "help": {
-                "markdown": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n",
-                "text": "A cookie was detected without setting the 'secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'secure' flag by calling '$COOKIE.setSecure(true);'\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.dangerous-shell-run.dangerous-shell-run)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag",
-              "id": "java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag",
-              "name": "java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.python.pickles-in-pandas.pickles-in-pandas",
+              "name": "trailofbits.python.pickles-in-pandas.pickles-in-pandas",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.python.pickles-in-pandas.pickles-in-pandas"
               },
-              "fullDescription": {
-                "text": "Detects setting client protocols to insecure versions of TLS and SSL. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities."
+              "full_description": {
+                "text": "Functions reliant on pickle can result in arbitrary code execution. Consider using fickling or switching to a safer serialization method"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.python.pickles-in-pandas.pickles-in-pandas",
               "help": {
-                "markdown": "Detects setting client protocols to insecure versions of TLS and SSL. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions2.disallow-old-tls-versions2)\n - [https://stackoverflow.com/questions/26504653/is-it-possible-to-disable-sslv3-for-all-java-applications](https://stackoverflow.com/questions/26504653/is-it-possible-to-disable-sslv3-for-all-java-applications)\n",
-                "text": "Detects setting client protocols to insecure versions of TLS and SSL. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Functions reliant on pickle can result in arbitrary code execution. Consider using fickling or switching to a safer serialization method\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Functions reliant on pickle can result in arbitrary code execution. Consider using fickling or switching to a safer serialization method\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.pickles-in-pandas.pickles-in-pandas)\n - [https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/](https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions2.disallow-old-tls-versions2",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions2.disallow-old-tls-versions2",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions2.disallow-old-tls-versions2",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions2.disallow-old-tls-versions2"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.brakeman.check-unsafe-reflection-methods.check-unsafe-reflection-methods",
+              "name": "ruby.rails.security.brakeman.check-unsafe-reflection-methods.check-unsafe-reflection-methods",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-unsafe-reflection-methods.check-unsafe-reflection-methods"
               },
-              "fullDescription": {
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              "full_description": {
+                "text": "Found user-controllable input to a reflection method. This may allow a user to alter program behavior and potentially execute arbitrary instructions in the context of the process. Do not provide arbitrary user input to `tap`, `method`, or `to_proc`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-unsafe-reflection-methods.check-unsafe-reflection-methods",
               "help": {
-                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n",
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user-controllable input to a reflection method. This may allow a user to alter program behavior and potentially execute arbitrary instructions in the context of the process. Do not provide arbitrary user input to `tap`, `method`, or `to_proc`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user-controllable input to a reflection method. This may allow a user to alter program behavior and potentially execute arbitrary instructions in the context of the process. Do not provide arbitrary user input to `tap`, `method`, or `to_proc`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-unsafe-reflection-methods.check-unsafe-reflection-methods)\n - [https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails6/app/controllers/groups_controller.rb](https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails6/app/controllers/groups_controller.rb)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret",
-              "id": "javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret",
-              "name": "javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.deno.security.audit.deno-dangerous-run.deno-dangerous-run",
+              "name": "javascript.deno.security.audit.deno-dangerous-run.deno-dangerous-run",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.deno.security.audit.deno-dangerous-run.deno-dangerous-run"
               },
-              "fullDescription": {
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
+              "full_description": {
+                "text": "Detected non-literal calls to Deno.run(). This could lead to a command injection vulnerability."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.deno.security.audit.deno-dangerous-run.deno-dangerous-run",
               "help": {
-                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jose.security.jwt-none-alg.jwt-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected non-literal calls to Deno.run(). This could lead to a command injection vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-literal calls to Deno.run(). This could lead to a command injection vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.deno.security.audit.deno-dangerous-run.deno-dangerous-run)\n - [https://deno.land/manual/examples/subprocess#simple-example](https://deno.land/manual/examples/subprocess#simple-example)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.jose.security.jwt-none-alg.jwt-none-alg",
-              "id": "javascript.jose.security.jwt-none-alg.jwt-none-alg",
-              "name": "javascript.jose.security.jwt-none-alg.jwt-none-alg",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.jose.security.jwt-none-alg.jwt-none-alg"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.xmlinputfactory-possible-xxe.xmlinputfactory-possible-xxe",
+              "name": "java.lang.security.xmlinputfactory-possible-xxe.xmlinputfactory-possible-xxe",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.xmlinputfactory-possible-xxe.xmlinputfactory-possible-xxe"
               },
-              "fullDescription": {
-                "text": "'$VAR' is using the empty string as its default and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the default value to 'None' or call 'set_unusable_password()'."
+              "full_description": {
+                "text": "XML external entities are not explicitly disabled for this XMLInputFactory. This could be vulnerable to XML external entity vulnerabilities. Explicitly disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.xmlinputfactory-possible-xxe.xmlinputfactory-possible-xxe",
               "help": {
-                "markdown": "'$VAR' is using the empty string as its default and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the default value to 'None' or call 'set_unusable_password()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.passwords.use-none-for-password-default.use-none-for-password-default)\n - [https://docs.djangoproject.com/en/3.0/ref/contrib/auth/#django.contrib.auth.models.User.set_password](https://docs.djangoproject.com/en/3.0/ref/contrib/auth/#django.contrib.auth.models.User.set_password)\n",
-                "text": "'$VAR' is using the empty string as its default and is being used to set the password on '$MODEL'. If you meant to set an unusable password, set the default value to 'None' or call 'set_unusable_password()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "XML external entities are not explicitly disabled for this XMLInputFactory. This could be vulnerable to XML external entity vulnerabilities. Explicitly disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "XML external entities are not explicitly disabled for this XMLInputFactory. This could be vulnerable to XML external entity vulnerabilities. Explicitly disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.xmlinputfactory-possible-xxe.xmlinputfactory-possible-xxe)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://www.blackhat.com/docs/us-15/materials/us-15-Wang-FileCry-The-New-Age-Of-XXE-java-wp.pdf](https://www.blackhat.com/docs/us-15/materials/us-15-Wang-FileCry-The-New-Age-Of-XXE-java-wp.pdf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#xmlinputfactory-a-stax-parser](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#xmlinputfactory-a-stax-parser)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.passwords.use-none-for-password-default.use-none-for-password-default",
-              "id": "python.django.security.passwords.use-none-for-password-default.use-none-for-password-default",
-              "name": "python.django.security.passwords.use-none-for-password-default.use-none-for-password-default",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-521: Weak Password Requirements",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.passwords.use-none-for-password-default.use-none-for-password-default"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.tainted-exec.tainted-exec",
+              "name": "php.lang.security.tainted-exec.tainted-exec",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.tainted-exec.tainted-exec"
               },
-              "fullDescription": {
-                "text": "Detected a Custom Expression ''$EXPRESSION'' calling ''as_sql(...).'' This could lead to SQL injection, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized."
+              "full_description": {
+                "text": "Executing non-constant commands. This can lead to command injection. You should use `escapeshellarg()` when using command."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.tainted-exec.tainted-exec",
               "help": {
-                "markdown": "Detected a Custom Expression ''$EXPRESSION'' calling ''as_sql(...).'' This could lead to SQL injection, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.custom-expression-as-sql.custom-expression-as-sql)\n - [https://docs.djangoproject.com/en/3.0/ref/models/expressions/#django.db.models.Func.as_sql](https://docs.djangoproject.com/en/3.0/ref/models/expressions/#django.db.models.Func.as_sql)\n - [https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/](https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/)\n",
-                "text": "Detected a Custom Expression ''$EXPRESSION'' calling ''as_sql(...).'' This could lead to SQL injection, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Executing non-constant commands. This can lead to command injection. You should use `escapeshellarg()` when using command.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Executing non-constant commands. This can lead to command injection. You should use `escapeshellarg()` when using command.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.tainted-exec.tainted-exec)\n - [https://www.stackhawk.com/blog/php-command-injection/](https://www.stackhawk.com/blog/php-command-injection/)\n - [https://brightsec.com/blog/code-injection-php/](https://brightsec.com/blog/code-injection-php/)\n - [https://www.acunetix.com/websitesecurity/php-security-2/](https://www.acunetix.com/websitesecurity/php-security-2/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.custom-expression-as-sql.custom-expression-as-sql",
-              "id": "python.django.security.audit.custom-expression-as-sql.custom-expression-as-sql",
-              "name": "python.django.security.audit.custom-expression-as-sql.custom-expression-as-sql",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.custom-expression-as-sql.custom-expression-as-sql"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.phantom.security.audit.phantom-injection.phantom-injection",
+              "name": "javascript.phantom.security.audit.phantom-injection.phantom-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.phantom.security.audit.phantom-injection.phantom-injection"
               },
-              "fullDescription": {
-                "text": "Hardcoded variable `TESTING` detected. Use environment variables or config files instead"
+              "full_description": {
+                "text": "If unverified user data can reach the `phantom` page methods it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.phantom.security.audit.phantom-injection.phantom-injection",
               "help": {
-                "markdown": "Hardcoded variable `TESTING` detected. Use environment variables or config files instead\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_TESTING)\n - [https://bento.dev/checks/flask/avoid-hardcoded-config/](https://bento.dev/checks/flask/avoid-hardcoded-config/)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features)\n",
-                "text": "Hardcoded variable `TESTING` detected. Use environment variables or config files instead\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `phantom` page methods it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `phantom` page methods it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.phantom.security.audit.phantom-injection.phantom-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_TESTING",
-              "id": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_TESTING",
-              "name": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_TESTING",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-489: Active Debug Code",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_TESTING"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-rds-backup-no-retention.aws-rds-backup-no-retention",
+              "name": "terraform.aws.security.aws-rds-backup-no-retention.aws-rds-backup-no-retention",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-rds-backup-no-retention.aws-rds-backup-no-retention"
               },
-              "fullDescription": {
-                "text": "Application redirects to a destination URL specified by a user-supplied parameter that is not validated. This could direct users to malicious locations. Consider using an allowlist to validate URLs."
+              "full_description": {
+                "text": "The AWS RDS has no retention. Missing retention can cause losing important event information. To fix this, set a `backup_retention_period`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-rds-backup-no-retention.aws-rds-backup-no-retention",
               "help": {
-                "markdown": "Application redirects to a destination URL specified by a user-supplied parameter that is not validated. This could direct users to malicious locations. Consider using an allowlist to validate URLs.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.unvalidated-redirect.unvalidated-redirect)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Application redirects to a destination URL specified by a user-supplied parameter that is not validated. This could direct users to malicious locations. Consider using an allowlist to validate URLs.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS RDS has no retention. Missing retention can cause losing important event information. To fix this, set a `backup_retention_period`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS RDS has no retention. Missing retention can cause losing important event information. To fix this, set a `backup_retention_period`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-rds-backup-no-retention.aws-rds-backup-no-retention)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.unvalidated-redirect.unvalidated-redirect",
-              "id": "java.lang.security.audit.unvalidated-redirect.unvalidated-redirect",
-              "name": "java.lang.security.audit.unvalidated-redirect.unvalidated-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.unvalidated-redirect.unvalidated-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-elasticsearch-nodetonode-encryption.aws-elasticsearch-nodetonode-encryption-not-enabled",
+              "name": "terraform.aws.security.aws-elasticsearch-nodetonode-encryption.aws-elasticsearch-nodetonode-encryption-not-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-elasticsearch-nodetonode-encryption.aws-elasticsearch-nodetonode-encryption-not-enabled"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a \"database/sql\" Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls."
+              "full_description": {
+                "text": "Ensure all Elasticsearch has node-to-node encryption enabled.\t"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-elasticsearch-nodetonode-encryption.aws-elasticsearch-nodetonode-encryption-not-enabled",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a \"database/sql\" Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.sqli.gosql-sqli.gosql-sqli)\n - [https://golang.org/pkg/database/sql/](https://golang.org/pkg/database/sql/)\n",
-                "text": "Detected string concatenation with a non-literal variable in a \"database/sql\" Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure all Elasticsearch has node-to-node encryption enabled.\t\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure all Elasticsearch has node-to-node encryption enabled.\t\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-elasticsearch-nodetonode-encryption.aws-elasticsearch-nodetonode-encryption-not-enabled)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.sqli.gosql-sqli.gosql-sqli",
-              "id": "go.lang.security.audit.sqli.gosql-sqli.gosql-sqli",
-              "name": "go.lang.security.audit.sqli.gosql-sqli.gosql-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.sqli.gosql-sqli.gosql-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.dangerous-subshell.dangerous-subshell",
+              "name": "ruby.lang.security.dangerous-subshell.dangerous-subshell",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.dangerous-subshell.dangerous-subshell"
               },
-              "fullDescription": {
-                "text": "User controlled data in a `createNodesFromMarkup` is an anti-pattern that can lead to XSS vulnerabilities"
+              "full_description": {
+                "text": "Detected non-static command inside `...`. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.dangerous-subshell.dangerous-subshell",
               "help": {
-                "markdown": "User controlled data in a `createNodesFromMarkup` is an anti-pattern that can lead to XSS vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.fbjs.security.audit.insecure-createnodesfrommarkup.insecure-createnodesfrommarkup)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "User controlled data in a `createNodesFromMarkup` is an anti-pattern that can lead to XSS vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected non-static command inside `...`. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-static command inside `...`. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.dangerous-subshell.dangerous-subshell)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.fbjs.security.audit.insecure-createnodesfrommarkup.insecure-createnodesfrommarkup",
-              "id": "javascript.fbjs.security.audit.insecure-createnodesfrommarkup.insecure-createnodesfrommarkup",
-              "name": "javascript.fbjs.security.audit.insecure-createnodesfrommarkup.insecure-createnodesfrommarkup",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.fbjs.security.audit.insecure-createnodesfrommarkup.insecure-createnodesfrommarkup"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape",
+              "name": "javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape"
               },
-              "fullDescription": {
-                "text": "The alias in this location block is subject to a path traversal because the location path does not end in a path separator (e.g., '/'). To fix, add a path separator to the end of the path."
+              "full_description": {
+                "text": "Detected an explicit unescape in a Pug template, using either '!=' or '!{...}'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape",
               "help": {
-                "markdown": "The alias in this location block is subject to a path traversal because the location path does not end in a path separator (e.g., '/'). To fix, add a path separator to the end of the path.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.alias-path-traversal.alias-path-traversal)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n - [https://www.acunetix.com/vulnerabilities/web/path-traversal-via-misconfigured-nginx-alias/](https://www.acunetix.com/vulnerabilities/web/path-traversal-via-misconfigured-nginx-alias/)\n - [https://www.youtube.com/watch?v=CIhHpkybYsY](https://www.youtube.com/watch?v=CIhHpkybYsY)\n - [https://github.com/orangetw/My-Presentation-Slides/blob/main/data/2018-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out.pdf](https://github.com/orangetw/My-Presentation-Slides/blob/main/data/2018-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out.pdf)\n",
-                "text": "The alias in this location block is subject to a path traversal because the location path does not end in a path separator (e.g., '/'). To fix, add a path separator to the end of the path.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an explicit unescape in a Pug template, using either '!=' or '!{...}'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an explicit unescape in a Pug template, using either '!=' or '!{...}'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape)\n - [https://pugjs.org/language/code.html#unescaped-buffered-code](https://pugjs.org/language/code.html#unescaped-buffered-code)\n - [https://pugjs.org/language/attributes.html#unescaped-attributes](https://pugjs.org/language/attributes.html#unescaped-attributes)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.nginx.security.alias-path-traversal.alias-path-traversal",
-              "id": "generic.nginx.security.alias-path-traversal.alias-path-traversal",
-              "name": "generic.nginx.security.alias-path-traversal.alias-path-traversal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.nginx.security.alias-path-traversal.alias-path-traversal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
-              },
-              "help": {
-                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.jwt-go.security.jwt-none-alg.jwt-go-none-algorithm)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "id": "java.lang.security.insecure-jms-deserialization.insecure-jms-deserialization",
+              "name": "java.lang.security.insecure-jms-deserialization.insecure-jms-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.insecure-jms-deserialization.insecure-jms-deserialization"
               },
-              "helpUri": "https://semgrep.dev/r/go.jwt-go.security.jwt-none-alg.jwt-go-none-algorithm",
-              "id": "go.jwt-go.security.jwt-none-alg.jwt-go-none-algorithm",
-              "name": "go.jwt-go.security.jwt-none-alg.jwt-go-none-algorithm",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "full_description": {
+                "text": "JMS Object messages depend on Java Serialization for marshalling/unmarshalling of the message payload when ObjectMessage.getObject() is called. Deserialization of untrusted data can lead to security flaws; a remote attacker could via a crafted JMS ObjectMessage to execute arbitrary code with the permissions of the application listening/consuming JMS Messages. In this case, the JMS MessageListener consume an ObjectMessage type received inside the onMessage method, which may lead to arbitrary code execution when calling the $Y.getObject method."
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.jwt-go.security.jwt-none-alg.jwt-go-none-algorithm"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "If an attacker can supply values that the application then uses to determine which class to instantiate or which method to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner."
-              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.insecure-jms-deserialization.insecure-jms-deserialization",
               "help": {
-                "markdown": "If an attacker can supply values that the application then uses to determine which class to instantiate or which method to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.unsafe-reflection.unsafe-reflection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "If an attacker can supply values that the application then uses to determine which class to instantiate or which method to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "JMS Object messages depend on Java Serialization for marshalling/unmarshalling of the message payload when ObjectMessage.getObject() is called. Deserialization of untrusted data can lead to security flaws; a remote attacker could via a crafted JMS ObjectMessage to execute arbitrary code with the permissions of the application listening/consuming JMS Messages. In this case, the JMS MessageListener consume an ObjectMessage type received inside the onMessage method, which may lead to arbitrary code execution when calling the $Y.getObject method.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "JMS Object messages depend on Java Serialization for marshalling/unmarshalling of the message payload when ObjectMessage.getObject() is called. Deserialization of untrusted data can lead to security flaws; a remote attacker could via a crafted JMS ObjectMessage to execute arbitrary code with the permissions of the application listening/consuming JMS Messages. In this case, the JMS MessageListener consume an ObjectMessage type received inside the onMessage method, which may lead to arbitrary code execution when calling the $Y.getObject method.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.insecure-jms-deserialization.insecure-jms-deserialization)\n - [https://www.blackhat.com/docs/us-16/materials/us-16-Kaiser-Pwning-Your-Java-Messaging-With-Deserialization-Vulnerabilities-wp.pdf](https://www.blackhat.com/docs/us-16/materials/us-16-Kaiser-Pwning-Your-Java-Messaging-With-Deserialization-Vulnerabilities-wp.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.unsafe-reflection.unsafe-reflection",
-              "id": "java.lang.security.audit.unsafe-reflection.unsafe-reflection",
-              "name": "java.lang.security.audit.unsafe-reflection.unsafe-reflection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.unsafe-reflection.unsafe-reflection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.marshal.marshal-usage",
+              "name": "python.lang.security.audit.marshal.marshal-usage",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.marshal.marshal-usage"
               },
-              "fullDescription": {
-                "text": "Square Access Token detected"
+              "full_description": {
+                "text": "The marshal module is not intended to be secure against erroneous or maliciously constructed data. Never unmarshal data received from an untrusted or unauthenticated source. See more details: https://docs.python.org/3/library/marshal.html?highlight=security"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.marshal.marshal-usage",
               "help": {
-                "markdown": "Square Access Token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-square-access-token.detected-square-access-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Square Access Token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The marshal module is not intended to be secure against erroneous or maliciously constructed data. Never unmarshal data received from an untrusted or unauthenticated source. See more details: https://docs.python.org/3/library/marshal.html?highlight=security\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The marshal module is not intended to be secure against erroneous or maliciously constructed data. Never unmarshal data received from an untrusted or unauthenticated source. See more details: https://docs.python.org/3/library/marshal.html?highlight=security\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.marshal.marshal-usage)\n - [https://docs.python.org/3/library/marshal.html?highlight=security](https://docs.python.org/3/library/marshal.html?highlight=security)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-square-access-token.detected-square-access-token",
-              "id": "generic.secrets.security.detected-square-access-token.detected-square-access-token",
-              "name": "generic.secrets.security.detected-square-access-token.detected-square-access-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-square-access-token.detected-square-access-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.compatibility.python37.python37-compatibility-textiowrapper",
+              "name": "python.lang.compatibility.python37.python37-compatibility-textiowrapper",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-textiowrapper"
               },
-              "fullDescription": {
-                "text": "Found usage of the 'blocksize' argument in a HTTPSConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below."
+              "full_description": {
+                "text": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-textiowrapper",
               "help": {
-                "markdown": "Found usage of the 'blocksize' argument in a HTTPSConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-httpsconn)\n",
-                "text": "Found usage of the 'blocksize' argument in a HTTPSConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-textiowrapper)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-httpsconn",
-              "id": "python.lang.compatibility.python37.python37-compatibility-httpsconn",
-              "name": "python.lang.compatibility.python37.python37-compatibility-httpsconn",
               "properties": {
                 "precision": "very-high",
                 "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-httpsconn"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.injection.tainted-object-instantiation.tainted-object-instantiation",
+              "name": "php.lang.security.injection.tainted-object-instantiation.tainted-object-instantiation",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.injection.tainted-object-instantiation.tainted-object-instantiation"
               },
-              "fullDescription": {
-                "text": "Detected an AWS Redshift configuration with a SSL disabled. To fix this, set your `require_ssl` to `\"true\"`."
+              "full_description": {
+                "text": "<- A new object is created where the class name is based on user input. This could lead to remote code execution, as it allows to instantiate any class in the application."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.injection.tainted-object-instantiation.tainted-object-instantiation",
               "help": {
-                "markdown": "Detected an AWS Redshift configuration with a SSL disabled. To fix this, set your `require_ssl` to `\"true\"`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-insecure-redshift-ssl-configuration.aws-insecure-redshift-ssl-configuration)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected an AWS Redshift configuration with a SSL disabled. To fix this, set your `require_ssl` to `\"true\"`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "<- A new object is created where the class name is based on user input. This could lead to remote code execution, as it allows to instantiate any class in the application.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "<- A new object is created where the class name is based on user input. This could lead to remote code execution, as it allows to instantiate any class in the application.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.injection.tainted-object-instantiation.tainted-object-instantiation)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-insecure-redshift-ssl-configuration.aws-insecure-redshift-ssl-configuration",
-              "id": "terraform.aws.security.aws-insecure-redshift-ssl-configuration.aws-insecure-redshift-ssl-configuration",
-              "name": "terraform.aws.security.aws-insecure-redshift-ssl-configuration.aws-insecure-redshift-ssl-configuration",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-insecure-redshift-ssl-configuration.aws-insecure-redshift-ssl-configuration"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.md5-used-as-password.md5-used-as-password",
+              "name": "javascript.lang.security.audit.md5-used-as-password.md5-used-as-password",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.md5-used-as-password.md5-used-as-password"
               },
-              "fullDescription": {
-                "text": "OWASP guidance recommends disabling tracing for production applications to prevent accidental leakage of sensitive application information."
+              "full_description": {
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `bcrypt` node.js package."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.md5-used-as-password.md5-used-as-password",
               "help": {
-                "markdown": "OWASP guidance recommends disabling tracing for production applications to prevent accidental leakage of sensitive application information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.net-webconfig-trace-enabled.net-webconfig-trace-enabled)\n - [https://cheatsheetseries.owasp.org/cheatsheets/DotNet_Security_Cheat_Sheet.html#asp-net-web-forms-guidance](https://cheatsheetseries.owasp.org/cheatsheets/DotNet_Security_Cheat_Sheet.html#asp-net-web-forms-guidance)\n - [https://msdn.microsoft.com/en-us/library/e8z01xdh.aspx](https://msdn.microsoft.com/en-us/library/e8z01xdh.aspx)\n",
-                "text": "OWASP guidance recommends disabling tracing for production applications to prevent accidental leakage of sensitive application information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `bcrypt` node.js package.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `bcrypt` node.js package.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html](https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html)\n - [https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n - [https://www.npmjs.com/package/bcrypt](https://www.npmjs.com/package/bcrypt)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.dotnet.security.net-webconfig-trace-enabled.net-webconfig-trace-enabled",
-              "id": "csharp.dotnet.security.net-webconfig-trace-enabled.net-webconfig-trace-enabled",
-              "name": "csharp.dotnet.security.net-webconfig-trace-enabled.net-webconfig-trace-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1323: Improper Management of Sensitive Trace Data",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.dotnet.security.net-webconfig-trace-enabled.net-webconfig-trace-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.secrets.security.detected-etc-shadow.detected-etc-shadow",
+              "name": "generic.secrets.security.detected-etc-shadow.detected-etc-shadow",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-etc-shadow.detected-etc-shadow"
               },
-              "fullDescription": {
-                "text": "The Flask secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Flask secret key can be obtained by attackers, through the HashIDs."
+              "full_description": {
+                "text": "linux shadow file detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-etc-shadow.detected-etc-shadow",
               "help": {
-                "markdown": "The Flask secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Flask secret key can be obtained by attackers, through the HashIDs.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.hashids-with-flask-secret.hashids-with-flask-secret)\n - [https://flask.palletsprojects.com/en/2.2.x/config/#SECRET_KEY](https://flask.palletsprojects.com/en/2.2.x/config/#SECRET_KEY)\n - [http://carnage.github.io/2015/08/cryptanalysis-of-hashids](http://carnage.github.io/2015/08/cryptanalysis-of-hashids)\n",
-                "text": "The Flask secret key is used as salt in HashIDs. The HashID mechanism is not secure. By observing sufficient HashIDs, the salt used to construct them can be recovered. This means the Flask secret key can be obtained by attackers, through the HashIDs.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "linux shadow file detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "linux shadow file detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-etc-shadow.detected-etc-shadow)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.hashids-with-flask-secret.hashids-with-flask-secret",
-              "id": "python.flask.security.hashids-with-flask-secret.hashids-with-flask-secret",
-              "name": "python.flask.security.hashids-with-flask-secret.hashids-with-flask-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 \u2013 Cryptographic Failures",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.hashids-with-flask-secret.hashids-with-flask-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.mass-assignment-protection-disabled.mass-assignment-protection-disabled",
+              "name": "ruby.lang.security.mass-assignment-protection-disabled.mass-assignment-protection-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.mass-assignment-protection-disabled.mass-assignment-protection-disabled"
               },
-              "fullDescription": {
-                "text": "Function sweepToken is allowed to be called by anyone"
+              "full_description": {
+                "text": "Mass assignment protection disabled for '$MODEL'. This could permit assignment to sensitive model fields without intention. Instead, use 'attr_accessible' for the model or disable mass assigment using 'config.active_record.whitelist_attributes = true'. ':without_protection => true' must be removed for this to take effect."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.mass-assignment-protection-disabled.mass-assignment-protection-disabled",
               "help": {
-                "markdown": "Function sweepToken is allowed to be called by anyone\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.compound-sweeptoken-not-restricted.compound-sweeptoken-not-restricted)\n - [https://medium.com/chainsecurity/trueusd-compound-vulnerability-bc5b696d29e2](https://medium.com/chainsecurity/trueusd-compound-vulnerability-bc5b696d29e2)\n - [https://chainsecurity.com/security-audit/compound-ctoken/](https://chainsecurity.com/security-audit/compound-ctoken/)\n - [https://blog.openzeppelin.com/compound-comprehensive-protocol-audit/](https://blog.openzeppelin.com/compound-comprehensive-protocol-audit/)\n - [https://etherscan.io/address/0xa035b9e130f2b1aedc733eefb1c67ba4c503491f](https://etherscan.io/address/0xa035b9e130f2b1aedc733eefb1c67ba4c503491f)\n",
-                "text": "Function sweepToken is allowed to be called by anyone\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Mass assignment protection disabled for '$MODEL'. This could permit assignment to sensitive model fields without intention. Instead, use 'attr_accessible' for the model or disable mass assigment using 'config.active_record.whitelist_attributes = true'. ':without_protection => true' must be removed for this to take effect.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Mass assignment protection disabled for '$MODEL'. This could permit assignment to sensitive model fields without intention. Instead, use 'attr_accessible' for the model or disable mass assigment using 'config.active_record.whitelist_attributes = true'. ':without_protection => true' must be removed for this to take effect.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.mass-assignment-protection-disabled.mass-assignment-protection-disabled)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.compound-sweeptoken-not-restricted.compound-sweeptoken-not-restricted",
-              "id": "solidity.security.compound-sweeptoken-not-restricted.compound-sweeptoken-not-restricted",
-              "name": "solidity.security.compound-sweeptoken-not-restricted.compound-sweeptoken-not-restricted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.compound-sweeptoken-not-restricted.compound-sweeptoken-not-restricted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "swift.webview.webview-js-window.swift-webview-config-allows-js-open-windows",
+              "name": "swift.webview.webview-js-window.swift-webview-config-allows-js-open-windows",
+              "short_description": {
+                "text": "Semgrep Finding: swift.webview.webview-js-window.swift-webview-config-allows-js-open-windows"
               },
-              "fullDescription": {
-                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself."
+              "full_description": {
+                "text": "Webviews were observed that explictly allow JavaScript in an WKWebview to open windows automatically. Consider disabling this functionality if not required, following the principle of least privelege."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/swift.webview.webview-js-window.swift-webview-config-allows-js-open-windows",
               "help": {
-                "markdown": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.ssrf.rest-client.ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n",
-                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Webviews were observed that explictly allow JavaScript in an WKWebview to open windows automatically. Consider disabling this functionality if not required, following the principle of least privelege.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Webviews were observed that explictly allow JavaScript in an WKWebview to open windows automatically. Consider disabling this functionality if not required, following the principle of least privelege.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/swift.webview.webview-js-window.swift-webview-config-allows-js-open-windows)\n - [https://mas.owasp.org/MASVS/controls/MASVS-PLATFORM-2/](https://mas.owasp.org/MASVS/controls/MASVS-PLATFORM-2/)\n - [https://developer.apple.com/documentation/webkit/wkpreferences/1536573-javascriptcanopenwindowsautomati](https://developer.apple.com/documentation/webkit/wkpreferences/1536573-javascriptcanopenwindowsautomati)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.ssrf.rest-client.ssrf",
-              "id": "csharp.lang.security.ssrf.rest-client.ssrf",
-              "name": "csharp.lang.security.ssrf.rest-client.ssrf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-272: Least Privilege Violation",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.ssrf.rest-client.ssrf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.gorilla.security.audit.session-cookie-missing-httponly.session-cookie-missing-httponly",
+              "name": "go.gorilla.security.audit.session-cookie-missing-httponly.session-cookie-missing-httponly",
+              "short_description": {
+                "text": "Semgrep Finding: go.gorilla.security.audit.session-cookie-missing-httponly.session-cookie-missing-httponly"
               },
-              "fullDescription": {
-                "text": "Detected user data flowing into exec. This is code injection and should be avoided."
+              "full_description": {
+                "text": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Options struct."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.gorilla.security.audit.session-cookie-missing-httponly.session-cookie-missing-httponly",
               "help": {
-                "markdown": "Detected user data flowing into exec. This is code injection and should be avoided.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.user-exec.exec-injection)\n - [https://nedbatchelder.com/blog/201206/exec_really_is_dangerous.html](https://nedbatchelder.com/blog/201206/exec_really_is_dangerous.html)\n",
-                "text": "Detected user data flowing into exec. This is code injection and should be avoided.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Options struct.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Options struct.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.gorilla.security.audit.session-cookie-missing-httponly.session-cookie-missing-httponly)\n - [https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/user/session/session.go#L69](https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/user/session/session.go#L69)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.injection.user-exec.exec-injection",
-              "id": "python.flask.security.injection.user-exec.exec-injection",
-              "name": "python.flask.security.injection.user-exec.exec-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.injection.user-exec.exec-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.brakeman.check-send-file.check-send-file",
+              "name": "ruby.rails.security.brakeman.check-send-file.check-send-file",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-send-file.check-send-file"
               },
-              "fullDescription": {
-                "text": "The host for this proxy URL is dynamically determined. This can be dangerous if the host can be injected by an attacker because it may forcibly alter destination of the proxy. Consider hardcoding acceptable destinations and retrieving them with 'map' or something similar."
+              "full_description": {
+                "text": "Allowing user input to `send_file` allows a malicious user to potentially read arbitrary files from the server. Avoid accepting user input in `send_file` or normalize with `File.basename(...)`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-send-file.check-send-file",
               "help": {
-                "markdown": "The host for this proxy URL is dynamically determined. This can be dangerous if the host can be injected by an attacker because it may forcibly alter destination of the proxy. Consider hardcoding acceptable destinations and retrieving them with 'map' or something similar.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.dynamic-proxy-host.dynamic-proxy-host)\n - [https://nginx.org/en/docs/http/ngx_http_map_module.html](https://nginx.org/en/docs/http/ngx_http_map_module.html)\n",
-                "text": "The host for this proxy URL is dynamically determined. This can be dangerous if the host can be injected by an attacker because it may forcibly alter destination of the proxy. Consider hardcoding acceptable destinations and retrieving them with 'map' or something similar.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Allowing user input to `send_file` allows a malicious user to potentially read arbitrary files from the server. Avoid accepting user input in `send_file` or normalize with `File.basename(...)`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Allowing user input to `send_file` allows a malicious user to potentially read arbitrary files from the server. Avoid accepting user input in `send_file` or normalize with `File.basename(...)`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-send-file.check-send-file)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control/](https://owasp.org/Top10/A01_2021-Broken_Access_Control/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.nginx.security.dynamic-proxy-host.dynamic-proxy-host",
-              "id": "generic.nginx.security.dynamic-proxy-host.dynamic-proxy-host",
-              "name": "generic.nginx.security.dynamic-proxy-host.dynamic-proxy-host",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-441: Unintended Proxy or Intermediary ('Confused Deputy')",
+                  "CWE-73: External Control of File Name or Path",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.nginx.security.dynamic-proxy-host.dynamic-proxy-host"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.socket-request.socket-request",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.socket-request.socket-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.socket-request.socket-request"
               },
-              "fullDescription": {
-                "text": "The function base_convert uses 64-bit numbers internally, and does not correctly convert large numbers. It is not suitable for random tokens such as those used for session tokens or CSRF tokens."
+              "full_description": {
+                "text": "Insecure transport rules to catch socket connections to http, telnet, and ftp servers. This is dangerous because these are protocols that do not encrypt traffic."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.socket-request.socket-request",
               "help": {
-                "markdown": "The function base_convert uses 64-bit numbers internally, and does not correctly convert large numbers. It is not suitable for random tokens such as those used for session tokens or CSRF tokens.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.base-convert-loses-precision.base-convert-loses-precision)\n - [https://www.php.net/base_convert](https://www.php.net/base_convert)\n - [https://www.sjoerdlangkemper.nl/2017/03/15/dont-use-base-convert-on-random-tokens/](https://www.sjoerdlangkemper.nl/2017/03/15/dont-use-base-convert-on-random-tokens/)\n",
-                "text": "The function base_convert uses 64-bit numbers internally, and does not correctly convert large numbers. It is not suitable for random tokens such as those used for session tokens or CSRF tokens.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Insecure transport rules to catch socket connections to http, telnet, and ftp servers. This is dangerous because these are protocols that do not encrypt traffic.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Insecure transport rules to catch socket connections to http, telnet, and ftp servers. This is dangerous because these are protocols that do not encrypt traffic.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.socket-request.socket-request)\n - [https://docs.oracle.com/javase/8/docs/api/java/net/Socket.html](https://docs.oracle.com/javase/8/docs/api/java/net/Socket.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.base-convert-loses-precision.base-convert-loses-precision",
-              "id": "php.lang.security.base-convert-loses-precision.base-convert-loses-precision",
-              "name": "php.lang.security.base-convert-loses-precision.base-convert-loses-precision",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-190: Integer Overflow or Wraparound",
-                  "HIGH CONFIDENCE",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.base-convert-loses-precision.base-convert-loses-precision"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect",
+              "name": "typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect"
               },
-              "fullDescription": {
-                "text": "Using the GrantPublicAccess method on bucket contruct $X will make the objects in the bucket world accessible. Verify if this is intentional."
+              "full_description": {
+                "text": "Untrusted user input in {url: ...} can result in Open Redirect vulnerability."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect",
               "help": {
-                "markdown": "Using the GrantPublicAccess method on bucket contruct $X will make the objects in the bucket world accessible. Verify if this is intentional.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.aws-cdk.security.awscdk-bucket-grantpublicaccessmethod.awscdk-bucket-grantpublicaccessmethod)\n - [https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-overview.html](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-overview.html)\n",
-                "text": "Using the GrantPublicAccess method on bucket contruct $X will make the objects in the bucket world accessible. Verify if this is intentional.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Untrusted user input in {url: ...} can result in Open Redirect vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Untrusted user input in {url: ...} can result in Open Redirect vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.aws-cdk.security.awscdk-bucket-grantpublicaccessmethod.awscdk-bucket-grantpublicaccessmethod",
-              "id": "typescript.aws-cdk.security.awscdk-bucket-grantpublicaccessmethod.awscdk-bucket-grantpublicaccessmethod",
-              "name": "typescript.aws-cdk.security.awscdk-bucket-grantpublicaccessmethod.awscdk-bucket-grantpublicaccessmethod",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-306: Missing Authentication for Critical Function",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.aws-cdk.security.awscdk-bucket-grantpublicaccessmethod.awscdk-bucket-grantpublicaccessmethod"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.unsafe-reflect-by-name.unsafe-reflect-by-name",
+              "name": "go.lang.security.audit.unsafe-reflect-by-name.unsafe-reflect-by-name",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.unsafe-reflect-by-name.unsafe-reflect-by-name"
               },
-              "fullDescription": {
-                "text": "To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts. Please update your code to use either the JSENCODE method to escape URL parameters or the escape=\"true\" attribute on <apex:outputText> tags. Passing URL parameters directly into scripts and DOM sinks creates an opportunity for Cross-Site Scripting attacks. Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts."
+              "full_description": {
+                "text": "If an attacker can supply values that the application then uses to determine which method or field to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.unsafe-reflect-by-name.unsafe-reflect-by-name",
               "help": {
-                "markdown": "To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts. Please update your code to use either the JSENCODE method to escape URL parameters or the escape=\"true\" attribute on <apex:outputText> tags. Passing URL parameters directly into scripts and DOM sinks creates an opportunity for Cross-Site Scripting attacks. Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.visualforce.security.ncino.vf.xssfromunescapedurlparam.xss-from-unescaped-url-param)\n - [https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/pages_security_tips_xss.htm](https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/pages_security_tips_xss.htm)\n",
-                "text": "To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts. Please update your code to use either the JSENCODE method to escape URL parameters or the escape=\"true\" attribute on <apex:outputText> tags. Passing URL parameters directly into scripts and DOM sinks creates an opportunity for Cross-Site Scripting attacks. Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. To remediate this issue, ensure that all URL parameters are properly escaped before including them in scripts.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If an attacker can supply values that the application then uses to determine which method or field to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If an attacker can supply values that the application then uses to determine which method or field to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.unsafe-reflect-by-name.unsafe-reflect-by-name)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.visualforce.security.ncino.vf.xssfromunescapedurlparam.xss-from-unescaped-url-param",
-              "id": "generic.visualforce.security.ncino.vf.xssfromunescapedurlparam.xss-from-unescaped-url-param",
-              "name": "generic.visualforce.security.ncino.vf.xssfromunescapedurlparam.xss-from-unescaped-url-param",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.visualforce.security.ncino.vf.xssfromunescapedurlparam.xss-from-unescaped-url-param"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.injection.os-system-injection.os-system-injection",
+              "name": "python.flask.security.injection.os-system-injection.os-system-injection",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.injection.os-system-injection.os-system-injection"
               },
-              "fullDescription": {
-                "text": "Django REST framework configuration is missing default rate- limiting options. This could inadvertently allow resource starvation or Denial of Service (DoS) attacks. Add 'DEFAULT_THROTTLE_CLASSES' and 'DEFAULT_THROTTLE_RATES' to add rate-limiting to your application."
+              "full_description": {
+                "text": "User data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.injection.os-system-injection.os-system-injection",
               "help": {
-                "markdown": "Django REST framework configuration is missing default rate- limiting options. This could inadvertently allow resource starvation or Denial of Service (DoS) attacks. Add 'DEFAULT_THROTTLE_CLASSES' and 'DEFAULT_THROTTLE_RATES' to add rate-limiting to your application.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.django-rest-framework.missing-throttle-config.missing-throttle-config)\n - [https://www.django-rest-framework.org/api-guide/throttling/#setting-the-throttling-policy](https://www.django-rest-framework.org/api-guide/throttling/#setting-the-throttling-policy)\n",
-                "text": "Django REST framework configuration is missing default rate- limiting options. This could inadvertently allow resource starvation or Denial of Service (DoS) attacks. Add 'DEFAULT_THROTTLE_CLASSES' and 'DEFAULT_THROTTLE_RATES' to add rate-limiting to your application.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.os-system-injection.os-system-injection)\n - [https://owasp.org/www-community/attacks/Command_Injection](https://owasp.org/www-community/attacks/Command_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.django-rest-framework.missing-throttle-config.missing-throttle-config",
-              "id": "python.django.security.audit.django-rest-framework.missing-throttle-config.missing-throttle-config",
-              "name": "python.django.security.audit.django-rest-framework.missing-throttle-config.missing-throttle-config",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-400: Uncontrolled Resource Consumption",
-                  "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.django-rest-framework.missing-throttle-config.missing-throttle-config"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.aws-lambda.security.detect-child-process.detect-child-process",
+              "name": "javascript.aws-lambda.security.detect-child-process.detect-child-process",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.detect-child-process.detect-child-process"
               },
-              "fullDescription": {
-                "text": "Checks for requests to http and ftp (unencrypted) sites using OpenURI."
+              "full_description": {
+                "text": "Allowing spawning arbitrary programs or running shell processes with arbitrary arguments may end up in a command injection vulnerability. Try to avoid non-literal values for the command string. If it is not possible, then do not let running arbitrary commands, use a white list for inputs."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.detect-child-process.detect-child-process",
               "help": {
-                "markdown": "Checks for requests to http and ftp (unencrypted) sites using OpenURI.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.openuri-request.openuri-request)\n - [https://ruby-doc.org/stdlib-2.6.3/libdoc/open-uri/rdoc/OpenURI.html](https://ruby-doc.org/stdlib-2.6.3/libdoc/open-uri/rdoc/OpenURI.html)\n",
-                "text": "Checks for requests to http and ftp (unencrypted) sites using OpenURI.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Allowing spawning arbitrary programs or running shell processes with arbitrary arguments may end up in a command injection vulnerability. Try to avoid non-literal values for the command string. If it is not possible, then do not let running arbitrary commands, use a white list for inputs.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Allowing spawning arbitrary programs or running shell processes with arbitrary arguments may end up in a command injection vulnerability. Try to avoid non-literal values for the command string. If it is not possible, then do not let running arbitrary commands, use a white list for inputs.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.detect-child-process.detect-child-process)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.openuri-request.openuri-request",
-              "id": "problem-based-packs.insecure-transport.ruby-stdlib.openuri-request.openuri-request",
-              "name": "problem-based-packs.insecure-transport.ruby-stdlib.openuri-request.openuri-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.ruby-stdlib.openuri-request.openuri-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.otto.security.audit.dangerous-execution.dangerous-execution",
+              "name": "go.otto.security.audit.dangerous-execution.dangerous-execution",
+              "short_description": {
+                "text": "Semgrep Finding: go.otto.security.audit.dangerous-execution.dangerous-execution"
               },
-              "fullDescription": {
-                "text": "Found a formatted string in BashOperator: $CMD. This could be vulnerable to injection. Be extra sure your variables are not controllable by external sources."
+              "full_description": {
+                "text": "Detected non-static script inside otto VM. Audit the input to 'VM.Run'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.otto.security.audit.dangerous-execution.dangerous-execution",
               "help": {
-                "markdown": "Found a formatted string in BashOperator: $CMD. This could be vulnerable to injection. Be extra sure your variables are not controllable by external sources.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.airflow.security.audit.formatted-string-bashoperator.formatted-string-bashoperator)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Found a formatted string in BashOperator: $CMD. This could be vulnerable to injection. Be extra sure your variables are not controllable by external sources.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected non-static script inside otto VM. Audit the input to 'VM.Run'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-static script inside otto VM. Audit the input to 'VM.Run'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.otto.security.audit.dangerous-execution.dangerous-execution)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.airflow.security.audit.formatted-string-bashoperator.formatted-string-bashoperator",
-              "id": "python.airflow.security.audit.formatted-string-bashoperator.formatted-string-bashoperator",
-              "name": "python.airflow.security.audit.formatted-string-bashoperator.formatted-string-bashoperator",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.airflow.security.audit.formatted-string-bashoperator.formatted-string-bashoperator"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "problem-based-packs.insecure-transport.java-spring.bypass-tls-verification.bypass-tls-verification",
+              "name": "problem-based-packs.insecure-transport.java-spring.bypass-tls-verification.bypass-tls-verification",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-spring.bypass-tls-verification.bypass-tls-verification"
               },
-              "fullDescription": {
-                "text": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context' instead."
+              "full_description": {
+                "text": "Checks for redefinitions of functions that check TLS/SSL certificate verification. This can lead to vulnerabilities, as simple errors in the code can result in lack of proper certificate validation. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.bypass-tls-verification.bypass-tls-verification",
               "help": {
-                "markdown": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.unverified-ssl-context.unverified-ssl-context)\n - [https://docs.python.org/3/library/ssl.html#ssl-security](https://docs.python.org/3/library/ssl.html#ssl-security)\n - [https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection](https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection)\n",
-                "text": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for redefinitions of functions that check TLS/SSL certificate verification. This can lead to vulnerabilities, as simple errors in the code can result in lack of proper certificate validation. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for redefinitions of functions that check TLS/SSL certificate verification. This can lead to vulnerabilities, as simple errors in the code can result in lack of proper certificate validation. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.bypass-tls-verification.bypass-tls-verification)\n - [https://stackoverflow.com/questions/4072585/disabling-ssl-certificate-validation-in-spring-resttemplate](https://stackoverflow.com/questions/4072585/disabling-ssl-certificate-validation-in-spring-resttemplate)\n - [https://stackoverflow.com/questions/35530558/how-to-fix-unsafe-implementation-of-x509trustmanager-in-android-app?rq=1](https://stackoverflow.com/questions/35530558/how-to-fix-unsafe-implementation-of-x509trustmanager-in-android-app?rq=1)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.unverified-ssl-context.unverified-ssl-context",
-              "id": "python.lang.security.unverified-ssl-context.unverified-ssl-context",
-              "name": "python.lang.security.unverified-ssl-context.unverified-ssl-context",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-295: Improper Certificate Validation",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.unverified-ssl-context.unverified-ssl-context"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.jwt.security.unverified-jwt-decode.unverified-jwt-decode",
+              "name": "python.jwt.security.unverified-jwt-decode.unverified-jwt-decode",
+              "short_description": {
+                "text": "Semgrep Finding: python.jwt.security.unverified-jwt-decode.unverified-jwt-decode"
               },
-              "fullDescription": {
-                "text": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from hostpath to prevent this."
+              "full_description": {
+                "text": "Detected JWT token decoded with 'verify=False'. This bypasses any integrity checks for the token which means the token could be tampered with by malicious actors. Ensure that the JWT token is verified."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.jwt.security.unverified-jwt-decode.unverified-jwt-decode",
               "help": {
-                "markdown": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from hostpath to prevent this.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.exposing-docker-socket-hostpath.exposing-docker-socket-hostpath)\n - [https://kubernetes.io/docs/concepts/storage/volumes/#hostpath](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-1-do-not-expose-the-docker-daemon-socket-even-to-the-containers](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-1-do-not-expose-the-docker-daemon-socket-even-to-the-containers)\n",
-                "text": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from hostpath to prevent this.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected JWT token decoded with 'verify=False'. This bypasses any integrity checks for the token which means the token could be tampered with by malicious actors. Ensure that the JWT token is verified.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected JWT token decoded with 'verify=False'. This bypasses any integrity checks for the token which means the token could be tampered with by malicious actors. Ensure that the JWT token is verified.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.jwt.security.unverified-jwt-decode.unverified-jwt-decode)\n - [https://github.com/we45/Vulnerable-Flask-App/blob/752ee16087c0bfb79073f68802d907569a1f0df7/app/app.py#L96](https://github.com/we45/Vulnerable-Flask-App/blob/752ee16087c0bfb79073f68802d907569a1f0df7/app/app.py#L96)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.exposing-docker-socket-hostpath.exposing-docker-socket-hostpath",
-              "id": "yaml.kubernetes.security.exposing-docker-socket-hostpath.exposing-docker-socket-hostpath",
-              "name": "yaml.kubernetes.security.exposing-docker-socket-hostpath.exposing-docker-socket-hostpath",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-250: Execution with Unnecessary Privileges",
+                  "CWE-287: Improper Authentication",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.exposing-docker-socket-hostpath.exposing-docker-socket-hostpath"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "python.lang.compatibility.python36.python36-compatibility-ssl",
+              "name": "python.lang.compatibility.python36.python36-compatibility-ssl",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python36.python36-compatibility-ssl"
               },
-              "fullDescription": {
-                "text": "Ensure that the expiration date is set on all secrets"
+              "full_description": {
+                "text": "this function is only available on Python 3.6+"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-ssl",
               "help": {
-                "markdown": "Ensure that the expiration date is set on all secrets\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-ensure-secret-expires.keyvault-ensure-secret-expires)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#expiration_date](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret#expiration_date)\n - [https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets](https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets)\n",
-                "text": "Ensure that the expiration date is set on all secrets\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "this function is only available on Python 3.6+\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "this function is only available on Python 3.6+\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-ssl)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-ensure-secret-expires.keyvault-ensure-secret-expires",
-              "id": "terraform.azure.security.keyvault.keyvault-ensure-secret-expires.keyvault-ensure-secret-expires",
-              "name": "terraform.azure.security.keyvault.keyvault-ensure-secret-expires.keyvault-ensure-secret-expires",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-262: Not Using Password Aging",
-                  "MEDIUM CONFIDENCE",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.keyvault.keyvault-ensure-secret-expires.keyvault-ensure-secret-expires"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ocaml.lang.security.unsafe.ocamllint-unsafe",
+              "name": "ocaml.lang.security.unsafe.ocamllint-unsafe",
+              "short_description": {
+                "text": "Semgrep Finding: ocaml.lang.security.unsafe.ocamllint-unsafe"
               },
-              "fullDescription": {
-                "text": "Data from request is passed to redirect(). This is an open redirect and could be exploited. Consider using 'url_for()' to generate links to known locations. If you must use a URL to unknown pages, consider using 'urlparse()' or similar and checking if the 'netloc' property is the same as your site's host name. See the references for more information."
+              "full_description": {
+                "text": "Unsafe functions do not perform boundary checks or have other side effects, use with care."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ocaml.lang.security.unsafe.ocamllint-unsafe",
               "help": {
-                "markdown": "Data from request is passed to redirect(). This is an open redirect and could be exploited. Consider using 'url_for()' to generate links to known locations. If you must use a URL to unknown pages, consider using 'urlparse()' or similar and checking if the 'netloc' property is the same as your site's host name. See the references for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.open-redirect.open-redirect)\n - [https://flask-login.readthedocs.io/en/latest/#login-example](https://flask-login.readthedocs.io/en/latest/#login-example)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html#dangerous-url-redirect-example-1](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html#dangerous-url-redirect-example-1)\n - [https://docs.python.org/3/library/urllib.parse.html#url-parsing](https://docs.python.org/3/library/urllib.parse.html#url-parsing)\n",
-                "text": "Data from request is passed to redirect(). This is an open redirect and could be exploited. Consider using 'url_for()' to generate links to known locations. If you must use a URL to unknown pages, consider using 'urlparse()' or similar and checking if the 'netloc' property is the same as your site's host name. See the references for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Unsafe functions do not perform boundary checks or have other side effects, use with care.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Unsafe functions do not perform boundary checks or have other side effects, use with care.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.security.unsafe.ocamllint-unsafe)\n - [https://v2.ocaml.org/api/Bigarray.Array1.html#VALunsafe_get](https://v2.ocaml.org/api/Bigarray.Array1.html#VALunsafe_get)\n - [https://v2.ocaml.org/api/Bytes.html#VALunsafe_to_string](https://v2.ocaml.org/api/Bytes.html#VALunsafe_to_string)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.open-redirect.open-redirect",
-              "id": "python.flask.security.open-redirect.open-redirect",
-              "name": "python.flask.security.open-redirect.open-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-242: Use of Inherently Dangerous Function (4.12)",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.open-redirect.open-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.angular.security.detect-angular-sce-disabled.detect-angular-sce-disabled",
+              "name": "javascript.angular.security.detect-angular-sce-disabled.detect-angular-sce-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-sce-disabled.detect-angular-sce-disabled"
               },
-              "fullDescription": {
-                "text": "Be careful with `flask.make_response()`. If this response is rendered onto a webpage, this could create a cross-site scripting (XSS) vulnerability. `flask.make_response()` will not autoescape HTML. If you are rendering HTML, write your HTML in a template file and use `flask.render_template()` which will take care of escaping. If you are returning data from an API, consider using `flask.jsonify()`."
+              "full_description": {
+                "text": "$sceProvider is set to false. Disabling Strict Contextual escaping (SCE) in an AngularJS application could provide additional attack surface for XSS vulnerabilities."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-sce-disabled.detect-angular-sce-disabled",
               "help": {
-                "markdown": "Be careful with `flask.make_response()`. If this response is rendered onto a webpage, this could create a cross-site scripting (XSS) vulnerability. `flask.make_response()` will not autoescape HTML. If you are rendering HTML, write your HTML in a template file and use `flask.render_template()` which will take care of escaping. If you are returning data from an API, consider using `flask.jsonify()`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.xss.make-response-with-unknown-content.make-response-with-unknown-content)\n - [https://github.com/python-security/pyt//blob/093a077bcf12d1f58ddeb2d73ddc096623985fb0/examples/vulnerable_code/XSS_assign_to_other_var.py#L11](https://github.com/python-security/pyt//blob/093a077bcf12d1f58ddeb2d73ddc096623985fb0/examples/vulnerable_code/XSS_assign_to_other_var.py#L11)\n - [https://flask.palletsprojects.com/en/1.1.x/api/#flask.Flask.make_response](https://flask.palletsprojects.com/en/1.1.x/api/#flask.Flask.make_response)\n - [https://flask.palletsprojects.com/en/1.1.x/api/#response-objects](https://flask.palletsprojects.com/en/1.1.x/api/#response-objects)\n",
-                "text": "Be careful with `flask.make_response()`. If this response is rendered onto a webpage, this could create a cross-site scripting (XSS) vulnerability. `flask.make_response()` will not autoescape HTML. If you are rendering HTML, write your HTML in a template file and use `flask.render_template()` which will take care of escaping. If you are returning data from an API, consider using `flask.jsonify()`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "$sceProvider is set to false. Disabling Strict Contextual escaping (SCE) in an AngularJS application could provide additional attack surface for XSS vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "$sceProvider is set to false. Disabling Strict Contextual escaping (SCE) in an AngularJS application could provide additional attack surface for XSS vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-sce-disabled.detect-angular-sce-disabled)\n - [https://docs.angularjs.org/api/ng/service/$sce](https://docs.angularjs.org/api/ng/service/$sce)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.xss.make-response-with-unknown-content.make-response-with-unknown-content",
-              "id": "python.flask.security.audit.xss.make-response-with-unknown-content.make-response-with-unknown-content",
-              "name": "python.flask.security.audit.xss.make-response-with-unknown-content.make-response-with-unknown-content",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "HIGH CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.xss.make-response-with-unknown-content.make-response-with-unknown-content"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.eval-use.eval-use",
+              "name": "php.lang.security.eval-use.eval-use",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.eval-use.eval-use"
               },
-              "fullDescription": {
-                "text": "Ensure EBS Volume is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Evaluating non-constant commands. This can lead to command injection."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.eval-use.eval-use",
               "help": {
-                "markdown": "Ensure EBS Volume is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ebs-volume-encrypted-with-cmk.aws-ebs-volume-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure EBS Volume is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Evaluating non-constant commands. This can lead to command injection.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Evaluating non-constant commands. This can lead to command injection.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.eval-use.eval-use)\n - [https://www.php.net/manual/en/function.eval](https://www.php.net/manual/en/function.eval)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/NoEvalsSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/NoEvalsSniff.php)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-ebs-volume-encrypted-with-cmk.aws-ebs-volume-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-ebs-volume-encrypted-with-cmk.aws-ebs-volume-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-ebs-volume-encrypted-with-cmk.aws-ebs-volume-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-ebs-volume-encrypted-with-cmk.aws-ebs-volume-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-aws-access-key-id-value.detected-aws-access-key-id-value",
+              "name": "generic.secrets.security.detected-aws-access-key-id-value.detected-aws-access-key-id-value",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-aws-access-key-id-value.detected-aws-access-key-id-value"
               },
-              "fullDescription": {
-                "text": "This gets data from session using user inputs. A malicious user may be able to retrieve information from your session that you didn't intend them to. Do not use user input as a session key."
+              "full_description": {
+                "text": "AWS Access Key ID Value detected. This is a sensitive credential and should not be hardcoded here. Instead, read this value from an environment variable or keep it in a separate, private file."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-aws-access-key-id-value.detected-aws-access-key-id-value",
               "help": {
-                "markdown": "## Remediation\nSession manipulation can occur when an application allows user-input in session keys. Since sessions are typically considered a source of truth (e.g. to check the logged-in user or to match CSRF tokens), allowing an attacker to manipulate the session may lead to unintended behavior.\n\n## References\n[Session Manipulation](https://brakemanscanner.org/docs/warning_types/session_manipulation/)\n\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.avoid-session-manipulation.avoid-session-manipulation)\n - [https://brakemanscanner.org/docs/warning_types/session_manipulation/](https://brakemanscanner.org/docs/warning_types/session_manipulation/)\n",
-                "text": "## Remediation\nSession manipulation can occur when an application allows user-input in session keys. Since sessions are typically considered a source of truth (e.g. to check the logged-in user or to match CSRF tokens), allowing an attacker to manipulate the session may lead to unintended behavior.\n\n## References\n[Session Manipulation](https://brakemanscanner.org/docs/warning_types/session_manipulation/)\n\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "AWS Access Key ID Value detected. This is a sensitive credential and should not be hardcoded here. Instead, read this value from an environment variable or keep it in a separate, private file.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "AWS Access Key ID Value detected. This is a sensitive credential and should not be hardcoded here. Instead, read this value from an environment variable or keep it in a separate, private file.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-aws-access-key-id-value.detected-aws-access-key-id-value)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.avoid-session-manipulation.avoid-session-manipulation",
-              "id": "ruby.rails.security.audit.avoid-session-manipulation.avoid-session-manipulation",
-              "name": "ruby.rails.security.audit.avoid-session-manipulation.avoid-session-manipulation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-276: Incorrect Default Permissions",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
+              }
+            },
+            {
+              "id": "javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash",
+              "name": "javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash"
+              },
+              "full_description": {
+                "text": "Found an initialization of the Intercom Messenger that identifies a User, but does not specify a `user_hash`.This configuration allows users to impersonate one another. See the Intercom Identity Verification docs for more context https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile"
               },
-              "shortDescription": {
-                "text": "Allowing an attacker to manipulate the session may lead to unintended behavior."
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "Encryption at rest is not enabled for the elastic search domain resource"
-              },
+              "help_uri": "https://semgrep.dev/r/javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash",
               "help": {
-                "markdown": "Encryption at rest is not enabled for the elastic search domain resource\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.elastic-search-encryption-at-rest.elastic-search-encryption-at-rest)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Encryption at rest is not enabled for the elastic search domain resource\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found an initialization of the Intercom Messenger that identifies a User, but does not specify a `user_hash`.This configuration allows users to impersonate one another. See the Intercom Identity Verification docs for more context https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found an initialization of the Intercom Messenger that identifies a User, but does not specify a `user_hash`.This configuration allows users to impersonate one another. See the Intercom Identity Verification docs for more context https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash)\n - [https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile](https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.elastic-search-encryption-at-rest.elastic-search-encryption-at-rest",
-              "id": "terraform.lang.security.elastic-search-encryption-at-rest.elastic-search-encryption-at-rest",
-              "name": "terraform.lang.security.elastic-search-encryption-at-rest.elastic-search-encryption-at-rest",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-287: Improper Authentication",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.elastic-search-encryption-at-rest.elastic-search-encryption-at-rest"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "bash.curl.security.curl-eval.curl-eval",
+              "name": "bash.curl.security.curl-eval.curl-eval",
+              "short_description": {
+                "text": "Semgrep Finding: bash.curl.security.curl-eval.curl-eval"
               },
-              "fullDescription": {
-                "text": "Overwriting `transformLinkUri` or `transformImageUri` to something insecure, or turning `allowDangerousHtml` on, or turning `escapeHtml` off, will open the code up to XSS vectors."
+              "full_description": {
+                "text": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/bash.curl.security.curl-eval.curl-eval",
               "help": {
-                "markdown": "Overwriting `transformLinkUri` or `transformImageUri` to something insecure, or turning `allowDangerousHtml` on, or turning `escapeHtml` off, will open the code up to XSS vectors.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.react-markdown-insecure-html.react-markdown-insecure-html)\n - [https://www.npmjs.com/package/react-markdown#security](https://www.npmjs.com/package/react-markdown#security)\n",
-                "text": "Overwriting `transformLinkUri` or `transformImageUri` to something insecure, or turning `allowDangerousHtml` on, or turning `escapeHtml` off, will open the code up to XSS vectors.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/bash.curl.security.curl-eval.curl-eval)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.react.security.react-markdown-insecure-html.react-markdown-insecure-html",
-              "id": "typescript.react.security.react-markdown-insecure-html.react-markdown-insecure-html",
-              "name": "typescript.react.security.react-markdown-insecure-html.react-markdown-insecure-html",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.react.security.react-markdown-insecure-html.react-markdown-insecure-html"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.injection.email.xss-send-mail-html-message.xss-send-mail-html-message",
+              "name": "python.django.security.injection.email.xss-send-mail-html-message.xss-send-mail-html-message",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.email.xss-send-mail-html-message.xss-send-mail-html-message"
               },
-              "fullDescription": {
-                "text": "Unencrypted request over HTTP detected."
+              "full_description": {
+                "text": "Found request data in 'send_mail(...)' that uses 'html_message'. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.email.xss-send-mail-html-message.xss-send-mail-html-message",
               "help": {
-                "markdown": "Unencrypted request over HTTP detected.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.react-insecure-request.react-insecure-request)\n - [https://www.npmjs.com/package/axios](https://www.npmjs.com/package/axios)\n",
-                "text": "Unencrypted request over HTTP detected.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found request data in 'send_mail(...)' that uses 'html_message'. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found request data in 'send_mail(...)' that uses 'html_message'. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.email.xss-send-mail-html-message.xss-send-mail-html-message)\n - [https://www.damonkohler.com/2008/12/email-injection.html](https://www.damonkohler.com/2008/12/email-injection.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.react.security.react-insecure-request.react-insecure-request",
-              "id": "typescript.react.security.react-insecure-request.react-insecure-request",
-              "name": "typescript.react.security.react-insecure-request.react-insecure-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.react.security.react-insecure-request.react-insecure-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.tainted-session-from-http-request.tainted-session-from-http-request",
+              "name": "java.lang.security.audit.tainted-session-from-http-request.tainted-session-from-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.tainted-session-from-http-request.tainted-session-from-http-request"
               },
-              "fullDescription": {
-                "text": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data."
+              "full_description": {
+                "text": "Detected input from a HTTPServletRequest going into a session command, like `setAttribute`. User input into such a command could lead to an attacker inputting malicious code into your session parameters, blurring the line between what's trusted and untrusted, and therefore leading to a trust boundary violation. This could lead to programmers trusting unvalidated data. Instead, thoroughly sanitize user input before passing it into such function calls."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.tainted-session-from-http-request.tainted-session-from-http-request",
               "help": {
-                "markdown": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.tainted-html-response.tainted-html-response)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected input from a HTTPServletRequest going into a session command, like `setAttribute`. User input into such a command could lead to an attacker inputting malicious code into your session parameters, blurring the line between what's trusted and untrusted, and therefore leading to a trust boundary violation. This could lead to programmers trusting unvalidated data. Instead, thoroughly sanitize user input before passing it into such function calls.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected input from a HTTPServletRequest going into a session command, like `setAttribute`. User input into such a command could lead to an attacker inputting malicious code into your session parameters, blurring the line between what's trusted and untrusted, and therefore leading to a trust boundary violation. This could lead to programmers trusting unvalidated data. Instead, thoroughly sanitize user input before passing it into such function calls.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.tainted-session-from-http-request.tainted-session-from-http-request)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.tainted-html-response.tainted-html-response",
-              "id": "python.aws-lambda.security.tainted-html-response.tainted-html-response",
-              "name": "python.aws-lambda.security.tainted-html-response.tainted-html-response",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-501: Trust Boundary Violation",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.tainted-html-response.tainted-html-response"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.azure.security.appservice.appservice-use-secure-tls-policy.appservice-use-secure-tls-policy",
+              "name": "terraform.azure.security.appservice.appservice-use-secure-tls-policy.appservice-use-secure-tls-policy",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-use-secure-tls-policy.appservice-use-secure-tls-policy"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use 'url_for()' to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header."
+              "full_description": {
+                "text": "Detected an AppService that was not configured to use TLS 1.2. Add `site_config.min_tls_version = \"1.2\"` in your resource block."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-use-secure-tls-policy.appservice-use-secure-tls-policy",
               "help": {
-                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use 'url_for()' to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.xss.audit.template-href-var.template-href-var)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss)\n - [https://content-security-policy.com/](https://content-security-policy.com/)\n",
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use 'url_for()' to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an AppService that was not configured to use TLS 1.2. Add `site_config.min_tls_version = \"1.2\"` in your resource block.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an AppService that was not configured to use TLS 1.2. Add `site_config.min_tls_version = \"1.2\"` in your resource block.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-use-secure-tls-policy.appservice-use-secure-tls-policy)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#min_tls_version](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#min_tls_version)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.xss.audit.template-href-var.template-href-var",
-              "id": "python.flask.security.xss.audit.template-href-var.template-href-var",
-              "name": "python.flask.security.xss.audit.template-href-var.template-href-var",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.xss.audit.template-href-var.template-href-var"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.xxe.documentbuilderfactory-external-parameter-entities-true.documentbuilderfactory-external-parameter-entities-true",
+              "name": "java.lang.security.audit.xxe.documentbuilderfactory-external-parameter-entities-true.documentbuilderfactory-external-parameter-entities-true",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.xxe.documentbuilderfactory-external-parameter-entities-true.documentbuilderfactory-external-parameter-entities-true"
               },
-              "fullDescription": {
-                "text": "Detected 'create_subprocess_exec' function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'."
+              "full_description": {
+                "text": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-parameter-entities\" to false."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-external-parameter-entities-true.documentbuilderfactory-external-parameter-entities-true",
               "help": {
-                "markdown": "Detected 'create_subprocess_exec' function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-create-exec.dangerous-asyncio-create-exec)\n - [https://docs.python.org/3/library/asyncio-subprocess.html#asyncio.create_subprocess_exec](https://docs.python.org/3/library/asyncio-subprocess.html#asyncio.create_subprocess_exec)\n - [https://docs.python.org/3/library/shlex.html](https://docs.python.org/3/library/shlex.html)\n",
-                "text": "Detected 'create_subprocess_exec' function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-parameter-entities\" to false.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-external-parameter-entities-true.documentbuilderfactory-external-parameter-entities-true)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-create-exec.dangerous-asyncio-create-exec",
-              "id": "python.aws-lambda.security.dangerous-asyncio-create-exec.dangerous-asyncio-create-exec",
-              "name": "python.aws-lambda.security.dangerous-asyncio-create-exec.dangerous-asyncio-create-exec",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-asyncio-create-exec.dangerous-asyncio-create-exec"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.boto3.security.hardcoded-token.hardcoded-token",
+              "name": "python.boto3.security.hardcoded-token.hardcoded-token",
+              "short_description": {
+                "text": "Semgrep Finding: python.boto3.security.hardcoded-token.hardcoded-token"
               },
-              "fullDescription": {
-                "text": "The profiling 'pprof' endpoint is automatically exposed on /debug/pprof. This could leak information about the server. Instead, use `import \"net/http/pprof\"`. See https://www.farsightsecurity.com/blog/txt-record/go-remote-profiling-20161028/ for more information and mitigation."
+              "full_description": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.boto3.security.hardcoded-token.hardcoded-token",
               "help": {
-                "markdown": "The profiling 'pprof' endpoint is automatically exposed on /debug/pprof. This could leak information about the server. Instead, use `import \"net/http/pprof\"`. See https://www.farsightsecurity.com/blog/txt-record/go-remote-profiling-20161028/ for more information and mitigation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.pprof.pprof-debug-exposure)\n - [https://www.farsightsecurity.com/blog/txt-record/go-remote-profiling-20161028/](https://www.farsightsecurity.com/blog/txt-record/go-remote-profiling-20161028/)\n",
-                "text": "The profiling 'pprof' endpoint is automatically exposed on /debug/pprof. This could leak information about the server. Instead, use `import \"net/http/pprof\"`. See https://www.farsightsecurity.com/blog/txt-record/go-remote-profiling-20161028/ for more information and mitigation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.boto3.security.hardcoded-token.hardcoded-token)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n - [https://bento.dev/checks/boto3/hardcoded-access-token/](https://bento.dev/checks/boto3/hardcoded-access-token/)\n - [https://aws.amazon.com/blogs/security/what-to-do-if-you-inadvertently-expose-an-aws-access-key/](https://aws.amazon.com/blogs/security/what-to-do-if-you-inadvertently-expose-an-aws-access-key/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.pprof.pprof-debug-exposure",
-              "id": "go.lang.security.audit.net.pprof.pprof-debug-exposure",
-              "name": "go.lang.security.audit.net.pprof.pprof-debug-exposure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-489: Active Debug Code",
-                  "LOW CONFIDENCE",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.pprof.pprof-debug-exposure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.xss.templates.unquoted-attribute.unquoted-attribute",
+              "name": "ruby.rails.security.audit.xss.templates.unquoted-attribute.unquoted-attribute",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.unquoted-attribute.unquoted-attribute"
               },
-              "fullDescription": {
-                "text": "Detects direct creations of $HTTPS servers that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities."
+              "full_description": {
+                "text": "Detected a unquoted template variable as an attribute. If unquoted, a malicious actor could inject custom JavaScript handlers. To fix this, add quotes around the template expression, like this: \"<%= expr %>\"."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.unquoted-attribute.unquoted-attribute",
               "help": {
-                "markdown": "Detects direct creations of $HTTPS servers that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions1.disallow-old-tls-versions1)\n - [https://us-cert.cisa.gov/ncas/alerts/TA14-290A](https://us-cert.cisa.gov/ncas/alerts/TA14-290A)\n - [https://stackoverflow.com/questions/40434934/how-to-disable-the-ssl-3-0-and-tls-1-0-in-nodejs](https://stackoverflow.com/questions/40434934/how-to-disable-the-ssl-3-0-and-tls-1-0-in-nodejs)\n - [https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener)\n",
-                "text": "Detects direct creations of $HTTPS servers that don't disallow SSL v2, SSL v3, and TLS v1. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a unquoted template variable as an attribute. If unquoted, a malicious actor could inject custom JavaScript handlers. To fix this, add quotes around the template expression, like this: \"<%= expr %>\".\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a unquoted template variable as an attribute. If unquoted, a malicious actor could inject custom JavaScript handlers. To fix this, add quotes around the template expression, like this: \"<%= expr %>\".\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.unquoted-attribute.unquoted-attribute)\n - [https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#unquoted-attributes](https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#unquoted-attributes)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions1.disallow-old-tls-versions1",
-              "id": "problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions1.disallow-old-tls-versions1",
-              "name": "problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions1.disallow-old-tls-versions1",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.disallow-old-tls-versions1.disallow-old-tls-versions1"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.angular.security.detect-angular-trust-as-js-method.detect-angular-trust-as-js-method",
+              "name": "javascript.angular.security.detect-angular-trust-as-js-method.detect-angular-trust-as-js-method",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-js-method.detect-angular-trust-as-js-method"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a pgx Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can use parameterized queries like so: (`SELECT $1 FROM table`, `data1)"
+              "full_description": {
+                "text": "The use of $sce.trustAsJs can be dangerous if unsanitized user input flows through this API."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-js-method.detect-angular-trust-as-js-method",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a pgx Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can use parameterized queries like so: (`SELECT $1 FROM table`, `data1)\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.sqli.pgx-sqli.pgx-sqli)\n - [https://github.com/jackc/pgx](https://github.com/jackc/pgx)\n - [https://pkg.go.dev/github.com/jackc/pgx/v4#hdr-Connection_Pool](https://pkg.go.dev/github.com/jackc/pgx/v4#hdr-Connection_Pool)\n",
-                "text": "Detected string concatenation with a non-literal variable in a pgx Go SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead. You can use parameterized queries like so: (`SELECT $1 FROM table`, `data1)\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The use of $sce.trustAsJs can be dangerous if unsanitized user input flows through this API.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The use of $sce.trustAsJs can be dangerous if unsanitized user input flows through this API.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-js-method.detect-angular-trust-as-js-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsJs](https://docs.angularjs.org/api/ng/service/$sce#trustAsJs)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.sqli.pgx-sqli.pgx-sqli",
-              "id": "go.lang.security.audit.sqli.pgx-sqli.pgx-sqli",
-              "name": "go.lang.security.audit.sqli.pgx-sqli.pgx-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.sqli.pgx-sqli.pgx-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "json.aws.security.wildcard-assume-role.wildcard-assume-role",
+              "name": "json.aws.security.wildcard-assume-role.wildcard-assume-role",
+              "short_description": {
+                "text": "Semgrep Finding: json.aws.security.wildcard-assume-role.wildcard-assume-role"
               },
-              "fullDescription": {
-                "text": "Found data from an Express or Next web request flowing to `eval`. If this data is user-controllable this can lead to execution of arbitrary system commands in the context of your application process. Avoid `eval` whenever possible."
+              "full_description": {
+                "text": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/json.aws.security.wildcard-assume-role.wildcard-assume-role",
               "help": {
-                "markdown": "Found data from an Express or Next web request flowing to `eval`. If this data is user-controllable this can lead to execution of arbitrary system commands in the context of your application process. Avoid `eval` whenever possible.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.code-string-concat.code-string-concat)\n - [https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval)\n - [https://nodejs.org/api/child_process.html#child_processexeccommand-options-callback](https://nodejs.org/api/child_process.html#child_processexeccommand-options-callback)\n - [https://www.stackhawk.com/blog/nodejs-command-injection-examples-and-prevention/](https://www.stackhawk.com/blog/nodejs-command-injection-examples-and-prevention/)\n - [https://ckarande.gitbooks.io/owasp-nodegoat-tutorial/content/tutorial/a1_-_server_side_js_injection.html](https://ckarande.gitbooks.io/owasp-nodegoat-tutorial/content/tutorial/a1_-_server_side_js_injection.html)\n",
-                "text": "Found data from an Express or Next web request flowing to `eval`. If this data is user-controllable this can lead to execution of arbitrary system commands in the context of your application process. Avoid `eval` whenever possible.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/json.aws.security.wildcard-assume-role.wildcard-assume-role)\n - [https://rhinosecuritylabs.com/aws/assume-worst-aws-assume-role-enumeration/](https://rhinosecuritylabs.com/aws/assume-worst-aws-assume-role-enumeration/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.code-string-concat.code-string-concat",
-              "id": "javascript.lang.security.audit.code-string-concat.code-string-concat",
-              "name": "javascript.lang.security.audit.code-string-concat.code-string-concat",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-250: Execution with Unnecessary Privileges",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.code-string-concat.code-string-concat"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.azure.security.appservice.appservice-enable-https-only.appservice-enable-https-only",
+              "name": "terraform.azure.security.appservice.appservice-enable-https-only.appservice-enable-https-only",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-enable-https-only.appservice-enable-https-only"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI."
+              "full_description": {
+                "text": "By default, clients can connect to App Service by using both HTTP or HTTPS. HTTP should be disabled enabling the HTTPS Only setting."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-enable-https-only.appservice-enable-https-only",
               "help": {
-                "markdown": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-script-tag.var-in-script-tag)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n",
-                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "By default, clients can connect to App Service by using both HTTP or HTTPS. HTTP should be disabled enabling the HTTPS Only setting.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "By default, clients can connect to App Service by using both HTTP or HTTPS. HTTP should be disabled enabling the HTTPS Only setting.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-enable-https-only.appservice-enable-https-only)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#https_only](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#https_only)\n - [https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-bindings#enforce-https](https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-bindings#enforce-https)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-script-tag.var-in-script-tag",
-              "id": "javascript.express.security.audit.xss.ejs.var-in-script-tag.var-in-script-tag",
-              "name": "javascript.express.security.audit.xss.ejs.var-in-script-tag.var-in-script-tag",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.ejs.var-in-script-tag.var-in-script-tag"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_DEBUG",
+              "name": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_DEBUG",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_DEBUG"
               },
-              "fullDescription": {
-                "text": "Detected non-constant data passed into an LDAP query. If this data can be controlled by an external user, this is an LDAP injection. Ensure data passed to an LDAP query is not controllable; or properly sanitize the data."
+              "full_description": {
+                "text": "Hardcoded variable `DEBUG` detected. Set this by using FLASK_DEBUG environment variable"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_DEBUG",
               "help": {
-                "markdown": "Detected non-constant data passed into an LDAP query. If this data can be controlled by an external user, this is an LDAP injection. Ensure data passed to an LDAP query is not controllable; or properly sanitize the data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.ldap-injection.ldap-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected non-constant data passed into an LDAP query. If this data can be controlled by an external user, this is an LDAP injection. Ensure data passed to an LDAP query is not controllable; or properly sanitize the data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Hardcoded variable `DEBUG` detected. Set this by using FLASK_DEBUG environment variable\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Hardcoded variable `DEBUG` detected. Set this by using FLASK_DEBUG environment variable\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_DEBUG)\n - [https://bento.dev/checks/flask/avoid-hardcoded-config/](https://bento.dev/checks/flask/avoid-hardcoded-config/)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.ldap-injection.ldap-injection",
-              "id": "java.lang.security.audit.ldap-injection.ldap-injection",
-              "name": "java.lang.security.audit.ldap-injection.ldap-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')",
+                  "CWE-489: Active Debug Code",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.ldap-injection.ldap-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "scala.lang.security.audit.scalac-debug.scalac-debug",
+              "name": "scala.lang.security.audit.scalac-debug.scalac-debug",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.scalac-debug.scalac-debug"
               },
-              "fullDescription": {
-                "text": "Method $METHOD in API controller $CLASS provides user arg $ARG to requests method $REQMETHOD"
+              "full_description": {
+                "text": "Scala applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Remove it from configuration."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.scalac-debug.scalac-debug",
               "help": {
-                "markdown": "Method $METHOD in API controller $CLASS provides user arg $ARG to requests method $REQMETHOD\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.flask-api-method-string-format.flask-api-method-string-format)\n - [https://cwe.mitre.org/data/definitions/134.html](https://cwe.mitre.org/data/definitions/134.html)\n",
-                "text": "Method $METHOD in API controller $CLASS provides user arg $ARG to requests method $REQMETHOD\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Scala applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Remove it from configuration.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Scala applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Remove it from configuration.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.scalac-debug.scalac-debug)\n - [https://docs.scala-lang.org/overviews/compiler-options/index.html](https://docs.scala-lang.org/overviews/compiler-options/index.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.flask-api-method-string-format.flask-api-method-string-format",
-              "id": "python.flask.security.flask-api-method-string-format.flask-api-method-string-format",
-              "name": "python.flask.security.flask-api-method-string-format.flask-api-method-string-format",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-134: Use of Externally-Controlled Format String",
-                  "LOW CONFIDENCE",
+                  "CWE-489: Active Debug Code",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.flask-api-method-string-format.flask-api-method-string-format"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.net.unescaped-data-in-htmlattr.unescaped-data-in-htmlattr",
+              "name": "go.lang.security.audit.net.unescaped-data-in-htmlattr.unescaped-data-in-htmlattr",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.unescaped-data-in-htmlattr.unescaped-data-in-htmlattr"
               },
-              "fullDescription": {
-                "text": "The use of $translateProvider.translations method can be dangerous if user input is provided to this API."
+              "full_description": {
+                "text": "Found a formatted template string passed to 'template. HTMLAttr()'. 'template.HTMLAttr()' does not escape contents. Be absolutely sure there is no user-controlled data in this template or validate and sanitize the data before passing it into the template."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-htmlattr.unescaped-data-in-htmlattr",
               "help": {
-                "markdown": "The use of $translateProvider.translations method can be dangerous if user input is provided to this API.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-third-party-angular-translate.detect-angular-translateprovider-translations-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsUrl](https://docs.angularjs.org/api/ng/service/$sce#trustAsUrl)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "The use of $translateProvider.translations method can be dangerous if user input is provided to this API.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found a formatted template string passed to 'template. HTMLAttr()'. 'template.HTMLAttr()' does not escape contents. Be absolutely sure there is no user-controlled data in this template or validate and sanitize the data before passing it into the template.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a formatted template string passed to 'template. HTMLAttr()'. 'template.HTMLAttr()' does not escape contents. Be absolutely sure there is no user-controlled data in this template or validate and sanitize the data before passing it into the template.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-htmlattr.unescaped-data-in-htmlattr)\n - [https://golang.org/pkg/html/template/#HTMLAttr](https://golang.org/pkg/html/template/#HTMLAttr)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-third-party-angular-translate.detect-angular-translateprovider-translations-method",
-              "id": "javascript.angular.security.detect-third-party-angular-translate.detect-angular-translateprovider-translations-method",
-              "name": "javascript.angular.security.detect-third-party-angular-translate.detect-angular-translateprovider-translations-method",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -12372,1151 +13076,1194 @@
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-third-party-angular-translate.detect-angular-translateprovider-translations-method"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.shelljs.security.shelljs-exec-injection.shelljs-exec-injection",
+              "name": "javascript.shelljs.security.shelljs-exec-injection.shelljs-exec-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.shelljs.security.shelljs-exec-injection.shelljs-exec-injection"
               },
-              "fullDescription": {
-                "text": "$type extension has the potential to be unsafe, so use it with common sense and known json sources and not public facing ones to be safe"
+              "full_description": {
+                "text": "If unverified user data can reach the `exec` method it can result in Remote Code Execution"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.shelljs.security.shelljs-exec-injection.shelljs-exec-injection",
               "help": {
-                "markdown": "$type extension has the potential to be unsafe, so use it with common sense and known json sources and not public facing ones to be safe\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.fast-json.insecure-fastjson-deserialization)\n - [https://github.com/mgholam/fastJSON#security-warning-update](https://github.com/mgholam/fastJSON#security-warning-update)\n",
-                "text": "$type extension has the potential to be unsafe, so use it with common sense and known json sources and not public facing ones to be safe\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `exec` method it can result in Remote Code Execution\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `exec` method it can result in Remote Code Execution\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.shelljs.security.shelljs-exec-injection.shelljs-exec-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.fast-json.insecure-fastjson-deserialization",
-              "id": "csharp.lang.security.insecure-deserialization.fast-json.insecure-fastjson-deserialization",
-              "name": "csharp.lang.security.insecure-deserialization.fast-json.insecure-fastjson-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.fast-json.insecure-fastjson-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.sqli.csharp-sqli.csharp-sqli",
+              "name": "csharp.lang.security.sqli.csharp-sqli.csharp-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.sqli.csharp-sqli.csharp-sqli"
               },
-              "fullDescription": {
-                "text": "'ssl.wrap_socket()' is deprecated. This function creates an insecure socket without server name indication or hostname matching. Instead, create an SSL context using 'ssl.SSLContext()' and use that to wrap a socket."
+              "full_description": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements instead. You can obtain a PreparedStatement using 'SqlCommand' and 'SqlParameter'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.sqli.csharp-sqli.csharp-sqli",
               "help": {
-                "markdown": "'ssl.wrap_socket()' is deprecated. This function creates an insecure socket without server name indication or hostname matching. Instead, create an SSL context using 'ssl.SSLContext()' and use that to wrap a socket.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated)\n - [https://docs.python.org/3/library/ssl.html#ssl.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.wrap_socket)\n - [https://docs.python.org/3/library/ssl.html#ssl.SSLContext.wrap_socket](https://docs.python.org/3/library/ssl.html#ssl.SSLContext.wrap_socket)\n",
-                "text": "'ssl.wrap_socket()' is deprecated. This function creates an insecure socket without server name indication or hostname matching. Instead, create an SSL context using 'ssl.SSLContext()' and use that to wrap a socket.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements instead. You can obtain a PreparedStatement using 'SqlCommand' and 'SqlParameter'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements instead. You can obtain a PreparedStatement using 'SqlCommand' and 'SqlParameter'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.sqli.csharp-sqli.csharp-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated",
-              "id": "python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated",
-              "name": "python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "python.flask.security.audit.directly-returned-format-string.directly-returned-format-string",
+              "name": "python.flask.security.audit.directly-returned-format-string.directly-returned-format-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.directly-returned-format-string.directly-returned-format-string"
               },
-              "fullDescription": {
-                "text": "This rule has been deprecated, as all s3 buckets are encrypted by default with no way to disable it. See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration for more info."
+              "full_description": {
+                "text": "Detected Flask route directly returning a formatted string. This is subject to cross-site scripting if user input can reach the string. Consider using the template engine instead and rendering pages with 'render_template()'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.directly-returned-format-string.directly-returned-format-string",
               "help": {
-                "markdown": "This rule has been deprecated, as all s3 buckets are encrypted by default with no way to disable it. See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration for more info.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.s3-unencrypted-bucket.s3-unencrypted-bucket)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#server_side_encryption_configuration](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#server_side_encryption_configuration)\n - [https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html)\n",
-                "text": "This rule has been deprecated, as all s3 buckets are encrypted by default with no way to disable it. See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration for more info.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected Flask route directly returning a formatted string. This is subject to cross-site scripting if user input can reach the string. Consider using the template engine instead and rendering pages with 'render_template()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected Flask route directly returning a formatted string. This is subject to cross-site scripting if user input can reach the string. Consider using the template engine instead and rendering pages with 'render_template()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.directly-returned-format-string.directly-returned-format-string)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.s3-unencrypted-bucket.s3-unencrypted-bucket",
-              "id": "terraform.lang.security.s3-unencrypted-bucket.s3-unencrypted-bucket",
-              "name": "terraform.lang.security.s3-unencrypted-bucket.s3-unencrypted-bucket",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.s3-unencrypted-bucket.s3-unencrypted-bucket"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.injection.tainted-url-host.tainted-url-host",
+              "name": "python.flask.security.injection.tainted-url-host.tainted-url-host",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.injection.tainted-url-host.tainted-url-host"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`"
+              "full_description": {
+                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.injection.tainted-url-host.tainted-url-host",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.mysql-sqli.mysql-sqli)\n - [https://dev.mysql.com/doc/connector-python/en/connector-python-api-mysqlcursor-execute.html](https://dev.mysql.com/doc/connector-python/en/connector-python-api-mysqlcursor-execute.html)\n - [https://dev.mysql.com/doc/connector-python/en/connector-python-api-mysqlcursor-executemany.html](https://dev.mysql.com/doc/connector-python/en/connector-python-api-mysqlcursor-executemany.html)\n",
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.tainted-url-host.tainted-url-host)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.mysql-sqli.mysql-sqli",
-              "id": "python.aws-lambda.security.mysql-sqli.mysql-sqli",
-              "name": "python.aws-lambda.security.mysql-sqli.mysql-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.mysql-sqli.mysql-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.unicode.security.bidi.contains-bidirectional-characters",
+              "name": "generic.unicode.security.bidi.contains-bidirectional-characters",
+              "short_description": {
+                "text": "Semgrep Finding: generic.unicode.security.bidi.contains-bidirectional-characters"
               },
-              "fullDescription": {
-                "text": "Use of Blowfish was detected. Blowfish uses a 64-bit block size that  makes it vulnerable to birthday attacks, and is therefore considered non-compliant.  Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
+              "full_description": {
+                "text": "This code contains bidirectional (bidi) characters. While this is useful for support of right-to-left languages such as Arabic or Hebrew, it can also be used to trick language parsers into executing code in a manner that is different from how it is displayed in code editing and review tools. If this is not what you were expecting, please review this code in an editor that can reveal hidden Unicode characters."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.unicode.security.bidi.contains-bidirectional-characters",
               "help": {
-                "markdown": "Use of Blowfish was detected. Blowfish uses a 64-bit block size that  makes it vulnerable to birthday attacks, and is therefore considered non-compliant.  Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-blowfish.use-of-blowfish)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n - [https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html](https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html)\n",
-                "text": "Use of Blowfish was detected. Blowfish uses a 64-bit block size that  makes it vulnerable to birthday attacks, and is therefore considered non-compliant.  Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "This code contains bidirectional (bidi) characters. While this is useful for support of right-to-left languages such as Arabic or Hebrew, it can also be used to trick language parsers into executing code in a manner that is different from how it is displayed in code editing and review tools. If this is not what you were expecting, please review this code in an editor that can reveal hidden Unicode characters.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This code contains bidirectional (bidi) characters. While this is useful for support of right-to-left languages such as Arabic or Hebrew, it can also be used to trick language parsers into executing code in a manner that is different from how it is displayed in code editing and review tools. If this is not what you were expecting, please review this code in an editor that can reveal hidden Unicode characters.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.unicode.security.bidi.contains-bidirectional-characters)\n - [https://trojansource.codes/](https://trojansource.codes/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-blowfish.use-of-blowfish",
-              "id": "java.lang.security.audit.crypto.use-of-blowfish.use-of-blowfish",
-              "name": "java.lang.security.audit.crypto.use-of-blowfish.use-of-blowfish",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-blowfish.use-of-blowfish"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.insecure-deserialization.javascript-serializer.insecure-javascriptserializer-deserialization",
+              "name": "csharp.lang.security.insecure-deserialization.javascript-serializer.insecure-javascriptserializer-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.javascript-serializer.insecure-javascriptserializer-deserialization"
               },
-              "fullDescription": {
-                "text": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead."
+              "full_description": {
+                "text": "The SimpleTypeResolver class is insecure and should not be used. Using SimpleTypeResolver to deserialize JSON could allow the remote client to execute malicious code within the app and take control of the web server."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.javascript-serializer.insecure-javascriptserializer-deserialization",
               "help": {
-                "markdown": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-request-object.insecure-request-object)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.Request](https://docs.python.org/3/library/urllib.request.html#urllib.request.Request)\n",
-                "text": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The SimpleTypeResolver class is insecure and should not be used. Using SimpleTypeResolver to deserialize JSON could allow the remote client to execute malicious code within the app and take control of the web server.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The SimpleTypeResolver class is insecure and should not be used. Using SimpleTypeResolver to deserialize JSON could allow the remote client to execute malicious code within the app and take control of the web server.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.javascript-serializer.insecure-javascriptserializer-deserialization)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.web.script.serialization.simpletyperesolver?view=netframework-4.8#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.web.script.serialization.simpletyperesolver?view=netframework-4.8#remarks)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-request-object.insecure-request-object",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-request-object.insecure-request-object",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-request-object.insecure-request-object",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-request-object.insecure-request-object"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
+              "name": "ruby.lang.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.insufficient-rsa-key-size.insufficient-rsa-key-size"
               },
-              "fullDescription": {
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              "full_description": {
+                "text": "The RSA key size $SIZE is insufficent by NIST standards. It is recommended to use a key length of 2048 or higher."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
               "help": {
-                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.passport-jwt.security.passport-hardcode.hardcoded-passport-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n",
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The RSA key size $SIZE is insufficent by NIST standards. It is recommended to use a key length of 2048 or higher.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The RSA key size $SIZE is insufficent by NIST standards. It is recommended to use a key length of 2048 or higher.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.insufficient-rsa-key-size.insufficient-rsa-key-size)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.passport-jwt.security.passport-hardcode.hardcoded-passport-secret",
-              "id": "javascript.passport-jwt.security.passport-hardcode.hardcoded-passport-secret",
-              "name": "javascript.passport-jwt.security.passport-hardcode.hardcoded-passport-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-326: Inadequate Encryption Strength",
                   "HIGH CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.passport-jwt.security.passport-hardcode.hardcoded-passport-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.encode-packed-collision.encode-packed-collision",
+              "name": "solidity.security.encode-packed-collision.encode-packed-collision",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.encode-packed-collision.encode-packed-collision"
               },
-              "fullDescription": {
-                "text": "Avoid using `shelve`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
+              "full_description": {
+                "text": "abi.encodePacked hash collision with variable length arguments in $F()"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.encode-packed-collision.encode-packed-collision",
               "help": {
-                "markdown": "Avoid using `shelve`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-shelve)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n",
-                "text": "Avoid using `shelve`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "abi.encodePacked hash collision with variable length arguments in $F()\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "abi.encodePacked hash collision with variable length arguments in $F()\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.encode-packed-collision.encode-packed-collision)\n - [https://swcregistry.io/docs/SWC-133](https://swcregistry.io/docs/SWC-133)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-shelve",
-              "id": "python.lang.security.deserialization.pickle.avoid-shelve",
-              "name": "python.lang.security.deserialization.pickle.avoid-shelve",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-20: Improper Input Validation",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.deserialization.pickle.avoid-shelve"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.model-attr-accessible.model-attr-accessible",
+              "name": "ruby.lang.security.model-attr-accessible.model-attr-accessible",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.model-attr-accessible.model-attr-accessible"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/{{link}}'. You may also consider setting the Content Security Policy (CSP) header."
+              "full_description": {
+                "text": "Checks for dangerous permitted attributes that can lead to mass assignment vulnerabilities. Query parameters allowed using permit and attr_accessible are checked for allowance of dangerous attributes admin, banned, role, and account_id. Also checks for usages of params.permit!, which allows everything. Fix: don't allow admin, banned, role, and account_id using permit or attr_accessible."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.model-attr-accessible.model-attr-accessible",
               "help": {
-                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/{{link}}'. You may also consider setting the Content Security Policy (CSP) header.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.var-in-href.var-in-href)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI)\n - [https://github.com/pugjs/pug/issues/2952](https://github.com/pugjs/pug/issues/2952)\n",
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/{{link}}'. You may also consider setting the Content Security Policy (CSP) header.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for dangerous permitted attributes that can lead to mass assignment vulnerabilities. Query parameters allowed using permit and attr_accessible are checked for allowance of dangerous attributes admin, banned, role, and account_id. Also checks for usages of params.permit!, which allows everything. Fix: don't allow admin, banned, role, and account_id using permit or attr_accessible.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for dangerous permitted attributes that can lead to mass assignment vulnerabilities. Query parameters allowed using permit and attr_accessible are checked for allowance of dangerous attributes admin, banned, role, and account_id. Also checks for usages of params.permit!, which allows everything. Fix: don't allow admin, banned, role, and account_id using permit or attr_accessible.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.model-attr-accessible.model-attr-accessible)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_model_attr_accessible.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_model_attr_accessible.rb)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.var-in-href.var-in-href",
-              "id": "javascript.express.security.audit.xss.mustache.var-in-href.var-in-href",
-              "name": "javascript.express.security.audit.xss.mustache.var-in-href.var-in-href",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.mustache.var-in-href.var-in-href"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.sqli.pg8000-sqli.pg8000-sqli",
+              "name": "python.lang.security.audit.sqli.pg8000-sqli.pg8000-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.sqli.pg8000-sqli.pg8000-sqli"
               },
-              "fullDescription": {
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `html/template` package which will safely render HTML instead, or inspect that the HTML is rendered safely."
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a pg8000 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.run(\"SELECT :value FROM table\", value=myvalue)'. You can also create prepared statements with 'conn.prepare': 'conn.prepare(\"SELECT (:v) FROM table\")'"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.sqli.pg8000-sqli.pg8000-sqli",
               "help": {
-                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `html/template` package which will safely render HTML instead, or inspect that the HTML is rendered safely.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.injection.raw-html-format.raw-html-format)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n",
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. Use the `html/template` package which will safely render HTML instead, or inspect that the HTML is rendered safely.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in a pg8000 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.run(\"SELECT :value FROM table\", value=myvalue)'. You can also create prepared statements with 'conn.prepare': 'conn.prepare(\"SELECT (:v) FROM table\")'\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a pg8000 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.run(\"SELECT :value FROM table\", value=myvalue)'. You can also create prepared statements with 'conn.prepare': 'conn.prepare(\"SELECT (:v) FROM table\")'\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.sqli.pg8000-sqli.pg8000-sqli)\n - [https://github.com/tlocke/pg8000](https://github.com/tlocke/pg8000)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.injection.raw-html-format.raw-html-format",
-              "id": "go.lang.security.injection.raw-html-format.raw-html-format",
-              "name": "go.lang.security.injection.raw-html-format.raw-html-format",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.injection.raw-html-format.raw-html-format"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.net.cookie-missing-httponly.cookie-missing-httponly",
+              "name": "go.lang.security.audit.net.cookie-missing-httponly.cookie-missing-httponly",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.cookie-missing-httponly.cookie-missing-httponly"
               },
-              "fullDescription": {
-                "text": "Detected non-static command inside Write. Audit the input to '$CW.Write'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              "full_description": {
+                "text": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Cookie."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.cookie-missing-httponly.cookie-missing-httponly",
               "help": {
-                "markdown": "Detected non-static command inside Write. Audit the input to '$CW.Write'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.dangerous-command-write.dangerous-command-write)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected non-static command inside Write. Audit the input to '$CW.Write'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Cookie.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Cookie.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.cookie-missing-httponly.cookie-missing-httponly)\n - [https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/util/cookie.go](https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/util/cookie.go)\n - [https://golang.org/src/net/http/cookie.go](https://golang.org/src/net/http/cookie.go)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.dangerous-command-write.dangerous-command-write",
-              "id": "go.lang.security.audit.dangerous-command-write.dangerous-command-write",
-              "name": "go.lang.security.audit.dangerous-command-write.dangerous-command-write",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.dangerous-command-write.dangerous-command-write"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-secretsmanager-secret-unencrypted.aws-secretsmanager-secret-unencrypted",
+              "name": "terraform.aws.security.aws-secretsmanager-secret-unencrypted.aws-secretsmanager-secret-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-secretsmanager-secret-unencrypted.aws-secretsmanager-secret-unencrypted"
               },
-              "fullDescription": {
-                "text": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network."
+              "full_description": {
+                "text": "By default, AWS SecretManager secrets are encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your secrets in the Secret Manager. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-secretsmanager-secret-unencrypted.aws-secretsmanager-secret-unencrypted",
               "help": {
-                "markdown": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.gorequest-http-request.gorequest-http-request)\n - [https://github.com/parnurzeal/gorequest](https://github.com/parnurzeal/gorequest)\n",
-                "text": "Checks for requests to http (unencrypted) sites using gorequest, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "By default, AWS SecretManager secrets are encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your secrets in the Secret Manager. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "By default, AWS SecretManager secrets are encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your secrets in the Secret Manager. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-secretsmanager-secret-unencrypted.aws-secretsmanager-secret-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.gorequest-http-request.gorequest-http-request",
-              "id": "problem-based-packs.insecure-transport.go-stdlib.gorequest-http-request.gorequest-http-request",
-              "name": "problem-based-packs.insecure-transport.go-stdlib.gorequest-http-request.gorequest-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.gorequest-http-request.gorequest-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules",
+              "name": "trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules"
               },
-              "fullDescription": {
-                "text": "Detected the use of exec(). exec() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
+              "full_description": {
+                "text": "Usage of NumPy library inside PyTorch `$MODULE` module was found. Avoid mixing these libraries for efficiency and proper ONNX loading"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules",
               "help": {
-                "markdown": "Detected the use of exec(). exec() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.exec-detected.exec-detected)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected the use of exec(). exec() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Usage of NumPy library inside PyTorch `$MODULE` module was found. Avoid mixing these libraries for efficiency and proper ONNX loading\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Usage of NumPy library inside PyTorch `$MODULE` module was found. Avoid mixing these libraries for efficiency and proper ONNX loading\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules)\n - [https://tanelp.github.io/posts/a-bug-that-plagues-thousands-of-open-source-ml-projects](https://tanelp.github.io/posts/a-bug-that-plagues-thousands-of-open-source-ml-projects)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.exec-detected.exec-detected",
-              "id": "python.lang.security.audit.exec-detected.exec-detected",
-              "name": "python.lang.security.audit.exec-detected.exec-detected",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
+                  "MEDIUM CONFIDENCE"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.exec-detected.exec-detected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.zip.path-traversal-inside-zip-extraction",
+              "name": "go.lang.security.zip.path-traversal-inside-zip-extraction",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.zip.path-traversal-inside-zip-extraction"
               },
-              "fullDescription": {
-                "text": "Using variable interpolation `${{...}}` with `github` context data in a `actions/github-script`'s `script:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\"."
+              "full_description": {
+                "text": "File traversal when extracting zip archive"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.zip.path-traversal-inside-zip-extraction",
               "help": {
-                "markdown": "Using variable interpolation `${{...}}` with `github` context data in a `actions/github-script`'s `script:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\".\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.github-script-injection.github-script-injection)\n - [https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections](https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections)\n - [https://securitylab.github.com/research/github-actions-untrusted-input/](https://securitylab.github.com/research/github-actions-untrusted-input/)\n - [https://github.com/actions/github-script](https://github.com/actions/github-script)\n",
-                "text": "Using variable interpolation `${{...}}` with `github` context data in a `actions/github-script`'s `script:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\".\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "File traversal when extracting zip archive\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "File traversal when extracting zip archive\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.zip.path-traversal-inside-zip-extraction)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.github-actions.security.github-script-injection.github-script-injection",
-              "id": "yaml.github-actions.security.github-script-injection.github-script-injection",
-              "name": "yaml.github-actions.security.github-script-injection.github-script-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.github-actions.security.github-script-injection.github-script-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http",
+              "name": "python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http"
               },
-              "fullDescription": {
-                "text": "IPv6Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'."
+              "full_description": {
+                "text": "Detected a request using 'http://'. This request will be unencrypted, and attackers could listen into traffic on the network and be able to obtain sensitive information. Use 'https://' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http",
               "help": {
-                "markdown": "IPv6Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv6network1)\n",
-                "text": "IPv6Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a request using 'http://'. This request will be unencrypted, and attackers could listen into traffic on the network and be able to obtain sensitive information. Use 'https://' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a request using 'http://'. This request will be unencrypted, and attackers could listen into traffic on the network and be able to obtain sensitive information. Use 'https://' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv6network1",
-              "id": "python.lang.compatibility.python37.python37-compatibility-ipv6network1",
-              "name": "python.lang.compatibility.python37.python37-compatibility-ipv6network1",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-ipv6network1"
+                "tags": [
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.sh.security.string-concat.string-concat",
+              "name": "python.sh.security.string-concat.string-concat",
+              "short_description": {
+                "text": "Semgrep Finding: python.sh.security.string-concat.string-concat"
               },
-              "fullDescription": {
-                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library."
+              "full_description": {
+                "text": "Detected string concatenation or formatting in a call to a command via 'sh'. This could be a command injection vulnerability if the data is user-controlled. Instead, use a list and append the argument."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.sh.security.string-concat.string-concat",
               "help": {
-                "markdown": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.play.security.tainted-sql-from-http-request.tainted-sql-from-http-request)\n - [https://docs.oracle.com/javase/7/docs/api/java/sql/PreparedStatement.html](https://docs.oracle.com/javase/7/docs/api/java/sql/PreparedStatement.html)\n",
-                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation or formatting in a call to a command via 'sh'. This could be a command injection vulnerability if the data is user-controlled. Instead, use a list and append the argument.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation or formatting in a call to a command via 'sh'. This could be a command injection vulnerability if the data is user-controlled. Instead, use a list and append the argument.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sh.security.string-concat.string-concat)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.play.security.tainted-sql-from-http-request.tainted-sql-from-http-request",
-              "id": "scala.play.security.tainted-sql-from-http-request.tainted-sql-from-http-request",
-              "name": "scala.play.security.tainted-sql-from-http-request.tainted-sql-from-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "HIGH CONFIDENCE",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.play.security.tainted-sql-from-http-request.tainted-sql-from-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-stripe-api-key.detected-stripe-api-key",
+              "name": "generic.secrets.security.detected-stripe-api-key.detected-stripe-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-stripe-api-key.detected-stripe-api-key"
               },
-              "fullDescription": {
-                "text": "Warning MONGODB-CR was deprecated with the release of MongoDB 3.6 and is no longer supported by MongoDB 4.0 (see https://api.mongodb.com/python/current/examples/authentication.html for details)."
+              "full_description": {
+                "text": "Stripe API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-stripe-api-key.detected-stripe-api-key",
               "help": {
-                "markdown": "Warning MONGODB-CR was deprecated with the release of MongoDB 3.6 and is no longer supported by MongoDB 4.0 (see https://api.mongodb.com/python/current/examples/authentication.html for details).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pymongo.security.mongodb.mongo-client-bad-auth)\n - [https://cwe.mitre.org/data/definitions/477.html](https://cwe.mitre.org/data/definitions/477.html)\n",
-                "text": "Warning MONGODB-CR was deprecated with the release of MongoDB 3.6 and is no longer supported by MongoDB 4.0 (see https://api.mongodb.com/python/current/examples/authentication.html for details).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Stripe API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Stripe API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-stripe-api-key.detected-stripe-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pymongo.security.mongodb.mongo-client-bad-auth",
-              "id": "python.pymongo.security.mongodb.mongo-client-bad-auth",
-              "name": "python.pymongo.security.mongodb.mongo-client-bad-auth",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-477: Use of Obsolete Function",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pymongo.security.mongodb.mongo-client-bad-auth"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-fsx-lustre-files-ystem.aws-fsx-lustre-filesystem-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-fsx-lustre-files-ystem.aws-fsx-lustre-filesystem-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-fsx-lustre-files-ystem.aws-fsx-lustre-filesystem-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "MD5 hash algorithm detected. This is not collision resistant and leads to easily-cracked password hashes. Replace with current recommended hashing algorithms."
+              "full_description": {
+                "text": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-fsx-lustre-files-ystem.aws-fsx-lustre-filesystem-encrypted-with-cmk",
               "help": {
-                "markdown": "MD5 hash algorithm detected. This is not collision resistant and leads to easily-cracked password hashes. Replace with current recommended hashing algorithms.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/clojure.lang.security.use-of-md5.use-of-md5)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)\n",
-                "text": "MD5 hash algorithm detected. This is not collision resistant and leads to easily-cracked password hashes. Replace with current recommended hashing algorithms.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-fsx-lustre-files-ystem.aws-fsx-lustre-filesystem-encrypted-with-cmk)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/clojure.lang.security.use-of-md5.use-of-md5",
-              "id": "clojure.lang.security.use-of-md5.use-of-md5",
-              "name": "clojure.lang.security.use-of-md5.use-of-md5",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-328: Use of Weak Hash",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: clojure.lang.security.use-of-md5.use-of-md5"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.spring.security.audit.spel-injection.spel-injection",
+              "name": "java.spring.security.audit.spel-injection.spel-injection",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.audit.spel-injection.spel-injection"
               },
-              "fullDescription": {
-                "text": "Container is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccompProfile: unconfined' to prevent this."
+              "full_description": {
+                "text": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.audit.spel-injection.spel-injection",
               "help": {
-                "markdown": "Container is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccompProfile: unconfined' to prevent this.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.seccomp-confinement-disabled.seccomp-confinement-disabled)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n",
-                "text": "Container is explicitly disabling seccomp confinement. This runs the service in an unrestricted state. Remove 'seccompProfile: unconfined' to prevent this.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spel-injection.spel-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
-              "id": "yaml.kubernetes.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
-              "name": "yaml.kubernetes.security.seccomp-confinement-disabled.seccomp-confinement-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.seccomp-confinement-disabled.seccomp-confinement-disabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.insecure-deserialization.net-data-contract.insecure-netdatacontract-deserialization",
+              "name": "csharp.lang.security.insecure-deserialization.net-data-contract.insecure-netdatacontract-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.net-data-contract.insecure-netdatacontract-deserialization"
               },
-              "fullDescription": {
-                "text": "Calling `unserialize()` with user input in the pattern can lead to arbitrary code execution. Consider using JSON or structured data approaches (e.g. Google Protocol Buffers)."
+              "full_description": {
+                "text": "The NetDataContractSerializer type is dangerous and is not recommended for data processing. Applications should stop using NetDataContractSerializer as soon as possible, even if they believe the data they're processing to be trustworthy. NetDataContractSerializer is insecure and can't be made secure"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.net-data-contract.insecure-netdatacontract-deserialization",
               "help": {
-                "markdown": "Calling `unserialize()` with user input in the pattern can lead to arbitrary code execution. Consider using JSON or structured data approaches (e.g. Google Protocol Buffers).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.unserialize-use.unserialize-use)\n - [https://www.php.net/manual/en/function.unserialize.php](https://www.php.net/manual/en/function.unserialize.php)\n - [https://owasp.org/www-project-top-ten/2017/A8_2017-Insecure_Deserialization.html](https://owasp.org/www-project-top-ten/2017/A8_2017-Insecure_Deserialization.html)\n",
-                "text": "Calling `unserialize()` with user input in the pattern can lead to arbitrary code execution. Consider using JSON or structured data approaches (e.g. Google Protocol Buffers).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The NetDataContractSerializer type is dangerous and is not recommended for data processing. Applications should stop using NetDataContractSerializer as soon as possible, even if they believe the data they're processing to be trustworthy. NetDataContractSerializer is insecure and can't be made secure\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The NetDataContractSerializer type is dangerous and is not recommended for data processing. Applications should stop using NetDataContractSerializer as soon as possible, even if they believe the data they're processing to be trustworthy. NetDataContractSerializer is insecure and can't be made secure\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.net-data-contract.insecure-netdatacontract-deserialization)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.netdatacontractserializer?view=netframework-4.8#security](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.netdatacontractserializer?view=netframework-4.8#security)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.unserialize-use.unserialize-use",
-              "id": "php.lang.security.unserialize-use.unserialize-use",
-              "name": "php.lang.security.unserialize-use.unserialize-use",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A08:2017 - Insecure Deserialization",
                   "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.unserialize-use.unserialize-use"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2",
+              "name": "python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2"
               },
-              "fullDescription": {
-                "text": "Stacktrace information is displayed in a non-Development environment. Accidentally disclosing sensitive stack trace information in a production environment aids an attacker in reconnaissance and information gathering."
+              "full_description": {
+                "text": "Detected direct use of jinja2. If not done properly, this may bypass HTML escaping which opens up the application to cross-site scripting (XSS) vulnerabilities. Prefer using the Flask method 'render_template()' and templates with a '.html' extension in order to prevent XSS."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2",
               "help": {
-                "markdown": "Stacktrace information is displayed in a non-Development environment. Accidentally disclosing sensitive stack trace information in a production environment aids an attacker in reconnaissance and information gathering.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.stacktrace-disclosure.stacktrace-disclosure)\n - [https://cwe.mitre.org/data/definitions/209.html](https://cwe.mitre.org/data/definitions/209.html)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design/](https://owasp.org/Top10/A04_2021-Insecure_Design/)\n",
-                "text": "Stacktrace information is displayed in a non-Development environment. Accidentally disclosing sensitive stack trace information in a production environment aids an attacker in reconnaissance and information gathering.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected direct use of jinja2. If not done properly, this may bypass HTML escaping which opens up the application to cross-site scripting (XSS) vulnerabilities. Prefer using the Flask method 'render_template()' and templates with a '.html' extension in order to prevent XSS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected direct use of jinja2. If not done properly, this may bypass HTML escaping which opens up the application to cross-site scripting (XSS) vulnerabilities. Prefer using the Flask method 'render_template()' and templates with a '.html' extension in order to prevent XSS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2)\n - [https://jinja.palletsprojects.com/en/2.11.x/api/#basics](https://jinja.palletsprojects.com/en/2.11.x/api/#basics)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.stacktrace-disclosure.stacktrace-disclosure",
-              "id": "csharp.lang.security.stacktrace-disclosure.stacktrace-disclosure",
-              "name": "csharp.lang.security.stacktrace-disclosure.stacktrace-disclosure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-209: Generation of Error Message Containing Sensitive Information",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.stacktrace-disclosure.stacktrace-disclosure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "kotlin.lang.security.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
+              "name": "kotlin.lang.security.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated"
               },
-              "fullDescription": {
-                "text": "Avoid using unsafe `ruamel.yaml.YAML()`. `ruamel.yaml.YAML` can create arbitrary Python objects. A malicious actor could exploit this to run arbitrary code. Use `YAML(typ='rt')` or `YAML(typ='safe')` instead."
+              "full_description": {
+                "text": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use SystemDefaultHttpClient instead, which supports TLS1.2."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
               "help": {
-                "markdown": "Avoid using unsafe `ruamel.yaml.YAML()`. `ruamel.yaml.YAML` can create arbitrary Python objects. A malicious actor could exploit this to run arbitrary code. Use `YAML(typ='rt')` or `YAML(typ='safe')` instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.avoid-unsafe-ruamel.avoid-unsafe-ruamel)\n - [https://yaml.readthedocs.io/en/latest/basicuse.html?highlight=typ](https://yaml.readthedocs.io/en/latest/basicuse.html?highlight=typ)\n",
-                "text": "Avoid using unsafe `ruamel.yaml.YAML()`. `ruamel.yaml.YAML` can create arbitrary Python objects. A malicious actor could exploit this to run arbitrary code. Use `YAML(typ='rt')` or `YAML(typ='safe')` instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use SystemDefaultHttpClient instead, which supports TLS1.2.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use SystemDefaultHttpClient instead, which supports TLS1.2.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.deserialization.avoid-unsafe-ruamel.avoid-unsafe-ruamel",
-              "id": "python.lang.security.deserialization.avoid-unsafe-ruamel.avoid-unsafe-ruamel",
-              "name": "python.lang.security.deserialization.avoid-unsafe-ruamel.avoid-unsafe-ruamel",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.deserialization.avoid-unsafe-ruamel.avoid-unsafe-ruamel"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.azure.security.functionapp.functionapp-authentication-enabled.functionapp-authentication-enabled",
+              "name": "terraform.azure.security.functionapp.functionapp-authentication-enabled.functionapp-authentication-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.functionapp.functionapp-authentication-enabled.functionapp-authentication-enabled"
               },
-              "fullDescription": {
-                "text": "ASP.NET applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Set `debug` to `false` or remove it from `<compilation ... />`"
+              "full_description": {
+                "text": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.functionapp.functionapp-authentication-enabled.functionapp-authentication-enabled",
               "help": {
-                "markdown": "ASP.NET applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Set `debug` to `false` or remove it from `<compilation ... />`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.net-webconfig-debug.net-webconfig-debug)\n - [https://web.archive.org/web/20190919105353/https://blogs.msdn.microsoft.com/prashant_upadhyay/2011/07/14/why-debugfalse-in-asp-net-applications-in-production-environment/](https://web.archive.org/web/20190919105353/https://blogs.msdn.microsoft.com/prashant_upadhyay/2011/07/14/why-debugfalse-in-asp-net-applications-in-production-environment/)\n - [https://msdn.microsoft.com/en-us/library/e8z01xdh.aspx](https://msdn.microsoft.com/en-us/library/e8z01xdh.aspx)\n",
-                "text": "ASP.NET applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Set `debug` to `false` or remove it from `<compilation ... />`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.functionapp.functionapp-authentication-enabled.functionapp-authentication-enabled)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#enabled)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.dotnet.security.net-webconfig-debug.net-webconfig-debug",
-              "id": "csharp.dotnet.security.net-webconfig-debug.net-webconfig-debug",
-              "name": "csharp.dotnet.security.net-webconfig-debug.net-webconfig-debug",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-11: ASP.NET Misconfiguration: Creating Debug Binary",
+                  "CWE-287: Improper Authentication",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.dotnet.security.net-webconfig-debug.net-webconfig-debug"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.rails-skip-forgery-protection.rails-skip-forgery-protection",
+              "name": "ruby.rails.security.audit.rails-skip-forgery-protection.rails-skip-forgery-protection",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.rails-skip-forgery-protection.rails-skip-forgery-protection"
               },
-              "fullDescription": {
-                "text": "Found user-controlled request data being passed into a file open, which is them passed as an argument into the FileResponse. This is dangerous because an attacker could specify an arbitrary file to read, which could result in leaking important data. Be sure to validate or sanitize the user-inputted filename in the request data before using it in FileResponse."
+              "full_description": {
+                "text": "This call turns off CSRF protection allowing CSRF attacks against the application"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.rails-skip-forgery-protection.rails-skip-forgery-protection",
               "help": {
-                "markdown": "Found user-controlled request data being passed into a file open, which is them passed as an argument into the FileResponse. This is dangerous because an attacker could specify an arbitrary file to read, which could result in leaking important data. Be sure to validate or sanitize the user-inputted filename in the request data before using it in FileResponse.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.request-data-fileresponse.request-data-fileresponse)\n - [https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss](https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss)\n",
-                "text": "Found user-controlled request data being passed into a file open, which is them passed as an argument into the FileResponse. This is dangerous because an attacker could specify an arbitrary file to read, which could result in leaking important data. Be sure to validate or sanitize the user-inputted filename in the request data before using it in FileResponse.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "This call turns off CSRF protection allowing CSRF attacks against the application\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This call turns off CSRF protection allowing CSRF attacks against the application\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.rails-skip-forgery-protection.rails-skip-forgery-protection)\n - [https://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection/ClassMethods.html#method-i-skip_forgery_protection](https://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection/ClassMethods.html#method-i-skip_forgery_protection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.request-data-fileresponse.request-data-fileresponse",
-              "id": "python.django.security.injection.request-data-fileresponse.request-data-fileresponse",
-              "name": "python.django.security.injection.request-data-fileresponse.request-data-fileresponse",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.request-data-fileresponse.request-data-fileresponse"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-elb-access-logs-not-enabled.aws-elb-access-logs-not-enabled",
+              "name": "terraform.aws.security.aws-elb-access-logs-not-enabled.aws-elb-access-logs-not-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-elb-access-logs-not-enabled.aws-elb-access-logs-not-enabled"
               },
-              "fullDescription": {
-                "text": "Data from request is passed to os.path.join() and to open(). This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or Path library."
+              "full_description": {
+                "text": "ELB has no logging. Missing logs can cause missing important event information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-elb-access-logs-not-enabled.aws-elb-access-logs-not-enabled",
               "help": {
-                "markdown": "Data from request is passed to os.path.join() and to open(). This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or Path library.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n",
-                "text": "Data from request is passed to os.path.join() and to open(). This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or Path library.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "ELB has no logging. Missing logs can cause missing important event information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "ELB has no logging. Missing logs can cause missing important event information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-elb-access-logs-not-enabled.aws-elb-access-logs-not-enabled)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join",
-              "id": "python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join",
-              "name": "python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "CWE-326: Inadequate Encryption Strength",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.aws-lambda.security.vm-runincontext-injection.vm-runincontext-injection",
+              "name": "javascript.aws-lambda.security.vm-runincontext-injection.vm-runincontext-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.vm-runincontext-injection.vm-runincontext-injection"
               },
-              "fullDescription": {
-                "text": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized."
+              "full_description": {
+                "text": "The `vm` module enables compiling and running code within V8 Virtual Machine contexts. The `vm` module is not a security mechanism. Do not use it to run untrusted code. If code passed to `vm` functions is controlled by user input it could result in command injection. Do not let user input in `vm` functions."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.vm-runincontext-injection.vm-runincontext-injection",
               "help": {
-                "markdown": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "A formatted or concatenated string was detected as input to a java.lang.Runtime call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The `vm` module enables compiling and running code within V8 Virtual Machine contexts. The `vm` module is not a security mechanism. Do not use it to run untrusted code. If code passed to `vm` functions is controlled by user input it could result in command injection. Do not let user input in `vm` functions.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The `vm` module enables compiling and running code within V8 Virtual Machine contexts. The `vm` module is not a security mechanism. Do not use it to run untrusted code. If code passed to `vm` functions is controlled by user input it could result in command injection. Do not let user input in `vm` functions.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.vm-runincontext-injection.vm-runincontext-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
-              "id": "kotlin.lang.security.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
-              "name": "kotlin.lang.security.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.command-injection-formatted-runtime-call.command-injection-formatted-runtime-call"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-sauce-token.detected-sauce-token",
+              "name": "generic.secrets.security.detected-sauce-token.detected-sauce-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-sauce-token.detected-sauce-token"
               },
-              "fullDescription": {
-                "text": "Ensure that no IAM policies allow \"*\" as a statement's actions. This allows all actions to be performed on the specified resources, and is a violation of the principle of least privilege. Instead, specify the actions that a certain user or policy is allowed to take."
+              "full_description": {
+                "text": "Sauce Token detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-sauce-token.detected-sauce-token",
               "help": {
-                "markdown": "Ensure that no IAM policies allow \"*\" as a statement's actions. This allows all actions to be performed on the specified resources, and is a violation of the principle of least privilege. Instead, specify the actions that a certain user or policy is allowed to take.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-star-actions.no-iam-star-actions)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy)\n - [https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/StarActionPolicyDocument.py](https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/StarActionPolicyDocument.py)\n",
-                "text": "Ensure that no IAM policies allow \"*\" as a statement's actions. This allows all actions to be performed on the specified resources, and is a violation of the principle of least privilege. Instead, specify the actions that a certain user or policy is allowed to take.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Sauce Token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Sauce Token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-sauce-token.detected-sauce-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-star-actions.no-iam-star-actions",
-              "id": "terraform.lang.security.iam.no-iam-star-actions.no-iam-star-actions",
-              "name": "terraform.lang.security.iam.no-iam-star-actions.no-iam-star-actions",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-269: Improper Privilege Management",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-star-actions.no-iam-star-actions"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-config-aggregator-not-all-regions.aws-config-aggregator-not-all-regions",
+              "name": "terraform.aws.security.aws-config-aggregator-not-all-regions.aws-config-aggregator-not-all-regions",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-config-aggregator-not-all-regions.aws-config-aggregator-not-all-regions"
               },
-              "fullDescription": {
-                "text": "Semgrep found a Python reverse shell using $BINPATH to $IP at $PORT"
+              "full_description": {
+                "text": "The AWS configuration aggregator does not aggregate all AWS Config region. This may result in unmonitored configuration in regions that are thought to be unused. Configure the aggregator with all_regions for the source."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-config-aggregator-not-all-regions.aws-config-aggregator-not-all-regions",
               "help": {
-                "markdown": "Semgrep found a Python reverse shell using $BINPATH to $IP at $PORT\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.python-reverse-shell.python-reverse-shell)\n - [https://cwe.mitre.org/data/definitions/553.html](https://cwe.mitre.org/data/definitions/553.html)\n",
-                "text": "Semgrep found a Python reverse shell using $BINPATH to $IP at $PORT\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS configuration aggregator does not aggregate all AWS Config region. This may result in unmonitored configuration in regions that are thought to be unused. Configure the aggregator with all_regions for the source.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS configuration aggregator does not aggregate all AWS Config region. This may result in unmonitored configuration in regions that are thought to be unused. Configure the aggregator with all_regions for the source.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-config-aggregator-not-all-regions.aws-config-aggregator-not-all-regions)\n - [https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/](https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.python-reverse-shell.python-reverse-shell",
-              "id": "python.lang.security.audit.python-reverse-shell.python-reverse-shell",
-              "name": "python.lang.security.audit.python-reverse-shell.python-reverse-shell",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-553: Command Shell in Externally Accessible Directory",
-                  "LOW CONFIDENCE",
+                  "CWE-778: Insufficient Logging",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A09:2021 - Security Logging and Monitoring Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.python-reverse-shell.python-reverse-shell"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.angular.security.audit.angular-domsanitizer.angular-bypasssecuritytrust",
+              "name": "typescript.angular.security.audit.angular-domsanitizer.angular-bypasssecuritytrust",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.angular.security.audit.angular-domsanitizer.angular-bypasssecuritytrust"
+              },
+              "full_description": {
+                "text": "Detected the use of `$TRUST`. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. If you have to use `$TRUST`, ensure it does not come from user-input or use the appropriate prevention mechanism e.g. input validation or sanitization depending on the context."
               },
-              "fullDescription": {
-                "text": "Don\u2019t use the default session cookie name Using the default session cookie name can open your app to attacks. The security issue posed is similar to X-Powered-By: a potential attacker can use it to fingerprint the server and target attacks accordingly."
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/typescript.angular.security.audit.angular-domsanitizer.angular-bypasssecuritytrust",
               "help": {
-                "markdown": "Don\u2019t use the default session cookie name Using the default session cookie name can open your app to attacks. The security issue posed is similar to X-Powered-By: a potential attacker can use it to fingerprint the server and target attacks accordingly.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-default-name)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Don\u2019t use the default session cookie name Using the default session cookie name can open your app to attacks. The security issue posed is similar to X-Powered-By: a potential attacker can use it to fingerprint the server and target attacks accordingly.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected the use of `$TRUST`. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. If you have to use `$TRUST`, ensure it does not come from user-input or use the appropriate prevention mechanism e.g. input validation or sanitization depending on the context.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the use of `$TRUST`. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. If you have to use `$TRUST`, ensure it does not come from user-input or use the appropriate prevention mechanism e.g. input validation or sanitization depending on the context.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.angular.security.audit.angular-domsanitizer.angular-bypasssecuritytrust)\n - [https://angular.io/api/platform-browser/DomSanitizer](https://angular.io/api/platform-browser/DomSanitizer)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-default-name",
-              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-default-name",
-              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-default-name",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-default-name"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.apollo.security.apollo-axios-ssrf.apollo-axios-ssrf",
+              "name": "javascript.apollo.security.apollo-axios-ssrf.apollo-axios-ssrf",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.apollo.security.apollo-axios-ssrf.apollo-axios-ssrf"
               },
-              "fullDescription": {
-                "text": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need."
+              "full_description": {
+                "text": "User-controllable argument $DATAVAL to $METHOD passed to Axios via internal handler $INNERFUNC. This could be a server-side request forgery. A user could call a restricted API or leak internal headers to an unauthorized party. Validate your user arguments against an allowlist of known URLs, or consider refactoring so that user-controlled data is not necessary."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.apollo.security.apollo-axios-ssrf.apollo-axios-ssrf",
               "help": {
-                "markdown": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.code.user-exec-format-string.user-exec-format-string)\n - [https://owasp.org/www-community/attacks/Code_Injection](https://owasp.org/www-community/attacks/Code_Injection)\n",
-                "text": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User-controllable argument $DATAVAL to $METHOD passed to Axios via internal handler $INNERFUNC. This could be a server-side request forgery. A user could call a restricted API or leak internal headers to an unauthorized party. Validate your user arguments against an allowlist of known URLs, or consider refactoring so that user-controlled data is not necessary.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User-controllable argument $DATAVAL to $METHOD passed to Axios via internal handler $INNERFUNC. This could be a server-side request forgery. A user could call a restricted API or leak internal headers to an unauthorized party. Validate your user arguments against an allowlist of known URLs, or consider refactoring so that user-controlled data is not necessary.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.apollo.security.apollo-axios-ssrf.apollo-axios-ssrf)\n - [https://www.cvedetails.com/cve/CVE-2020-28168/](https://www.cvedetails.com/cve/CVE-2020-28168/)\n - [https://owasp.org/www-community/attacks/Server_Side_Request_Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.code.user-exec-format-string.user-exec-format-string",
-              "id": "python.django.security.injection.code.user-exec-format-string.user-exec-format-string",
-              "name": "python.django.security.injection.code.user-exec-format-string.user-exec-format-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.code.user-exec-format-string.user-exec-format-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.xss.templates.var-in-script-tag.var-in-script-tag",
+              "name": "ruby.rails.security.audit.xss.templates.var-in-script-tag.var-in-script-tag",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.var-in-script-tag.var-in-script-tag"
               },
-              "fullDescription": {
-                "text": "Unescaped '.' character in CORS domain regex $CORS: $PATTERN"
+              "full_description": {
+                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need to do this, use `escape_javascript` or its alias, `j`. However, this will not protect from XSS in all circumstances; see the references for more information. Consider placing this value in the HTML portion (outside of a script tag)."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.var-in-script-tag.var-in-script-tag",
               "help": {
-                "markdown": "Unescaped '.' character in CORS domain regex $CORS: $PATTERN\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.lang.security.audit.cors-regex-wildcard.cors-regex-wildcard)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Unescaped '.' character in CORS domain regex $CORS: $PATTERN\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need to do this, use `escape_javascript` or its alias, `j`. However, this will not protect from XSS in all circumstances; see the references for more information. Consider placing this value in the HTML portion (outside of a script tag).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need to do this, use `escape_javascript` or its alias, `j`. However, this will not protect from XSS in all circumstances; see the references for more information. Consider placing this value in the HTML portion (outside of a script tag).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.var-in-script-tag.var-in-script-tag)\n - [https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/](https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/)\n - [https://www.youtube.com/watch?v=yYTkLUEdIyE](https://www.youtube.com/watch?v=yYTkLUEdIyE)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.lang.security.audit.cors-regex-wildcard.cors-regex-wildcard",
-              "id": "typescript.lang.security.audit.cors-regex-wildcard.cors-regex-wildcard",
-              "name": "typescript.lang.security.audit.cors-regex-wildcard.cors-regex-wildcard",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-183: Permissive List of Allowed Inputs",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.lang.security.audit.cors-regex-wildcard.cors-regex-wildcard"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-square-oauth-secret.detected-square-oauth-secret",
+              "name": "generic.secrets.security.detected-square-oauth-secret.detected-square-oauth-secret",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-square-oauth-secret.detected-square-oauth-secret"
               },
-              "fullDescription": {
-                "text": "Avoid using 'strtok()'. This function directly modifies the first argument buffer, permanently erasing the delimiter character. Use 'strtok_r()' instead."
+              "full_description": {
+                "text": "Square OAuth Secret detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-square-oauth-secret.detected-square-oauth-secret",
               "help": {
-                "markdown": "Avoid using 'strtok()'. This function directly modifies the first argument buffer, permanently erasing the delimiter character. Use 'strtok_r()' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/c.lang.security.insecure-use-strtok-fn.insecure-use-strtok-fn)\n - [https://wiki.sei.cmu.edu/confluence/display/c/STR06-C.+Do+not+assume+that+strtok%28%29+leaves+the+parse+string+unchanged](https://wiki.sei.cmu.edu/confluence/display/c/STR06-C.+Do+not+assume+that+strtok%28%29+leaves+the+parse+string+unchanged)\n - [https://man7.org/linux/man-pages/man3/strtok.3.html#BUGS](https://man7.org/linux/man-pages/man3/strtok.3.html#BUGS)\n - [https://stackoverflow.com/a/40335556](https://stackoverflow.com/a/40335556)\n",
-                "text": "Avoid using 'strtok()'. This function directly modifies the first argument buffer, permanently erasing the delimiter character. Use 'strtok_r()' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Square OAuth Secret detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Square OAuth Secret detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-square-oauth-secret.detected-square-oauth-secret)\n - [https://github.com/Yelp/detect-secrets/blob/master/tests/plugins/square_oauth_test.py](https://github.com/Yelp/detect-secrets/blob/master/tests/plugins/square_oauth_test.py)\n"
               },
-              "helpUri": "https://semgrep.dev/r/c.lang.security.insecure-use-strtok-fn.insecure-use-strtok-fn",
-              "id": "c.lang.security.insecure-use-strtok-fn.insecure-use-strtok-fn",
-              "name": "c.lang.security.insecure-use-strtok-fn.insecure-use-strtok-fn",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-676: Use of Potentially Dangerous Function",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: c.lang.security.insecure-use-strtok-fn.insecure-use-strtok-fn"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "name": "go.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: go.aws-lambda.security.tainted-sql-string.tainted-sql-string"
               },
-              "fullDescription": {
-                "text": "Prefer Argon2id where possible. Per RFC9016, section 4 IETF recommends selecting Argon2id unless you can guarantee an adversary has no direct access to the computing environment."
+              "full_description": {
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/go.aws-lambda.security.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "Prefer Argon2id where possible. Per RFC9016, section 4 IETF recommends selecting Argon2id unless you can guarantee an adversary has no direct access to the computing environment.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.argon2.security.unsafe-argon2-config.unsafe-argon2-config)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)\n - [https://eprint.iacr.org/2016/759.pdf](https://eprint.iacr.org/2016/759.pdf)\n - [https://www.cs.tau.ac.il/~tromer/papers/cache-joc-20090619.pdf](https://www.cs.tau.ac.il/~tromer/papers/cache-joc-20090619.pdf)\n - [https://datatracker.ietf.org/doc/html/rfc9106#section-4](https://datatracker.ietf.org/doc/html/rfc9106#section-4)\n",
-                "text": "Prefer Argon2id where possible. Per RFC9016, section 4 IETF recommends selecting Argon2id unless you can guarantee an adversary has no direct access to the computing environment.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.aws-lambda.security.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.argon2.security.unsafe-argon2-config.unsafe-argon2-config",
-              "id": "javascript.argon2.security.unsafe-argon2-config.unsafe-argon2-config",
-              "name": "javascript.argon2.security.unsafe-argon2-config.unsafe-argon2-config",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-916: Use of Password Hash With Insufficient Computational Effort",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.argon2.security.unsafe-argon2-config.unsafe-argon2-config"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.playwright.security.audit.playwright-evaluate-code-injection.playwright-evaluate-code-injection",
+              "name": "javascript.playwright.security.audit.playwright-evaluate-code-injection.playwright-evaluate-code-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-evaluate-code-injection.playwright-evaluate-code-injection"
               },
-              "fullDescription": {
-                "text": "The AWS SSM logs are unencrypted or disabled. Please enable logs and use AWS KMS encryption key to protect SSM logs. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              "full_description": {
+                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-evaluate-code-injection.playwright-evaluate-code-injection",
               "help": {
-                "markdown": "The AWS SSM logs are unencrypted or disabled. Please enable logs and use AWS KMS encryption key to protect SSM logs. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ssm-document-logging-issues.aws-ssm-document-logging-issues)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS SSM logs are unencrypted or disabled. Please enable logs and use AWS KMS encryption key to protect SSM logs. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-evaluate-code-injection.playwright-evaluate-code-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-ssm-document-logging-issues.aws-ssm-document-logging-issues",
-              "id": "terraform.aws.security.aws-ssm-document-logging-issues.aws-ssm-document-logging-issues",
-              "name": "terraform.aws.security.aws-ssm-document-logging-issues.aws-ssm-document-logging-issues",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-ssm-document-logging-issues.aws-ssm-document-logging-issues"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.aws-lambda.security.sequel-sqli.sequel-sqli",
+              "name": "ruby.aws-lambda.security.sequel-sqli.sequel-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.aws-lambda.security.sequel-sqli.sequel-sqli"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link %>'. You may also consider setting the Content Security Policy (CSP) header."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `DB['select * from items where name = ?', name]`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.aws-lambda.security.sequel-sqli.sequel-sqli",
               "help": {
-                "markdown": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link %>'. You may also consider setting the Content Security Policy (CSP) header.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-href.var-in-href)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss#:~:text=javascript:%20URI)\n - [https://github.com/pugjs/pug/issues/2952](https://github.com/pugjs/pug/issues/2952)\n",
-                "text": "Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/<%= link %>'. You may also consider setting the Content Security Policy (CSP) header.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `DB['select * from items where name = ?', name]`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `DB['select * from items where name = ?', name]`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.sequel-sqli.sequel-sqli)\n - [https://github.com/jeremyevans/sequel#label-Arbitrary+SQL+queries](https://github.com/jeremyevans/sequel#label-Arbitrary+SQL+queries)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-href.var-in-href",
-              "id": "javascript.express.security.audit.xss.ejs.var-in-href.var-in-href",
-              "name": "javascript.express.security.audit.xss.ejs.var-in-href.var-in-href",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.ejs.var-in-href.var-in-href"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.sqli.pg-sqli.pg-sqli",
+              "name": "go.lang.security.audit.sqli.pg-sqli.pg-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.sqli.pg-sqli.pg-sqli"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `sequelize.query('SELECT * FROM projects WHERE status = ?', { replacements: ['active'], type: QueryTypes.SELECT });`"
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a go-pg SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead of string concatenation. You can use parameterized queries like so: '(SELECT ? FROM table, data1)'"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.sqli.pg-sqli.pg-sqli",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `sequelize.query('SELECT * FROM projects WHERE status = ?', { replacements: ['active'], type: QueryTypes.SELECT });`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.sequelize-sqli.sequelize-sqli)\n - [https://sequelize.org/master/manual/raw-queries.html](https://sequelize.org/master/manual/raw-queries.html)\n",
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `sequelize.query('SELECT * FROM projects WHERE status = ?', { replacements: ['active'], type: QueryTypes.SELECT });`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in a go-pg SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead of string concatenation. You can use parameterized queries like so: '(SELECT ? FROM table, data1)'\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a go-pg SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead of string concatenation. You can use parameterized queries like so: '(SELECT ? FROM table, data1)'\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.sqli.pg-sqli.pg-sqli)\n - [https://pg.uptrace.dev/](https://pg.uptrace.dev/)\n - [https://pkg.go.dev/github.com/go-pg/pg/v10](https://pkg.go.dev/github.com/go-pg/pg/v10)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.sequelize-sqli.sequelize-sqli",
-              "id": "javascript.aws-lambda.security.sequelize-sqli.sequelize-sqli",
-              "name": "javascript.aws-lambda.security.sequelize-sqli.sequelize-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.sequelize-sqli.sequelize-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.azure.security.storage.storage-enforce-https.storage-enforce-https",
+              "name": "terraform.azure.security.storage.storage-enforce-https.storage-enforce-https",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.storage.storage-enforce-https.storage-enforce-https"
               },
-              "fullDescription": {
-                "text": "Found user-controlled data used in a system call. This could allow a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability."
+              "full_description": {
+                "text": "Detected a Storage that was not configured to deny action by default. Add `enable_https_traffic_only = true` in your resource block."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.storage.storage-enforce-https.storage-enforce-https",
               "help": {
-                "markdown": "Found user-controlled data used in a system call. This could allow a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-system-call.dangerous-system-call)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n",
-                "text": "Found user-controlled data used in a system call. This could allow a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a Storage that was not configured to deny action by default. Add `enable_https_traffic_only = true` in your resource block.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a Storage that was not configured to deny action by default. Add `enable_https_traffic_only = true` in your resource block.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.storage.storage-enforce-https.storage-enforce-https)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#enable_https_traffic_only](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#enable_https_traffic_only)\n - [https://docs.microsoft.com/en-us/azure/storage/common/storage-require-secure-transfer](https://docs.microsoft.com/en-us/azure/storage/common/storage-require-secure-transfer)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.dangerous-system-call.dangerous-system-call",
-              "id": "python.lang.security.dangerous-system-call.dangerous-system-call",
-              "name": "python.lang.security.dangerous-system-call.dangerous-system-call",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.dangerous-system-call.dangerous-system-call"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "php.lang.security.openssl-cbc-static-iv.openssl-cbc-static-iv",
+              "name": "php.lang.security.openssl-cbc-static-iv.openssl-cbc-static-iv",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.openssl-cbc-static-iv.openssl-cbc-static-iv"
               },
-              "fullDescription": {
-                "text": "GitHub Token detected"
+              "full_description": {
+                "text": "Static IV used with AES in CBC mode. Static IVs enable chosen-plaintext attacks against encrypted data."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.openssl-cbc-static-iv.openssl-cbc-static-iv",
               "help": {
-                "markdown": "GitHub Token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-github-token.detected-github-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "GitHub Token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Static IV used with AES in CBC mode. Static IVs enable chosen-plaintext attacks against encrypted data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Static IV used with AES in CBC mode. Static IVs enable chosen-plaintext attacks against encrypted data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.openssl-cbc-static-iv.openssl-cbc-static-iv)\n - [https://csrc.nist.gov/publications/detail/sp/800-38a/final](https://csrc.nist.gov/publications/detail/sp/800-38a/final)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-github-token.detected-github-token",
-              "id": "generic.secrets.security.detected-github-token.detected-github-token",
-              "name": "generic.secrets.security.detected-github-token.detected-github-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-329: Generation of Predictable IV with CBC Mode",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-github-token.detected-github-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.rails.security.audit.xss.templates.avoid-html-safe.avoid-html-safe",
+              "name": "ruby.rails.security.audit.xss.templates.avoid-html-safe.avoid-html-safe",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.avoid-html-safe.avoid-html-safe"
               },
-              "fullDescription": {
-                "text": "In $METHOD, $X is used to construct a SQL query via string concatenation."
+              "full_description": {
+                "text": "'html_safe' renders raw HTML. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-html-safe.avoid-html-safe",
               "help": {
-                "markdown": "In $METHOD, $X is used to construct a SQL query via string concatenation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.jboss.security.session_sqli.find-sql-string-concatenation)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "In $METHOD, $X is used to construct a SQL query via string concatenation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'html_safe' renders raw HTML. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'html_safe' renders raw HTML. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-html-safe.avoid-html-safe)\n - [https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===](https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===)\n - [https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027](https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.jboss.security.session_sqli.find-sql-string-concatenation",
-              "id": "java.jboss.security.session_sqli.find-sql-string-concatenation",
-              "name": "java.jboss.security.session_sqli.find-sql-string-concatenation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.jboss.security.session_sqli.find-sql-string-concatenation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.net.formatted-template-string.formatted-template-string",
+              "name": "go.lang.security.audit.net.formatted-template-string.formatted-template-string",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.formatted-template-string.formatted-template-string"
               },
-              "fullDescription": {
-                "text": "The object is passed strictly to jose.JWT.sign(...) Make sure that sensitive information is not exposed through JWT token payload."
+              "full_description": {
+                "text": "Found a formatted template string passed to 'template.HTML()'. 'template.HTML()' does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.formatted-template-string.formatted-template-string",
               "help": {
-                "markdown": "The object is passed strictly to jose.JWT.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jose.security.audit.jose-exposed-data.jose-exposed-data)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "The object is passed strictly to jose.JWT.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found a formatted template string passed to 'template.HTML()'. 'template.HTML()' does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a formatted template string passed to 'template.HTML()'. 'template.HTML()' does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.formatted-template-string.formatted-template-string)\n - [https://golang.org/pkg/html/template/#HTML](https://golang.org/pkg/html/template/#HTML)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.jose.security.audit.jose-exposed-data.jose-exposed-data",
-              "id": "javascript.jose.security.audit.jose-exposed-data.jose-exposed-data",
-              "name": "javascript.jose.security.audit.jose-exposed-data.jose-exposed-data",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.jose.security.audit.jose-exposed-data.jose-exposed-data"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request",
+              "name": "java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request"
               },
-              "fullDescription": {
-                "text": "`Clean` is not intended to sanitize against path traversal attacks. This function is for finding the shortest path name equivalent to the given input. Using `Clean` to sanitize file reads may expose this application to path traversal attacks, where an attacker could access arbitrary files on the server. To fix this easily, write this: `filepath.FromSlash(path.Clean(\"/\"+strings.Trim(req.URL.Path, \"/\")))` However, a better solution is using the `SecureJoin` function in the package `filepath-securejoin`. See https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme."
+              "full_description": {
+                "text": "Detected input from a HTTPServletRequest going into a SQL sink or statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request",
               "help": {
-                "markdown": "`Clean` is not intended to sanitize against path traversal attacks. This function is for finding the shortest path name equivalent to the given input. Using `Clean` to sanitize file reads may expose this application to path traversal attacks, where an attacker could access arbitrary files on the server. To fix this easily, write this: `filepath.FromSlash(path.Clean(\"/\"+strings.Trim(req.URL.Path, \"/\")))` However, a better solution is using the `SecureJoin` function in the package `filepath-securejoin`. See https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.filepath-clean-misuse.filepath-clean-misuse)\n - [https://pkg.go.dev/path#Clean](https://pkg.go.dev/path#Clean)\n - [http://technosophos.com/2016/03/31/go-quickly-cleaning-filepaths.html](http://technosophos.com/2016/03/31/go-quickly-cleaning-filepaths.html)\n - [https://labs.detectify.com/2021/12/15/zero-day-path-traversal-grafana/](https://labs.detectify.com/2021/12/15/zero-day-path-traversal-grafana/)\n - [https://dzx.cz/2021/04/02/go_path_traversal/](https://dzx.cz/2021/04/02/go_path_traversal/)\n - [https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme](https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme)\n",
-                "text": "`Clean` is not intended to sanitize against path traversal attacks. This function is for finding the shortest path name equivalent to the given input. Using `Clean` to sanitize file reads may expose this application to path traversal attacks, where an attacker could access arbitrary files on the server. To fix this easily, write this: `filepath.FromSlash(path.Clean(\"/\"+strings.Trim(req.URL.Path, \"/\")))` However, a better solution is using the `SecureJoin` function in the package `filepath-securejoin`. See https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected input from a HTTPServletRequest going into a SQL sink or statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected input from a HTTPServletRequest going into a SQL sink or statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.filepath-clean-misuse.filepath-clean-misuse",
-              "id": "go.lang.security.filepath-clean-misuse.filepath-clean-misuse",
-              "name": "go.lang.security.filepath-clean-misuse.filepath-clean-misuse",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.filepath-clean-misuse.filepath-clean-misuse"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.xss.no-printf-in-responsewriter.no-printf-in-responsewriter",
+              "name": "go.lang.security.audit.xss.no-printf-in-responsewriter.no-printf-in-responsewriter",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.xss.no-printf-in-responsewriter.no-printf-in-responsewriter"
               },
-              "fullDescription": {
-                "text": "The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method."
+              "full_description": {
+                "text": "Detected 'printf' or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-printf-in-responsewriter.no-printf-in-responsewriter",
               "help": {
-                "markdown": "The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.html-magic-method.html-magic-method)\n - [https://docs.djangoproject.com/en/3.0/_modules/django/utils/html/#conditional_escape](https://docs.djangoproject.com/en/3.0/_modules/django/utils/html/#conditional_escape)\n - [https://gist.github.com/minusworld/7885d8a81dba3ea2d1e4b8fd3c218ef5](https://gist.github.com/minusworld/7885d8a81dba3ea2d1e4b8fd3c218ef5)\n",
-                "text": "The `__html__` method indicates to the Django template engine that the value is 'safe' for rendering. This means that normal HTML escaping will not be applied to the return value. This exposes your application to cross-site scripting (XSS) vulnerabilities. If you need to render raw HTML, consider instead using `mark_safe()` which more clearly marks the intent to render raw HTML than a class with a magic method.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected 'printf' or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected 'printf' or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-printf-in-responsewriter.no-printf-in-responsewriter)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.html-magic-method.html-magic-method",
-              "id": "python.django.security.audit.xss.html-magic-method.html-magic-method",
-              "name": "python.django.security.audit.xss.html-magic-method.html-magic-method",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -13526,1335 +14273,1418 @@
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.html-magic-method.html-magic-method"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.jwt.security.jwt-none-alg.ruby-jwt-none-alg",
+              "name": "ruby.jwt.security.jwt-none-alg.ruby-jwt-none-alg",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.jwt.security.jwt-none-alg.ruby-jwt-none-alg"
               },
-              "fullDescription": {
-                "text": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead."
+              "full_description": {
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.jwt.security.jwt-none-alg.ruby-jwt-none-alg",
               "help": {
-                "markdown": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.bad-hexa-conversion.bad-hexa-conversion)\n - [https://cwe.mitre.org/data/definitions/704.html](https://cwe.mitre.org/data/definitions/704.html)\n",
-                "text": "'Integer.toHexString()' strips leading zeroes from each byte if read byte-by-byte. This mistake weakens the hash value computed since it introduces more collisions. Use 'String.format(\"%02X\", ...)' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.jwt.security.jwt-none-alg.ruby-jwt-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.bad-hexa-conversion.bad-hexa-conversion",
-              "id": "kotlin.lang.security.bad-hexa-conversion.bad-hexa-conversion",
-              "name": "kotlin.lang.security.bad-hexa-conversion.bad-hexa-conversion",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-704: Incorrect Type Conversion or Cast",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
+              }
+            },
+            {
+              "id": "ruby.lang.security.no-send.bad-send",
+              "name": "ruby.lang.security.no-send.bad-send",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.no-send.bad-send"
+              },
+              "full_description": {
+                "text": "Checks for unsafe use of Object#send, try, __send__, and public_send. These only account for unsafe use of a method, not target. This can lead to arbitrary calling of exit, along with arbitrary code execution. Please be sure to sanitize input in order to avoid this."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.no-send.bad-send",
+              "help": {
+                "text": "Checks for unsafe use of Object#send, try, __send__, and public_send. These only account for unsafe use of a method, not target. This can lead to arbitrary calling of exit, along with arbitrary code execution. Please be sure to sanitize input in order to avoid this.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for unsafe use of Object#send, try, __send__, and public_send. These only account for unsafe use of a method, not target. This can lead to arbitrary calling of exit, along with arbitrary code execution. Please be sure to sanitize input in order to avoid this.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.no-send.bad-send)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_send.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_send.rb)\n - [https://the.igreque.info/posts/2016/01-object-send-considered-harmful-en.html](https://the.igreque.info/posts/2016/01-object-send-considered-harmful-en.html)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
+              }
+            },
+            {
+              "id": "java.lang.security.audit.tainted-ldapi-from-http-request.tainted-ldapi-from-http-request",
+              "name": "java.lang.security.audit.tainted-ldapi-from-http-request.tainted-ldapi-from-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.tainted-ldapi-from-http-request.tainted-ldapi-from-http-request"
+              },
+              "full_description": {
+                "text": "Detected input from a HTTPServletRequest going into an LDAP query. This could lead to LDAP injection if the input is not properly sanitized, which could result in attackers modifying objects in the LDAP tree structure. Ensure data passed to an LDAP query is not controllable or properly sanitize the data."
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.bad-hexa-conversion.bad-hexa-conversion"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "Possible JDBC injection detected. Use the parameterized query feature available in queryForObject instead of concatenating or formatting strings: 'jdbc.queryForObject(\"select * from table where name = ?\", Integer.class, parameterName);'"
-              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.tainted-ldapi-from-http-request.tainted-ldapi-from-http-request",
               "help": {
-                "markdown": "Possible JDBC injection detected. Use the parameterized query feature available in queryForObject instead of concatenating or formatting strings: 'jdbc.queryForObject(\"select * from table where name = ?\", Integer.class, parameterName);'\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.jdbc-sql-formatted-string.jdbc-sql-formatted-string)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Possible JDBC injection detected. Use the parameterized query feature available in queryForObject instead of concatenating or formatting strings: 'jdbc.queryForObject(\"select * from table where name = ?\", Integer.class, parameterName);'\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected input from a HTTPServletRequest going into an LDAP query. This could lead to LDAP injection if the input is not properly sanitized, which could result in attackers modifying objects in the LDAP tree structure. Ensure data passed to an LDAP query is not controllable or properly sanitize the data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected input from a HTTPServletRequest going into an LDAP query. This could lead to LDAP injection if the input is not properly sanitized, which could result in attackers modifying objects in the LDAP tree structure. Ensure data passed to an LDAP query is not controllable or properly sanitize the data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.tainted-ldapi-from-http-request.tainted-ldapi-from-http-request)\n - [https://sensei.securecodewarrior.com/recipes/scw%3Ajava%3ALDAP-injection](https://sensei.securecodewarrior.com/recipes/scw%3Ajava%3ALDAP-injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.jdbc-sql-formatted-string.jdbc-sql-formatted-string",
-              "id": "java.lang.security.audit.jdbc-sql-formatted-string.jdbc-sql-formatted-string",
-              "name": "java.lang.security.audit.jdbc-sql-formatted-string.jdbc-sql-formatted-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
+                  "CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.jdbc-sql-formatted-string.jdbc-sql-formatted-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.kubernetes.security.legacy-api-clusterrole-excessive-permissions.legacy-api-clusterrole-excessive-permissions",
+              "name": "yaml.kubernetes.security.legacy-api-clusterrole-excessive-permissions.legacy-api-clusterrole-excessive-permissions",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.legacy-api-clusterrole-excessive-permissions.legacy-api-clusterrole-excessive-permissions"
               },
-              "fullDescription": {
-                "text": "'mark_safe()' is used to mark a string as \"safe\" for HTML output. This disables escaping and could therefore subject the content to XSS attacks. Use 'django.utils.html.format_html()' to build HTML for rendering instead."
+              "full_description": {
+                "text": "Semgrep detected a Kubernetes core API ClusterRole with excessive permissions. Attaching excessive permissions to a ClusterRole associated with the core namespace allows the V1 API to perform arbitrary actions on arbitrary resources attached to the cluster. Prefer explicit allowlists of verbs/resources when configuring the core API namespace. "
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.legacy-api-clusterrole-excessive-permissions.legacy-api-clusterrole-excessive-permissions",
               "help": {
-                "markdown": "'mark_safe()' is used to mark a string as \"safe\" for HTML output. This disables escaping and could therefore subject the content to XSS attacks. Use 'django.utils.html.format_html()' to build HTML for rendering instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.avoid-mark-safe.avoid-mark-safe)\n - [https://docs.djangoproject.com/en/3.0/ref/utils/#django.utils.safestring.mark_safe](https://docs.djangoproject.com/en/3.0/ref/utils/#django.utils.safestring.mark_safe)\n - [https://docs.djangoproject.com/en/3.0/ref/utils/#django.utils.html.format_html](https://docs.djangoproject.com/en/3.0/ref/utils/#django.utils.html.format_html)\n",
-                "text": "'mark_safe()' is used to mark a string as \"safe\" for HTML output. This disables escaping and could therefore subject the content to XSS attacks. Use 'django.utils.html.format_html()' to build HTML for rendering instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Semgrep detected a Kubernetes core API ClusterRole with excessive permissions. Attaching excessive permissions to a ClusterRole associated with the core namespace allows the V1 API to perform arbitrary actions on arbitrary resources attached to the cluster. Prefer explicit allowlists of verbs/resources when configuring the core API namespace. \n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Semgrep detected a Kubernetes core API ClusterRole with excessive permissions. Attaching excessive permissions to a ClusterRole associated with the core namespace allows the V1 API to perform arbitrary actions on arbitrary resources attached to the cluster. Prefer explicit allowlists of verbs/resources when configuring the core API namespace. \n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.legacy-api-clusterrole-excessive-permissions.legacy-api-clusterrole-excessive-permissions)\n - [https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole)\n - [https://kubernetes.io/docs/concepts/security/rbac-good-practices/#general-good-practice](https://kubernetes.io/docs/concepts/security/rbac-good-practices/#general-good-practice)\n - [https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#api-groups](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#api-groups)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.avoid-mark-safe.avoid-mark-safe",
-              "id": "python.django.security.audit.avoid-mark-safe.avoid-mark-safe",
-              "name": "python.django.security.audit.avoid-mark-safe.avoid-mark-safe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-269: Improper Privilege Management",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.avoid-mark-safe.avoid-mark-safe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.path-traversal.path-traversal-file-name.path-traversal-file-name",
+              "name": "python.django.security.injection.path-traversal.path-traversal-file-name.path-traversal-file-name",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.path-traversal.path-traversal-file-name.path-traversal-file-name"
               },
-              "fullDescription": {
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              "full_description": {
+                "text": "Data from request is passed to a file name `$FILE`. This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-file-name.path-traversal-file-name",
               "help": {
-                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1)\n - [https://cryptography.io/en/latest/hazmat/primitives/cryptographic-hashes/#sha-1](https://cryptography.io/en/latest/hazmat/primitives/cryptographic-hashes/#sha-1)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n",
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Data from request is passed to a file name `$FILE`. This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data from request is passed to a file name `$FILE`. This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-file-name.path-traversal-file-name)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.cryptography.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
-              "id": "python.cryptography.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
-              "name": "python.cryptography.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.cryptography.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.dangerous-open.dangerous-open",
+              "name": "ruby.lang.security.dangerous-open.dangerous-open",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.dangerous-open.dangerous-open"
               },
-              "fullDescription": {
-                "text": "Checks for setting the environment variable NODE_TLS_REJECT_UNAUTHORIZED to 0, which disables TLS verification. This should only be used for debugging purposes. Setting the option rejectUnauthorized to false bypasses verification against the list of trusted CAs, which also leads to insecure transport. These options lead to vulnerability to MTM attacks, and should not be used."
+              "full_description": {
+                "text": "Detected non-static command inside 'open'. Audit the input to 'open'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.dangerous-open.dangerous-open",
               "help": {
-                "markdown": "Checks for setting the environment variable NODE_TLS_REJECT_UNAUTHORIZED to 0, which disables TLS verification. This should only be used for debugging purposes. Setting the option rejectUnauthorized to false bypasses verification against the list of trusted CAs, which also leads to insecure transport. These options lead to vulnerability to MTM attacks, and should not be used.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.bypass-tls-verification.bypass-tls-verification)\n - [https://nodejs.org/api/https.html#https_https_request_options_callback](https://nodejs.org/api/https.html#https_https_request_options_callback)\n - [https://stackoverflow.com/questions/20433287/node-js-request-cert-has-expired#answer-29397100](https://stackoverflow.com/questions/20433287/node-js-request-cert-has-expired#answer-29397100)\n",
-                "text": "Checks for setting the environment variable NODE_TLS_REJECT_UNAUTHORIZED to 0, which disables TLS verification. This should only be used for debugging purposes. Setting the option rejectUnauthorized to false bypasses verification against the list of trusted CAs, which also leads to insecure transport. These options lead to vulnerability to MTM attacks, and should not be used.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected non-static command inside 'open'. Audit the input to 'open'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-static command inside 'open'. Audit the input to 'open'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.dangerous-open.dangerous-open)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.bypass-tls-verification.bypass-tls-verification",
-              "id": "problem-based-packs.insecure-transport.js-node.bypass-tls-verification.bypass-tls-verification",
-              "name": "problem-based-packs.insecure-transport.js-node.bypass-tls-verification.bypass-tls-verification",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.bypass-tls-verification.bypass-tls-verification"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.puppeteer.security.audit.puppeteer-evaluate-code-injection.puppeteer-evaluate-code-injection",
+              "name": "javascript.puppeteer.security.audit.puppeteer-evaluate-code-injection.puppeteer-evaluate-code-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.puppeteer.security.audit.puppeteer-evaluate-code-injection.puppeteer-evaluate-code-injection"
               },
-              "fullDescription": {
-                "text": "Specifying the regex timeout leaves the system vulnerable to a regex-based Denial of Service (DoS) attack. Consider setting the timeout to a short amount of time like 2 or 3 seconds. If you are sure you need an infinite timeout, double check that your context meets the conditions outlined in the \"Notes to Callers\" section at the bottom of this page: https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.-ctor?view=net-6.0"
+              "full_description": {
+                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-evaluate-code-injection.puppeteer-evaluate-code-injection",
               "help": {
-                "markdown": "Specifying the regex timeout leaves the system vulnerable to a regex-based Denial of Service (DoS) attack. Consider setting the timeout to a short amount of time like 2 or 3 seconds. If you are sure you need an infinite timeout, double check that your context meets the conditions outlined in the \"Notes to Callers\" section at the bottom of this page: https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.-ctor?view=net-6.0\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.regular-expression-dos.regular-expression-dos-infinite-timeout.regular-expression-dos-infinite-timeout)\n - [https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.infinitematchtimeout](https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.infinitematchtimeout)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.-ctor?view=net-6.0](https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.-ctor?view=net-6.0)\n",
-                "text": "Specifying the regex timeout leaves the system vulnerable to a regex-based Denial of Service (DoS) attack. Consider setting the timeout to a short amount of time like 2 or 3 seconds. If you are sure you need an infinite timeout, double check that your context meets the conditions outlined in the \"Notes to Callers\" section at the bottom of this page: https://docs.microsoft.com/en-us/dotnet/api/system.text.regularexpressions.regex.-ctor?view=net-6.0\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-evaluate-code-injection.puppeteer-evaluate-code-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.regular-expression-dos.regular-expression-dos-infinite-timeout.regular-expression-dos-infinite-timeout",
-              "id": "csharp.lang.security.regular-expression-dos.regular-expression-dos-infinite-timeout.regular-expression-dos-infinite-timeout",
-              "name": "csharp.lang.security.regular-expression-dos.regular-expression-dos-infinite-timeout.regular-expression-dos-infinite-timeout",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1333: Inefficient Regular Expression Complexity",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.regular-expression-dos.regular-expression-dos-infinite-timeout.regular-expression-dos-infinite-timeout"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.lang.security.iam.no-iam-creds-exposure.no-iam-creds-exposure",
+              "name": "terraform.lang.security.iam.no-iam-creds-exposure.no-iam-creds-exposure",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-creds-exposure.no-iam-creds-exposure"
               },
-              "fullDescription": {
-                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)"
+              "full_description": {
+                "text": "Ensure IAM policies don't allow credentials exposure. Credentials exposure actions return credentials as part of the API response, and can possibly lead to leaking important credentials. Instead, use another action that doesn't return sensitive data as part of the API response."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-creds-exposure.no-iam-creds-exposure",
               "help": {
-                "markdown": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.jwt.security.jwt-hardcode.ruby-jwt-hardcoded-secret)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure IAM policies don't allow credentials exposure. Credentials exposure actions return credentials as part of the API response, and can possibly lead to leaking important credentials. Instead, use another action that doesn't return sensitive data as part of the API response.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure IAM policies don't allow credentials exposure. Credentials exposure actions return credentials as part of the API response, and can possibly lead to leaking important credentials. Instead, use another action that doesn't return sensitive data as part of the API response.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-creds-exposure.no-iam-creds-exposure)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/credentials-exposure/](https://cloudsplaining.readthedocs.io/en/latest/glossary/credentials-exposure/)\n - [https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMCredentialsExposure.py](https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMCredentialsExposure.py)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.jwt.security.jwt-hardcode.ruby-jwt-hardcoded-secret",
-              "id": "ruby.jwt.security.jwt-hardcode.ruby-jwt-hardcoded-secret",
-              "name": "ruby.jwt.security.jwt-hardcode.ruby-jwt-hardcoded-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.jwt.security.jwt-hardcode.ruby-jwt-hardcoded-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.xss.pug.and-attributes.template-and-attributes",
+              "name": "javascript.express.security.audit.xss.pug.and-attributes.template-and-attributes",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.pug.and-attributes.template-and-attributes"
               },
-              "fullDescription": {
-                "text": "Backticks use may lead to command injection vulnerabilities."
+              "full_description": {
+                "text": "Detected a unescaped variables using '&attributes'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.pug.and-attributes.template-and-attributes",
               "help": {
-                "markdown": "Backticks use may lead to command injection vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.backticks-use.backticks-use)\n - [https://www.php.net/manual/en/language.operators.execution.php](https://www.php.net/manual/en/language.operators.execution.php)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/BackticksSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/BackticksSniff.php)\n",
-                "text": "Backticks use may lead to command injection vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a unescaped variables using '&attributes'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a unescaped variables using '&attributes'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.pug.and-attributes.template-and-attributes)\n - [https://pugjs.org/language/attributes.html#attributes](https://pugjs.org/language/attributes.html#attributes)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.backticks-use.backticks-use",
-              "id": "php.lang.security.backticks-use.backticks-use",
-              "name": "php.lang.security.backticks-use.backticks-use",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.backticks-use.backticks-use"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.lang.security.audit.path-traversal-fromfile.path-traversal-fromfile",
+              "name": "scala.lang.security.audit.path-traversal-fromfile.path-traversal-fromfile",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.path-traversal-fromfile.path-traversal-fromfile"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "Flags cases of possible path traversal. If an unfiltered parameter is passed into 'fromFile', file from an arbitrary filesystem location could be read. This could lead to sensitive data exposure and other provles. Instead, sanitize the user input instead of performing direct string concatenation."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.path-traversal-fromfile.path-traversal-fromfile",
               "help": {
-                "markdown": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-evaluate-arg-injection.puppeteer-evaluate-arg-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Flags cases of possible path traversal. If an unfiltered parameter is passed into 'fromFile', file from an arbitrary filesystem location could be read. This could lead to sensitive data exposure and other provles. Instead, sanitize the user input instead of performing direct string concatenation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Flags cases of possible path traversal. If an unfiltered parameter is passed into 'fromFile', file from an arbitrary filesystem location could be read. This could lead to sensitive data exposure and other provles. Instead, sanitize the user input instead of performing direct string concatenation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.path-traversal-fromfile.path-traversal-fromfile)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-evaluate-arg-injection.puppeteer-evaluate-arg-injection",
-              "id": "javascript.puppeteer.security.audit.puppeteer-evaluate-arg-injection.puppeteer-evaluate-arg-injection",
-              "name": "javascript.puppeteer.security.audit.puppeteer-evaluate-arg-injection.puppeteer-evaluate-arg-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.puppeteer.security.audit.puppeteer-evaluate-arg-injection.puppeteer-evaluate-arg-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.java-jwt.security.audit.jwt-decode-without-verify.java-jwt-decode-without-verify",
+              "name": "java.java-jwt.security.audit.jwt-decode-without-verify.java-jwt-decode-without-verify",
+              "short_description": {
+                "text": "Semgrep Finding: java.java-jwt.security.audit.jwt-decode-without-verify.java-jwt-decode-without-verify"
               },
-              "fullDescription": {
-                "text": "Ensure EMR is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.java-jwt.security.audit.jwt-decode-without-verify.java-jwt-decode-without-verify",
               "help": {
-                "markdown": "Ensure EMR is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-emr-encrypted-with-cmk.aws-emr-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure EMR is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.java-jwt.security.audit.jwt-decode-without-verify.java-jwt-decode-without-verify)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-emr-encrypted-with-cmk.aws-emr-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-emr-encrypted-with-cmk.aws-emr-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-emr-encrypted-with-cmk.aws-emr-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-345: Insufficient Verification of Data Authenticity",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-emr-encrypted-with-cmk.aws-emr-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.url-rewriting.url-rewriting",
+              "name": "java.lang.security.audit.url-rewriting.url-rewriting",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.url-rewriting.url-rewriting"
               },
-              "fullDescription": {
-                "text": "The Origin header in the HTTP WebSocket handshake is used to guarantee that the connection accepted by the WebSocket is from a trusted origin domain. Failure to enforce can lead to Cross Site Request Forgery (CSRF). As per \"gorilla/websocket\" documentation: \"A CheckOrigin function should carefully validate the request origin to prevent cross-site request forgery.\""
+              "full_description": {
+                "text": "URL rewriting has significant security risks. Since session ID appears in the URL, it may be easily seen by third parties."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.url-rewriting.url-rewriting",
               "help": {
-                "markdown": "The Origin header in the HTTP WebSocket handshake is used to guarantee that the connection accepted by the WebSocket is from a trusted origin domain. Failure to enforce can lead to Cross Site Request Forgery (CSRF). As per \"gorilla/websocket\" documentation: \"A CheckOrigin function should carefully validate the request origin to prevent cross-site request forgery.\"\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check)\n - [https://pkg.go.dev/github.com/gorilla/websocket#Upgrader](https://pkg.go.dev/github.com/gorilla/websocket#Upgrader)\n",
-                "text": "The Origin header in the HTTP WebSocket handshake is used to guarantee that the connection accepted by the WebSocket is from a trusted origin domain. Failure to enforce can lead to Cross Site Request Forgery (CSRF). As per \"gorilla/websocket\" documentation: \"A CheckOrigin function should carefully validate the request origin to prevent cross-site request forgery.\"\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "URL rewriting has significant security risks. Since session ID appears in the URL, it may be easily seen by third parties.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "URL rewriting has significant security risks. Since session ID appears in the URL, it may be easily seen by third parties.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.url-rewriting.url-rewriting)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check",
-              "id": "go.gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check",
-              "name": "go.gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "php.lang.security.injection.tainted-filename.tainted-filename",
+              "name": "php.lang.security.injection.tainted-filename.tainted-filename",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.injection.tainted-filename.tainted-filename"
               },
-              "fullDescription": {
-                "text": "Detected input from a HTTPServletRequest going into the environment variables of an 'exec' command.  Instead, call the command with user-supplied arguments by using the overloaded method with one String array as the argument. `exec({\"command\", \"arg1\", \"arg2\"})`."
+              "full_description": {
+                "text": "File name based on user input risks server-side request forgery."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.injection.tainted-filename.tainted-filename",
               "help": {
-                "markdown": "Detected input from a HTTPServletRequest going into the environment variables of an 'exec' command.  Instead, call the command with user-supplied arguments by using the overloaded method with one String array as the argument. `exec({\"command\", \"arg1\", \"arg2\"})`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.tainted-env-from-http-request.tainted-env-from-http-request)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected input from a HTTPServletRequest going into the environment variables of an 'exec' command.  Instead, call the command with user-supplied arguments by using the overloaded method with one String array as the argument. `exec({\"command\", \"arg1\", \"arg2\"})`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "File name based on user input risks server-side request forgery.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "File name based on user input risks server-side request forgery.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.injection.tainted-filename.tainted-filename)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.tainted-env-from-http-request.tainted-env-from-http-request",
-              "id": "java.lang.security.audit.tainted-env-from-http-request.tainted-env-from-http-request",
-              "name": "java.lang.security.audit.tainted-env-from-http-request.tainted-env-from-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-454: External Initialization of Trusted Variables or Data Stores",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.tainted-env-from-http-request.tainted-env-from-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.aws-lambda.security.tainted-html-response.tainted-html-response",
+              "name": "javascript.aws-lambda.security.tainted-html-response.tainted-html-response",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.tainted-html-response.tainted-html-response"
               },
-              "fullDescription": {
-                "text": "Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead."
+              "full_description": {
+                "text": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.tainted-html-response.tainted-html-response",
               "help": {
-                "markdown": "Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopen.insecure-urlopen)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.urlopen](https://docs.python.org/3/library/urllib.request.html#urllib.request.urlopen)\n",
-                "text": "Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.tainted-html-response.tainted-html-response)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopen.insecure-urlopen",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopen.insecure-urlopen",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopen.insecure-urlopen",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopen.insecure-urlopen"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.xss.filter-with-is-safe.filter-with-is-safe",
+              "name": "python.django.security.audit.xss.filter-with-is-safe.filter-with-is-safe",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.filter-with-is-safe.filter-with-is-safe"
               },
-              "fullDescription": {
-                "text": "S3 bucket with public read access detected."
+              "full_description": {
+                "text": "Detected Django filters flagged with 'is_safe'. 'is_safe' tells Django not to apply escaping on the value returned by this filter (although the input is escaped). Used improperly, 'is_safe' could expose your application to cross-site scripting (XSS) vulnerabilities. Ensure this filter does not 1) add HTML characters, 2) remove characters, or 3) use external data in any way. Consider instead removing 'is_safe' and explicitly marking safe content with 'mark_safe()'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.filter-with-is-safe.filter-with-is-safe",
               "help": {
-                "markdown": "S3 bucket with public read access detected.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.s3-public-read-bucket.s3-public-read-bucket)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl)\n - [https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl)\n",
-                "text": "S3 bucket with public read access detected.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected Django filters flagged with 'is_safe'. 'is_safe' tells Django not to apply escaping on the value returned by this filter (although the input is escaped). Used improperly, 'is_safe' could expose your application to cross-site scripting (XSS) vulnerabilities. Ensure this filter does not 1) add HTML characters, 2) remove characters, or 3) use external data in any way. Consider instead removing 'is_safe' and explicitly marking safe content with 'mark_safe()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected Django filters flagged with 'is_safe'. 'is_safe' tells Django not to apply escaping on the value returned by this filter (although the input is escaped). Used improperly, 'is_safe' could expose your application to cross-site scripting (XSS) vulnerabilities. Ensure this filter does not 1) add HTML characters, 2) remove characters, or 3) use external data in any way. Consider instead removing 'is_safe' and explicitly marking safe content with 'mark_safe()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.filter-with-is-safe.filter-with-is-safe)\n - [https://docs.djangoproject.com/en/3.1/topics/security/#cross-site-scripting-xss-protection](https://docs.djangoproject.com/en/3.1/topics/security/#cross-site-scripting-xss-protection)\n - [https://docs.djangoproject.com/en/3.1/howto/custom-template-tags/#filters-and-auto-escaping](https://docs.djangoproject.com/en/3.1/howto/custom-template-tags/#filters-and-auto-escaping)\n - [https://stackoverflow.com/questions/7665512/why-use-is-safe](https://stackoverflow.com/questions/7665512/why-use-is-safe)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.s3-public-read-bucket.s3-public-read-bucket",
-              "id": "terraform.lang.security.s3-public-read-bucket.s3-public-read-bucket",
-              "name": "terraform.lang.security.s3-public-read-bucket.s3-public-read-bucket",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.s3-public-read-bucket.s3-public-read-bucket"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.tainted-pickle-deserialization.tainted-pickle-deserialization",
+              "name": "python.aws-lambda.security.tainted-pickle-deserialization.tainted-pickle-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.tainted-pickle-deserialization.tainted-pickle-deserialization"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result."
+              "full_description": {
+                "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.tainted-pickle-deserialization.tainted-pickle-deserialization",
               "help": {
-                "markdown": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.html-templates.security.var-in-script-src.var-in-script-src)\n - [https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A](https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n",
-                "text": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.tainted-pickle-deserialization.tainted-pickle-deserialization)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n - [https://davidhamann.de/2020/04/05/exploiting-python-pickle/](https://davidhamann.de/2020/04/05/exploiting-python-pickle/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.html-templates.security.var-in-script-src.var-in-script-src",
-              "id": "generic.html-templates.security.var-in-script-src.var-in-script-src",
-              "name": "generic.html-templates.security.var-in-script-src.var-in-script-src",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
+              }
+            },
+            {
+              "id": "python.lang.compatibility.python37.python37-compatibility-pdb",
+              "name": "python.lang.compatibility.python37.python37-compatibility-pdb",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-pdb"
+              },
+              "full_description": {
+                "text": "pdb.set_trace() with the header argument is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use set_trace() without the header argument."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-pdb",
+              "help": {
+                "text": "pdb.set_trace() with the header argument is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use set_trace() without the header argument.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "pdb.set_trace() with the header argument is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use set_trace() without the header argument.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-pdb)\n"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.html-templates.security.var-in-script-src.var-in-script-src"
+              "properties": {
+                "precision": "very-high",
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-ec2-has-public-ip.aws-ec2-has-public-ip",
+              "name": "terraform.aws.security.aws-ec2-has-public-ip.aws-ec2-has-public-ip",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-ec2-has-public-ip.aws-ec2-has-public-ip"
               },
-              "fullDescription": {
-                "text": "User-controlled data from request is passed to 'RawSQL()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string."
+              "full_description": {
+                "text": "EC2 instances should not have a public IP address attached in order to block public access to the instances. To fix this, set your `associate_public_ip_address` to `\"false\"`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-ec2-has-public-ip.aws-ec2-has-public-ip",
               "help": {
-                "markdown": "User-controlled data from request is passed to 'RawSQL()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-rawsql.sql-injection-using-rawsql)\n - [https://docs.djangoproject.com/en/3.0/ref/models/expressions/#django.db.models.expressions.RawSQL](https://docs.djangoproject.com/en/3.0/ref/models/expressions/#django.db.models.expressions.RawSQL)\n",
-                "text": "User-controlled data from request is passed to 'RawSQL()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use parameterized queries or escape the user-controlled data by using `params` and not using quote placeholders in the SQL string.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "EC2 instances should not have a public IP address attached in order to block public access to the instances. To fix this, set your `associate_public_ip_address` to `\"false\"`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "EC2 instances should not have a public IP address attached in order to block public access to the instances. To fix this, set your `associate_public_ip_address` to `\"false\"`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ec2-has-public-ip.aws-ec2-has-public-ip)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-rawsql.sql-injection-using-rawsql",
-              "id": "python.django.security.injection.sql.sql-injection-rawsql.sql-injection-using-rawsql",
-              "name": "python.django.security.injection.sql.sql-injection-rawsql.sql-injection-using-rawsql",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-284: Improper Access Control",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.sql.sql-injection-rawsql.sql-injection-using-rawsql"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.browser.security.raw-html-concat.raw-html-concat",
+              "name": "javascript.browser.security.raw-html-concat.raw-html-concat",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.browser.security.raw-html-concat.raw-html-concat"
               },
-              "fullDescription": {
-                "text": "The AWS CloudWatch Log Group has no retention. Missing retention in log groups can cause losing important event information."
+              "full_description": {
+                "text": "User controlled data in a HTML string may result in XSS"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.browser.security.raw-html-concat.raw-html-concat",
               "help": {
-                "markdown": "The AWS CloudWatch Log Group has no retention. Missing retention in log groups can cause losing important event information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-cloudwatch-log-group-no-retention.aws-cloudwatch-log-group-no-retention)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS CloudWatch Log Group has no retention. Missing retention in log groups can cause losing important event information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User controlled data in a HTML string may result in XSS\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User controlled data in a HTML string may result in XSS\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.raw-html-concat.raw-html-concat)\n - [https://owasp.org/www-community/attacks/xss/](https://owasp.org/www-community/attacks/xss/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-cloudwatch-log-group-no-retention.aws-cloudwatch-log-group-no-retention",
-              "id": "terraform.aws.security.aws-cloudwatch-log-group-no-retention.aws-cloudwatch-log-group-no-retention",
-              "name": "terraform.aws.security.aws-cloudwatch-log-group-no-retention.aws-cloudwatch-log-group-no-retention",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-cloudwatch-log-group-no-retention.aws-cloudwatch-log-group-no-retention"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.net.bind_all.avoid-bind-to-all-interfaces",
+              "name": "go.lang.security.audit.net.bind_all.avoid-bind-to-all-interfaces",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.bind_all.avoid-bind-to-all-interfaces"
               },
-              "fullDescription": {
-                "text": "Setting 'WTF_CSRF_ENABLED' to 'False' explicitly disables CSRF protection."
+              "full_description": {
+                "text": "Detected a network listener listening on 0.0.0.0 or an empty string. This could unexpectedly expose the server publicly as it binds to all available interfaces. Instead, specify another IP address that is not 0.0.0.0 nor the empty string."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.bind_all.avoid-bind-to-all-interfaces",
               "help": {
-                "markdown": "Setting 'WTF_CSRF_ENABLED' to 'False' explicitly disables CSRF protection.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.wtf-csrf-disabled.flask-wtf-csrf-disabled)\n - [https://flask-wtf.readthedocs.io/en/1.2.x/csrf/](https://flask-wtf.readthedocs.io/en/1.2.x/csrf/)\n",
-                "text": "Setting 'WTF_CSRF_ENABLED' to 'False' explicitly disables CSRF protection.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a network listener listening on 0.0.0.0 or an empty string. This could unexpectedly expose the server publicly as it binds to all available interfaces. Instead, specify another IP address that is not 0.0.0.0 nor the empty string.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a network listener listening on 0.0.0.0 or an empty string. This could unexpectedly expose the server publicly as it binds to all available interfaces. Instead, specify another IP address that is not 0.0.0.0 nor the empty string.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.bind_all.avoid-bind-to-all-interfaces)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.wtf-csrf-disabled.flask-wtf-csrf-disabled",
-              "id": "python.flask.security.audit.wtf-csrf-disabled.flask-wtf-csrf-disabled",
-              "name": "python.flask.security.audit.wtf-csrf-disabled.flask-wtf-csrf-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
-                  "LOW CONFIDENCE",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "HIGH CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.wtf-csrf-disabled.flask-wtf-csrf-disabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.rails.security.audit.xss.avoid-render-dynamic-path.avoid-render-dynamic-path",
+              "name": "ruby.rails.security.audit.xss.avoid-render-dynamic-path.avoid-render-dynamic-path",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-render-dynamic-path.avoid-render-dynamic-path"
               },
-              "fullDescription": {
-                "text": "source_hash' is only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Instead, use another hash function."
+              "full_description": {
+                "text": "Avoid rendering user input. It may be possible for a malicious user to input a path that lets them access a template they shouldn't. To prevent this, check dynamic template paths against a predefined allowlist to make sure it's an allowed template."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-dynamic-path.avoid-render-dynamic-path",
               "help": {
-                "markdown": "source_hash' is only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Instead, use another hash function.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib)\n",
-                "text": "source_hash' is only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Instead, use another hash function.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid rendering user input. It may be possible for a malicious user to input a path that lets them access a template they shouldn't. To prevent this, check dynamic template paths against a predefined allowlist to make sure it's an allowed template.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid rendering user input. It may be possible for a malicious user to input a path that lets them access a template they shouldn't. To prevent this, check dynamic template paths against a predefined allowlist to make sure it's an allowed template.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-dynamic-path.avoid-render-dynamic-path)\n - [https://brakemanscanner.org/docs/warning_types/dynamic_render_paths/](https://brakemanscanner.org/docs/warning_types/dynamic_render_paths/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib",
-              "id": "python.lang.compatibility.python37.python37-compatibility-importlib",
-              "name": "python.lang.compatibility.python37.python37-compatibility-importlib",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-importlib"
+                "tags": [
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.pycryptodome.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
+              "name": "python.pycryptodome.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insufficient-dsa-key-size.insufficient-dsa-key-size"
               },
-              "fullDescription": {
-                "text": "A formatted or concatenated string was detected as input to a ProcessBuilder call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized."
+              "full_description": {
+                "text": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
               "help": {
-                "markdown": "A formatted or concatenated string was detected as input to a ProcessBuilder call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.command-injection-process-builder.command-injection-process-builder)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "A formatted or concatenated string was detected as input to a ProcessBuilder call. This is dangerous if a variable is controlled by user input and could result in a command injection. Ensure your variables are not controlled by users or sufficiently sanitized.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insufficient-dsa-key-size.insufficient-dsa-key-size)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.command-injection-process-builder.command-injection-process-builder",
-              "id": "java.lang.security.audit.command-injection-process-builder.command-injection-process-builder",
-              "name": "java.lang.security.audit.command-injection-process-builder.command-injection-process-builder",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.command-injection-process-builder.command-injection-process-builder"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.xmlinputfactory-external-entities-enabled.xmlinputfactory-external-entities-enabled",
+              "name": "java.lang.security.xmlinputfactory-external-entities-enabled.xmlinputfactory-external-entities-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.xmlinputfactory-external-entities-enabled.xmlinputfactory-external-entities-enabled"
               },
-              "fullDescription": {
-                "text": "Untrusted user input in `importlib.import_module()` function allows an attacker to load arbitrary code. Avoid dynamic values in `importlib.import_module()` or use a whitelist to prevent running untrusted code."
+              "full_description": {
+                "text": "XML external entities are enabled for this XMLInputFactory. This is vulnerable to XML external entity attacks. Disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.xmlinputfactory-external-entities-enabled.xmlinputfactory-external-entities-enabled",
               "help": {
-                "markdown": "Untrusted user input in `importlib.import_module()` function allows an attacker to load arbitrary code. Avoid dynamic values in `importlib.import_module()` or use a whitelist to prevent running untrusted code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.non-literal-import.non-literal-import)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Untrusted user input in `importlib.import_module()` function allows an attacker to load arbitrary code. Avoid dynamic values in `importlib.import_module()` or use a whitelist to prevent running untrusted code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "XML external entities are enabled for this XMLInputFactory. This is vulnerable to XML external entity attacks. Disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "XML external entities are enabled for this XMLInputFactory. This is vulnerable to XML external entity attacks. Disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.xmlinputfactory-external-entities-enabled.xmlinputfactory-external-entities-enabled)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://www.blackhat.com/docs/us-15/materials/us-15-Wang-FileCry-The-New-Age-Of-XXE-java-wp.pdf](https://www.blackhat.com/docs/us-15/materials/us-15-Wang-FileCry-The-New-Age-Of-XXE-java-wp.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.non-literal-import.non-literal-import",
-              "id": "python.lang.security.audit.non-literal-import.non-literal-import",
-              "name": "python.lang.security.audit.non-literal-import.non-literal-import",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-706: Use of Incorrectly-Resolved Name or Reference",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.non-literal-import.non-literal-import"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.erc777-reentrancy.erc777-reentrancy",
+              "name": "solidity.security.erc777-reentrancy.erc777-reentrancy",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.erc777-reentrancy.erc777-reentrancy"
               },
-              "fullDescription": {
-                "text": "Detected template variable interpolation in an HTML tag. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over HTML but without the need to use escaped characters. Use explicit tags instead."
+              "full_description": {
+                "text": "ERC777 tokensReceived() reentrancy"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.erc777-reentrancy.erc777-reentrancy",
               "help": {
-                "markdown": "Detected template variable interpolation in an HTML tag. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over HTML but without the need to use escaped characters. Use explicit tags instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-interpolation-in-tag.no-interpolation-in-tag)\n - [https://github.com/golang/go/issues/19669](https://github.com/golang/go/issues/19669)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n",
-                "text": "Detected template variable interpolation in an HTML tag. This is potentially vulnerable to cross-site scripting (XSS) attacks because a malicious actor has control over HTML but without the need to use escaped characters. Use explicit tags instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "ERC777 tokensReceived() reentrancy\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "ERC777 tokensReceived() reentrancy\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.erc777-reentrancy.erc777-reentrancy)\n - [https://mirror.xyz/baconcoin.eth/LHaPiX38mnx8eJ2RVKNXHttHfweQMKNGmEnX4KUksk0](https://mirror.xyz/baconcoin.eth/LHaPiX38mnx8eJ2RVKNXHttHfweQMKNGmEnX4KUksk0)\n - [https://etherscan.io/address/0xf53f00f844b381963a47fde3325011566870b31f](https://etherscan.io/address/0xf53f00f844b381963a47fde3325011566870b31f)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-interpolation-in-tag.no-interpolation-in-tag",
-              "id": "go.lang.security.audit.xss.no-interpolation-in-tag.no-interpolation-in-tag",
-              "name": "go.lang.security.audit.xss.no-interpolation-in-tag.no-interpolation-in-tag",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-841: Improper Enforcement of Behavioral Workflow",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.xss.no-interpolation-in-tag.no-interpolation-in-tag"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "html.security.audit.missing-integrity.missing-integrity",
+              "name": "html.security.audit.missing-integrity.missing-integrity",
+              "short_description": {
+                "text": "Semgrep Finding: html.security.audit.missing-integrity.missing-integrity"
               },
-              "fullDescription": {
-                "text": "Found extension of custom expression: $CLASS. Extending expressions in this way could inadvertently lead to a SQL injection vulnerability, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized."
+              "full_description": {
+                "text": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you’re telling the browser to fetch in the 'integrity' attribute for all externally hosted files."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/html.security.audit.missing-integrity.missing-integrity",
               "help": {
-                "markdown": "Found extension of custom expression: $CLASS. Extending expressions in this way could inadvertently lead to a SQL injection vulnerability, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.extends-custom-expression.extends-custom-expression)\n - [https://docs.djangoproject.com/en/3.0/ref/models/expressions/#avoiding-sql-injection](https://docs.djangoproject.com/en/3.0/ref/models/expressions/#avoiding-sql-injection)\n - [https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/](https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/)\n",
-                "text": "Found extension of custom expression: $CLASS. Extending expressions in this way could inadvertently lead to a SQL injection vulnerability, which can result in attackers exfiltrating sensitive data. Instead, ensure no user input enters this function or that user input is properly sanitized.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you’re telling the browser to fetch in the 'integrity' attribute for all externally hosted files.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you’re telling the browser to fetch in the 'integrity' attribute for all externally hosted files.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/html.security.audit.missing-integrity.missing-integrity)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.extends-custom-expression.extends-custom-expression",
-              "id": "python.django.security.audit.extends-custom-expression.extends-custom-expression",
-              "name": "python.django.security.audit.extends-custom-expression.extends-custom-expression",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-353: Missing Support for Integrity Check",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.extends-custom-expression.extends-custom-expression"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.tainted-code-exec.tainted-code-exec",
+              "name": "python.aws-lambda.security.tainted-code-exec.tainted-code-exec",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.tainted-code-exec.tainted-code-exec"
               },
-              "fullDescription": {
-                "text": "Detected SSL that will accept an unverified connection. This makes the connections susceptible to man-in-the-middle attacks. Use 'OpenSSL::SSL::VERIFY_PEER' instead."
+              "full_description": {
+                "text": "Detected the use of `exec/eval`.This can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.tainted-code-exec.tainted-code-exec",
               "help": {
-                "markdown": "Detected SSL that will accept an unverified connection. This makes the connections susceptible to man-in-the-middle attacks. Use 'OpenSSL::SSL::VERIFY_PEER' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.ssl-mode-no-verify.ssl-mode-no-verify)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Detected SSL that will accept an unverified connection. This makes the connections susceptible to man-in-the-middle attacks. Use 'OpenSSL::SSL::VERIFY_PEER' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected the use of `exec/eval`.This can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the use of `exec/eval`.This can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.tainted-code-exec.tainted-code-exec)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.ssl-mode-no-verify.ssl-mode-no-verify",
-              "id": "ruby.lang.security.ssl-mode-no-verify.ssl-mode-no-verify",
-              "name": "ruby.lang.security.ssl-mode-no-verify.ssl-mode-no-verify",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-295: Improper Certificate Validation",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.ssl-mode-no-verify.ssl-mode-no-verify"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.aws-lambda.security.pymysql-sqli.pymysql-sqli",
+              "name": "python.aws-lambda.security.pymysql-sqli.pymysql-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.pymysql-sqli.pymysql-sqli"
               },
-              "fullDescription": {
-                "text": "Detected use of xmlrpc. xmlrpc is not inherently safe from vulnerabilities. Use defusedxml.xmlrpc instead."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.pymysql-sqli.pymysql-sqli",
               "help": {
-                "markdown": "Detected use of xmlrpc. xmlrpc is not inherently safe from vulnerabilities. Use defusedxml.xmlrpc instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc)\n - [https://pypi.org/project/defusedxml/](https://pypi.org/project/defusedxml/)\n - [https://docs.python.org/3/library/xml.html#xml-vulnerabilities](https://docs.python.org/3/library/xml.html#xml-vulnerabilities)\n",
-                "text": "Detected use of xmlrpc. xmlrpc is not inherently safe from vulnerabilities. Use defusedxml.xmlrpc instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.pymysql-sqli.pymysql-sqli)\n - [https://pypi.org/project/PyMySQL/#id4](https://pypi.org/project/PyMySQL/#id4)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc",
-              "id": "python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc",
-              "name": "python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-athena-workgroup-unencrypted.aws-athena-workgroup-unencrypted",
+              "name": "terraform.aws.security.aws-athena-workgroup-unencrypted.aws-athena-workgroup-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-athena-workgroup-unencrypted.aws-athena-workgroup-unencrypted"
               },
-              "fullDescription": {
-                "text": "Detected a possible YAML deserialization vulnerability. `yaml.unsafe_load`, `yaml.Loader`, `yaml.CLoader`, and `yaml.UnsafeLoader` are all known to be unsafe methods of deserializing YAML. An attacker with control over the YAML input could create special YAML input that allows the attacker to run arbitrary Python code. This would allow the attacker to steal files, download and install malware, or otherwise take over the machine. Use `yaml.safe_load` or `yaml.SafeLoader` instead."
+              "full_description": {
+                "text": "The AWS Athena Work Group is unencrypted. The AWS KMS encryption key protects backups in the work group. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-athena-workgroup-unencrypted.aws-athena-workgroup-unencrypted",
               "help": {
-                "markdown": "Detected a possible YAML deserialization vulnerability. `yaml.unsafe_load`, `yaml.Loader`, `yaml.CLoader`, and `yaml.UnsafeLoader` are all known to be unsafe methods of deserializing YAML. An attacker with control over the YAML input could create special YAML input that allows the attacker to run arbitrary Python code. This would allow the attacker to steal files, download and install malware, or otherwise take over the machine. Use `yaml.safe_load` or `yaml.SafeLoader` instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load)\n - [https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation](https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation)\n - [https://nvd.nist.gov/vuln/detail/CVE-2017-18342](https://nvd.nist.gov/vuln/detail/CVE-2017-18342)\n",
-                "text": "Detected a possible YAML deserialization vulnerability. `yaml.unsafe_load`, `yaml.Loader`, `yaml.CLoader`, and `yaml.UnsafeLoader` are all known to be unsafe methods of deserializing YAML. An attacker with control over the YAML input could create special YAML input that allows the attacker to run arbitrary Python code. This would allow the attacker to steal files, download and install malware, or otherwise take over the machine. Use `yaml.safe_load` or `yaml.SafeLoader` instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS Athena Work Group is unencrypted. The AWS KMS encryption key protects backups in the work group. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS Athena Work Group is unencrypted. The AWS KMS encryption key protects backups in the work group. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-athena-workgroup-unencrypted.aws-athena-workgroup-unencrypted)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load",
-              "id": "python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load",
-              "name": "python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-311: Missing Encryption of Sensitive Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.xss.avoid-render-inline.avoid-render-inline",
+              "name": "ruby.rails.security.audit.xss.avoid-render-inline.avoid-render-inline",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-render-inline.avoid-render-inline"
               },
-              "fullDescription": {
-                "text": "Data that is possible user-controlled from a python request is passed to `raw()`. This could lead to SQL injection and attackers gaining access to protected information. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`."
+              "full_description": {
+                "text": "'render inline: ...' renders an entire ERB template inline and is dangerous. If external data can reach here, this exposes your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks. Instead, consider using a partial or another safe rendering method."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-inline.avoid-render-inline",
               "help": {
-                "markdown": "Data that is possible user-controlled from a python request is passed to `raw()`. This could lead to SQL injection and attackers gaining access to protected information. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-using-raw.sql-injection-using-raw)\n - [https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection](https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection)\n",
-                "text": "Data that is possible user-controlled from a python request is passed to `raw()`. This could lead to SQL injection and attackers gaining access to protected information. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'render inline: ...' renders an entire ERB template inline and is dangerous. If external data can reach here, this exposes your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks. Instead, consider using a partial or another safe rendering method.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'render inline: ...' renders an entire ERB template inline and is dangerous. If external data can reach here, this exposes your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks. Instead, consider using a partial or another safe rendering method.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-inline.avoid-render-inline)\n - [https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#inline-renders---even-worse-than-xss](https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#inline-renders---even-worse-than-xss)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-using-raw.sql-injection-using-raw",
-              "id": "python.django.security.injection.sql.sql-injection-using-raw.sql-injection-using-raw",
-              "name": "python.django.security.injection.sql.sql-injection-using-raw.sql-injection-using-raw",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.sql.sql-injection-using-raw.sql-injection-using-raw"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Found usage of the 'blocksize' argument in a HTTPConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below."
-              },
-              "help": {
-                "markdown": "Found usage of the 'blocksize' argument in a HTTPConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-httpconn)\n",
-                "text": "Found usage of the 'blocksize' argument in a HTTPConnection call. This is only available on Python 3.7+ and is therefore not backwards compatible. Remove this in order for this code to work in Python 3.6 and below.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "id": "problem-based-packs.insecure-transport.java-spring.spring-http-request.spring-http-request",
+              "name": "problem-based-packs.insecure-transport.java-spring.spring-http-request.spring-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-spring.spring-http-request.spring-http-request"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-httpconn",
-              "id": "python.lang.compatibility.python37.python37-compatibility-httpconn",
-              "name": "python.lang.compatibility.python37.python37-compatibility-httpconn",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
+              "full_description": {
+                "text": "Checks for requests sent via Java Spring RestTemplate API to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-httpconn"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "Ensure DocDB is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
-              },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.spring-http-request.spring-http-request",
               "help": {
-                "markdown": "Ensure DocDB is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-docdb-encrypted-with-cmk.aws-docdb-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure DocDB is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests sent via Java Spring RestTemplate API to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests sent via Java Spring RestTemplate API to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.spring-http-request.spring-http-request)\n - [https://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/web/client/RestTemplate.html#delete-java.lang.String-java.util.Map-](https://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/web/client/RestTemplate.html#delete-java.lang.String-java.util.Map-)\n - [https://www.baeldung.com/rest-template](https://www.baeldung.com/rest-template)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-docdb-encrypted-with-cmk.aws-docdb-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-docdb-encrypted-with-cmk.aws-docdb-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-docdb-encrypted-with-cmk.aws-docdb-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-docdb-encrypted-with-cmk.aws-docdb-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "dockerfile.security.no-sudo-in-dockerfile.no-sudo-in-dockerfile",
+              "name": "dockerfile.security.no-sudo-in-dockerfile.no-sudo-in-dockerfile",
+              "short_description": {
+                "text": "Semgrep Finding: dockerfile.security.no-sudo-in-dockerfile.no-sudo-in-dockerfile"
+              },
+              "full_description": {
+                "text": "Avoid using sudo in Dockerfiles. Running processes as a non-root user can help  reduce the potential impact of configuration errors and security vulnerabilities."
               },
-              "fullDescription": {
-                "text": "Special requests can determine whether a file exists on a filesystem that's outside the Rails app's root directory. To fix this, set config.serve_static_assets = false."
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/dockerfile.security.no-sudo-in-dockerfile.no-sudo-in-dockerfile",
               "help": {
-                "markdown": "Special requests can determine whether a file exists on a filesystem that's outside the Rails app's root directory. To fix this, set config.serve_static_assets = false.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.file-disclosure.file-disclosure)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_file_disclosure.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_file_disclosure.rb)\n - [https://groups.google.com/g/rubyonrails-security/c/23fiuwb1NBA/m/MQVM1-5GkPMJ](https://groups.google.com/g/rubyonrails-security/c/23fiuwb1NBA/m/MQVM1-5GkPMJ)\n",
-                "text": "Special requests can determine whether a file exists on a filesystem that's outside the Rails app's root directory. To fix this, set config.serve_static_assets = false.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using sudo in Dockerfiles. Running processes as a non-root user can help  reduce the potential impact of configuration errors and security vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using sudo in Dockerfiles. Running processes as a non-root user can help  reduce the potential impact of configuration errors and security vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/dockerfile.security.no-sudo-in-dockerfile.no-sudo-in-dockerfile)\n - [https://cwe.mitre.org/data/definitions/250.html](https://cwe.mitre.org/data/definitions/250.html)\n - [https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.file-disclosure.file-disclosure",
-              "id": "ruby.lang.security.file-disclosure.file-disclosure",
-              "name": "ruby.lang.security.file-disclosure.file-disclosure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "CWE-250: Execution with Unnecessary Privileges",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.file-disclosure.file-disclosure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-workspaces-user-volume-unencrypted.aws-workspaces-user-volume-unencrypted",
+              "name": "terraform.aws.security.aws-workspaces-user-volume-unencrypted.aws-workspaces-user-volume-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-workspaces-user-volume-unencrypted.aws-workspaces-user-volume-unencrypted"
               },
-              "fullDescription": {
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead."
+              "full_description": {
+                "text": "The AWS Workspace user volume is unencrypted. The AWS KMS encryption key protects user volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-workspaces-user-volume-unencrypted.aws-workspaces-user-volume-unencrypted",
               "help": {
-                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-md5-digest-utils.use-of-md5-digest-utils)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS Workspace user volume is unencrypted. The AWS KMS encryption key protects user volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS Workspace user volume is unencrypted. The AWS KMS encryption key protects user volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-workspaces-user-volume-unencrypted.aws-workspaces-user-volume-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-md5-digest-utils.use-of-md5-digest-utils",
-              "id": "java.lang.security.audit.crypto.use-of-md5-digest-utils.use-of-md5-digest-utils",
-              "name": "java.lang.security.audit.crypto.use-of-md5-digest-utils.use-of-md5-digest-utils",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-328: Use of Weak Hash",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-md5-digest-utils.use-of-md5-digest-utils"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.use-of-rc2.use-of-rc2",
+              "name": "java.lang.security.audit.crypto.use-of-rc2.use-of-rc2",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-rc2.use-of-rc2"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `wkhtmltopdf` it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "Use of RC2 was detected. RC2 is vulnerable to related-key attacks, and is therefore considered non-compliant. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-rc2.use-of-rc2",
               "help": {
-                "markdown": "If unverified user data can reach the `wkhtmltopdf` it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.wkhtmltopdf.security.audit.wkhtmltopdf-injection.wkhtmltopdf-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `wkhtmltopdf` it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Use of RC2 was detected. RC2 is vulnerable to related-key attacks, and is therefore considered non-compliant. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use of RC2 was detected. RC2 is vulnerable to related-key attacks, and is therefore considered non-compliant. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-rc2.use-of-rc2)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n - [https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html](https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.wkhtmltopdf.security.audit.wkhtmltopdf-injection.wkhtmltopdf-injection",
-              "id": "javascript.wkhtmltopdf.security.audit.wkhtmltopdf-injection.wkhtmltopdf-injection",
-              "name": "javascript.wkhtmltopdf.security.audit.wkhtmltopdf-injection.wkhtmltopdf-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.wkhtmltopdf.security.audit.wkhtmltopdf-injection.wkhtmltopdf-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-ec2-launch-template-metadata-service-v1-enabled.aws-ec2-launch-template-metadata-service-v1-enabled",
+              "name": "terraform.aws.security.aws-ec2-launch-template-metadata-service-v1-enabled.aws-ec2-launch-template-metadata-service-v1-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-ec2-launch-template-metadata-service-v1-enabled.aws-ec2-launch-template-metadata-service-v1-enabled"
               },
-              "fullDescription": {
-                "text": "The 'phpinfo' function may reveal sensitive information about your environment."
+              "full_description": {
+                "text": "The EC2 launch template has Instance Metadata Service Version 1 (IMDSv1) enabled. IMDSv2 introduced session authentication tokens which improve security when talking to IMDS. You should either disable IMDS or require the use of IMDSv2."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-ec2-launch-template-metadata-service-v1-enabled.aws-ec2-launch-template-metadata-service-v1-enabled",
               "help": {
-                "markdown": "The 'phpinfo' function may reveal sensitive information about your environment.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.phpinfo-use.phpinfo-use)\n - [https://www.php.net/manual/en/function.phpinfo](https://www.php.net/manual/en/function.phpinfo)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/PhpinfosSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/PhpinfosSniff.php)\n",
-                "text": "The 'phpinfo' function may reveal sensitive information about your environment.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The EC2 launch template has Instance Metadata Service Version 1 (IMDSv1) enabled. IMDSv2 introduced session authentication tokens which improve security when talking to IMDS. You should either disable IMDS or require the use of IMDSv2.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The EC2 launch template has Instance Metadata Service Version 1 (IMDSv1) enabled. IMDSv2 introduced session authentication tokens which improve security when talking to IMDS. You should either disable IMDS or require the use of IMDSv2.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ec2-launch-template-metadata-service-v1-enabled.aws-ec2-launch-template-metadata-service-v1-enabled)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#metadata_options](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#metadata_options)\n - [https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service](https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.phpinfo-use.phpinfo-use",
-              "id": "php.lang.security.phpinfo-use.phpinfo-use",
-              "name": "php.lang.security.phpinfo-use.phpinfo-use",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "CWE-1390: Weak Authentication",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.phpinfo-use.phpinfo-use"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token",
+              "name": "generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token"
               },
-              "fullDescription": {
-                "text": "Passing a formatted string as first parameter to `format_html` disables the proper encoding of variables. Any HTML in the first parameter is not encoded. Using a formatted string as first parameter obscures which parameters are encoded. Correct use of `format_html` is passing a static format string as first parameter, and the variables to substitute as subsequent parameters."
+              "full_description": {
+                "text": "PayPal Braintree Access Token detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token",
               "help": {
-                "markdown": "Passing a formatted string as first parameter to `format_html` disables the proper encoding of variables. Any HTML in the first parameter is not encoded. Using a formatted string as first parameter obscures which parameters are encoded. Correct use of `format_html` is passing a static format string as first parameter, and the variables to substitute as subsequent parameters.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.formathtml-fstring-parameter.formathtml-fstring-parameter)\n - [https://docs.djangoproject.com/en/3.2/ref/utils/#django.utils.html.format_html](https://docs.djangoproject.com/en/3.2/ref/utils/#django.utils.html.format_html)\n",
-                "text": "Passing a formatted string as first parameter to `format_html` disables the proper encoding of variables. Any HTML in the first parameter is not encoded. Using a formatted string as first parameter obscures which parameters are encoded. Correct use of `format_html` is passing a static format string as first parameter, and the variables to substitute as subsequent parameters.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "PayPal Braintree Access Token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "PayPal Braintree Access Token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.formathtml-fstring-parameter.formathtml-fstring-parameter",
-              "id": "python.django.security.audit.xss.formathtml-fstring-parameter.formathtml-fstring-parameter",
-              "name": "python.django.security.audit.xss.formathtml-fstring-parameter.formathtml-fstring-parameter",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.formathtml-fstring-parameter.formathtml-fstring-parameter"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-artifactory-token.detected-artifactory-token",
+              "name": "generic.secrets.security.detected-artifactory-token.detected-artifactory-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-artifactory-token.detected-artifactory-token"
               },
-              "fullDescription": {
-                "text": "RDS instance accessible from the Internet detected."
+              "full_description": {
+                "text": "Artifactory token detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-artifactory-token.detected-artifactory-token",
               "help": {
-                "markdown": "RDS instance accessible from the Internet detected.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.rds-public-access.rds-public-access)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#publicly_accessible](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#publicly_accessible)\n - [https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html#USER_VPC.Hiding](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html#USER_VPC.Hiding)\n",
-                "text": "RDS instance accessible from the Internet detected.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Artifactory token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Artifactory token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-artifactory-token.detected-artifactory-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.rds-public-access.rds-public-access",
-              "id": "terraform.lang.security.rds-public-access.rds-public-access",
-              "name": "terraform.lang.security.rds-public-access.rds-public-access",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.rds-public-access.rds-public-access"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.browser.security.eval-detected.eval-detected",
+              "name": "javascript.browser.security.eval-detected.eval-detected",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.browser.security.eval-detected.eval-detected"
               },
-              "fullDescription": {
-                "text": "Slack Webhook detected"
+              "full_description": {
+                "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.browser.security.eval-detected.eval-detected",
               "help": {
-                "markdown": "Slack Webhook detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-slack-webhook.detected-slack-webhook)\n - [https://api.slack.com/messaging/webhooks](https://api.slack.com/messaging/webhooks)\n",
-                "text": "Slack Webhook detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.eval-detected.eval-detected)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-slack-webhook.detected-slack-webhook",
-              "id": "generic.secrets.security.detected-slack-webhook.detected-slack-webhook",
-              "name": "generic.secrets.security.detected-slack-webhook.detected-slack-webhook",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-slack-webhook.detected-slack-webhook"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.dynamodb-filter-injection.dynamodb-filter-injection",
+              "name": "python.aws-lambda.security.dynamodb-filter-injection.dynamodb-filter-injection",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.dynamodb-filter-injection.dynamodb-filter-injection"
               },
-              "fullDescription": {
-                "text": "Found request parameters in a call to `render`. This can allow end users to request arbitrary local files which may result in leaking sensitive information persisted on disk. Where possible, avoid letting users specify template paths for `render`. If you must allow user input, use an allow-list of known templates or normalize the user-supplied value with `File.basename(...)`."
+              "full_description": {
+                "text": "Detected DynamoDB query filter that is tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.dynamodb-filter-injection.dynamodb-filter-injection",
               "help": {
-                "markdown": "Found request parameters in a call to `render`. This can allow end users to request arbitrary local files which may result in leaking sensitive information persisted on disk. Where possible, avoid letting users specify template paths for `render`. If you must allow user input, use an allow-list of known templates or normalize the user-supplied value with `File.basename(...)`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-render-local-file-include.check-render-local-file-include)\n - [https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion](https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion)\n - [https://github.com/presidentbeef/brakeman/blob/f74cb53/test/apps/rails2/app/controllers/home_controller.rb#L48-L60](https://github.com/presidentbeef/brakeman/blob/f74cb53/test/apps/rails2/app/controllers/home_controller.rb#L48-L60)\n",
-                "text": "Found request parameters in a call to `render`. This can allow end users to request arbitrary local files which may result in leaking sensitive information persisted on disk. Where possible, avoid letting users specify template paths for `render`. If you must allow user input, use an allow-list of known templates or normalize the user-supplied value with `File.basename(...)`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected DynamoDB query filter that is tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected DynamoDB query filter that is tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dynamodb-filter-injection.dynamodb-filter-injection)\n - [https://medium.com/appsecengineer/dynamodb-injection-1db99c2454ac](https://medium.com/appsecengineer/dynamodb-injection-1db99c2454ac)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-render-local-file-include.check-render-local-file-include",
-              "id": "ruby.rails.security.brakeman.check-render-local-file-include.check-render-local-file-include",
-              "name": "ruby.rails.security.brakeman.check-render-local-file-include.check-render-local-file-include",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "CWE-943: Improper Neutralization of Special Elements in Data Query Logic",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A01:2017 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-render-local-file-include.check-render-local-file-include"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.xss.ejs.var-in-script-src.var-in-script-src",
+              "name": "javascript.express.security.audit.xss.ejs.var-in-script-src.var-in-script-src",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.ejs.var-in-script-src.var-in-script-src"
               },
-              "fullDescription": {
-                "text": "Detected an AWS load balancer with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `ssl_policy` to `\"ELBSecurityPolicy-TLS13-1-2-2021-06\"`, or include a default action to redirect to HTTPS."
+              "full_description": {
+                "text": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-script-src.var-in-script-src",
               "help": {
-                "markdown": "Detected an AWS load balancer with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `ssl_policy` to `\"ELBSecurityPolicy-TLS13-1-2-2021-06\"`, or include a default action to redirect to HTTPS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.insecure-load-balancer-tls-version.insecure-load-balancer-tls-version)\n - [https://www.ietf.org/rfc/rfc5246.txt](https://www.ietf.org/rfc/rfc5246.txt)\n",
-                "text": "Detected an AWS load balancer with an insecure TLS version. TLS versions less than 1.2 are considered insecure because they can be broken. To fix this, set your `ssl_policy` to `\"ELBSecurityPolicy-TLS13-1-2-2021-06\"`, or include a default action to redirect to HTTPS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-script-src.var-in-script-src)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.insecure-load-balancer-tls-version.insecure-load-balancer-tls-version",
-              "id": "terraform.aws.security.insecure-load-balancer-tls-version.insecure-load-balancer-tls-version",
-              "name": "terraform.aws.security.insecure-load-balancer-tls-version.insecure-load-balancer-tls-version",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.insecure-load-balancer-tls-version.insecure-load-balancer-tls-version"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.blowfish-insufficient-key-size.blowfish-insufficient-key-size",
+              "name": "java.lang.security.audit.blowfish-insufficient-key-size.blowfish-insufficient-key-size",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.blowfish-insufficient-key-size.blowfish-insufficient-key-size"
               },
-              "fullDescription": {
-                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized."
+              "full_description": {
+                "text": "Using less than 128 bits for Blowfish is considered insecure. Use 128 bits or more, or switch to use AES instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.blowfish-insufficient-key-size.blowfish-insufficient-key-size",
               "help": {
-                "markdown": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.dangerous-shell-run.dangerous-shell-run)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using less than 128 bits for Blowfish is considered insecure. Use 128 bits or more, or switch to use AES instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using less than 128 bits for Blowfish is considered insecure. Use 128 bits or more, or switch to use AES instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.blowfish-insufficient-key-size.blowfish-insufficient-key-size)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.dangerous-shell-run.dangerous-shell-run",
-              "id": "scala.lang.security.audit.dangerous-shell-run.dangerous-shell-run",
-              "name": "scala.lang.security.audit.dangerous-shell-run.dangerous-shell-run",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.dangerous-shell-run.dangerous-shell-run"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.injection.reflected-data-httpresponse.reflected-data-httpresponse",
+              "name": "python.django.security.injection.reflected-data-httpresponse.reflected-data-httpresponse",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.reflected-data-httpresponse.reflected-data-httpresponse"
               },
-              "fullDescription": {
-                "text": "Functions reliant on pickle can result in arbitrary code execution. Consider using fickling or switching to a safer serialization method"
+              "full_description": {
+                "text": "Found user-controlled request data passed into HttpResponse. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.reflected-data-httpresponse.reflected-data-httpresponse",
               "help": {
-                "markdown": "Functions reliant on pickle can result in arbitrary code execution. Consider using fickling or switching to a safer serialization method\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.pickles-in-pandas.pickles-in-pandas)\n - [https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/](https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/)\n",
-                "text": "Functions reliant on pickle can result in arbitrary code execution. Consider using fickling or switching to a safer serialization method\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user-controlled request data passed into HttpResponse. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user-controlled request data passed into HttpResponse. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.reflected-data-httpresponse.reflected-data-httpresponse)\n - [https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss](https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.python.pickles-in-pandas.pickles-in-pandas",
-              "id": "trailofbits.python.pickles-in-pandas.pickles-in-pandas",
-              "name": "trailofbits.python.pickles-in-pandas.pickles-in-pandas",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.python.pickles-in-pandas.pickles-in-pandas"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.rails.security.brakeman.check-unscoped-find.check-unscoped-find",
+              "name": "ruby.rails.security.brakeman.check-unscoped-find.check-unscoped-find",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-unscoped-find.check-unscoped-find"
               },
-              "fullDescription": {
-                "text": "Found user-controllable input to a reflection method. This may allow a user to alter program behavior and potentially execute arbitrary instructions in the context of the process. Do not provide arbitrary user input to `tap`, `method`, or `to_proc`"
+              "full_description": {
+                "text": "Found an unscoped `find(...)` with user-controllable input. If the ActiveRecord model being searched against is sensitive, this may lead to Insecure Direct Object Reference (IDOR) behavior and allow users to read arbitrary records. Scope the find to the current user, e.g. `current_user.accounts.find(params[:id])`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-unscoped-find.check-unscoped-find",
               "help": {
-                "markdown": "Found user-controllable input to a reflection method. This may allow a user to alter program behavior and potentially execute arbitrary instructions in the context of the process. Do not provide arbitrary user input to `tap`, `method`, or `to_proc`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-unsafe-reflection-methods.check-unsafe-reflection-methods)\n - [https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails6/app/controllers/groups_controller.rb](https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails6/app/controllers/groups_controller.rb)\n",
-                "text": "Found user-controllable input to a reflection method. This may allow a user to alter program behavior and potentially execute arbitrary instructions in the context of the process. Do not provide arbitrary user input to `tap`, `method`, or `to_proc`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found an unscoped `find(...)` with user-controllable input. If the ActiveRecord model being searched against is sensitive, this may lead to Insecure Direct Object Reference (IDOR) behavior and allow users to read arbitrary records. Scope the find to the current user, e.g. `current_user.accounts.find(params[:id])`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found an unscoped `find(...)` with user-controllable input. If the ActiveRecord model being searched against is sensitive, this may lead to Insecure Direct Object Reference (IDOR) behavior and allow users to read arbitrary records. Scope the find to the current user, e.g. `current_user.accounts.find(params[:id])`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-unscoped-find.check-unscoped-find)\n - [https://brakemanscanner.org/docs/warning_types/unscoped_find/](https://brakemanscanner.org/docs/warning_types/unscoped_find/)\n - [https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails3.1/app/controllers/users_controller.rb](https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails3.1/app/controllers/users_controller.rb)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-unsafe-reflection-methods.check-unsafe-reflection-methods",
-              "id": "ruby.rails.security.brakeman.check-unsafe-reflection-methods.check-unsafe-reflection-methods",
-              "name": "ruby.rails.security.brakeman.check-unsafe-reflection-methods.check-unsafe-reflection-methods",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-639: Authorization Bypass Through User-Controlled Key",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-unsafe-reflection-methods.check-unsafe-reflection-methods"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "bash.lang.security.ifs-tampering.ifs-tampering",
+              "name": "bash.lang.security.ifs-tampering.ifs-tampering",
+              "short_description": {
+                "text": "Semgrep Finding: bash.lang.security.ifs-tampering.ifs-tampering"
               },
-              "fullDescription": {
-                "text": "Detected non-literal calls to Deno.run(). This could lead to a command injection vulnerability."
+              "full_description": {
+                "text": "The special variable IFS affects how splitting takes place when expanding unquoted variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS=\",\" read -a my_array'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/bash.lang.security.ifs-tampering.ifs-tampering",
               "help": {
-                "markdown": "Detected non-literal calls to Deno.run(). This could lead to a command injection vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.deno.security.audit.deno-dangerous-run.deno-dangerous-run)\n - [https://deno.land/manual/examples/subprocess#simple-example](https://deno.land/manual/examples/subprocess#simple-example)\n",
-                "text": "Detected non-literal calls to Deno.run(). This could lead to a command injection vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The special variable IFS affects how splitting takes place when expanding unquoted variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS=\",\" read -a my_array'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The special variable IFS affects how splitting takes place when expanding unquoted variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS=\",\" read -a my_array'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/bash.lang.security.ifs-tampering.ifs-tampering)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.deno.security.audit.deno-dangerous-run.deno-dangerous-run",
-              "id": "javascript.deno.security.audit.deno-dangerous-run.deno-dangerous-run",
-              "name": "javascript.deno.security.audit.deno-dangerous-run.deno-dangerous-run",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-20: Improper Input Validation",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.deno.security.audit.deno-dangerous-run.deno-dangerous-run"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-kms-no-rotation.aws-kms-no-rotation",
+              "name": "terraform.aws.security.aws-kms-no-rotation.aws-kms-no-rotation",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-kms-no-rotation.aws-kms-no-rotation"
               },
-              "fullDescription": {
-                "text": "XML external entities are not explicitly disabled for this XMLInputFactory. This could be vulnerable to XML external entity vulnerabilities. Explicitly disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false."
+              "full_description": {
+                "text": "The AWS KMS has no rotation. Missing rotation can cause leaked key to be used by attackers. To fix this, set a `enable_key_rotation`."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-kms-no-rotation.aws-kms-no-rotation",
               "help": {
-                "markdown": "XML external entities are not explicitly disabled for this XMLInputFactory. This could be vulnerable to XML external entity vulnerabilities. Explicitly disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.xmlinputfactory-possible-xxe.xmlinputfactory-possible-xxe)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://www.blackhat.com/docs/us-15/materials/us-15-Wang-FileCry-The-New-Age-Of-XXE-java-wp.pdf](https://www.blackhat.com/docs/us-15/materials/us-15-Wang-FileCry-The-New-Age-Of-XXE-java-wp.pdf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#xmlinputfactory-a-stax-parser](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#xmlinputfactory-a-stax-parser)\n",
-                "text": "XML external entities are not explicitly disabled for this XMLInputFactory. This could be vulnerable to XML external entity vulnerabilities. Explicitly disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS KMS has no rotation. Missing rotation can cause leaked key to be used by attackers. To fix this, set a `enable_key_rotation`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS KMS has no rotation. Missing rotation can cause leaked key to be used by attackers. To fix this, set a `enable_key_rotation`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-kms-no-rotation.aws-kms-no-rotation)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.xmlinputfactory-possible-xxe.xmlinputfactory-possible-xxe",
-              "id": "java.lang.security.xmlinputfactory-possible-xxe.xmlinputfactory-possible-xxe",
-              "name": "java.lang.security.xmlinputfactory-possible-xxe.xmlinputfactory-possible-xxe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "CWE-326: Inadequate Encryption Strength",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.xmlinputfactory-possible-xxe.xmlinputfactory-possible-xxe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.aws-lambda.security.dangerous-spawn-process.dangerous-spawn-process",
+              "name": "python.aws-lambda.security.dangerous-spawn-process.dangerous-spawn-process",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-spawn-process.dangerous-spawn-process"
               },
-              "fullDescription": {
-                "text": "Executing non-constant commands. This can lead to command injection. You should use `escapeshellarg()` when using command."
+              "full_description": {
+                "text": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Ensure no external data reaches here."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-spawn-process.dangerous-spawn-process",
               "help": {
-                "markdown": "Executing non-constant commands. This can lead to command injection. You should use `escapeshellarg()` when using command.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.tainted-exec.tainted-exec)\n - [https://www.stackhawk.com/blog/php-command-injection/](https://www.stackhawk.com/blog/php-command-injection/)\n - [https://brightsec.com/blog/code-injection-php/](https://brightsec.com/blog/code-injection-php/)\n - [https://www.acunetix.com/websitesecurity/php-security-2/](https://www.acunetix.com/websitesecurity/php-security-2/)\n",
-                "text": "Executing non-constant commands. This can lead to command injection. You should use `escapeshellarg()` when using command.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Ensure no external data reaches here.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Ensure no external data reaches here.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-spawn-process.dangerous-spawn-process)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.tainted-exec.tainted-exec",
-              "id": "php.lang.security.tainted-exec.tainted-exec",
-              "name": "php.lang.security.tainted-exec.tainted-exec",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.tainted-exec.tainted-exec"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.injection.ssrf-requests.ssrf-requests",
+              "name": "python.flask.security.injection.ssrf-requests.ssrf-requests",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.injection.ssrf-requests.ssrf-requests"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `phantom` page methods it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.injection.ssrf-requests.ssrf-requests",
               "help": {
-                "markdown": "If unverified user data can reach the `phantom` page methods it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.phantom.security.audit.phantom-injection.phantom-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `phantom` page methods it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.ssrf-requests.ssrf-requests)\n - [https://owasp.org/www-community/attacks/Server_Side_Request_Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.phantom.security.audit.phantom-injection.phantom-injection",
-              "id": "javascript.phantom.security.audit.phantom-injection.phantom-injection",
-              "name": "javascript.phantom.security.audit.phantom-injection.phantom-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.phantom.security.audit.phantom-injection.phantom-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.xss.no-fprintf-to-responsewriter.no-fprintf-to-responsewriter",
+              "name": "go.lang.security.audit.xss.no-fprintf-to-responsewriter.no-fprintf-to-responsewriter",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.xss.no-fprintf-to-responsewriter.no-fprintf-to-responsewriter"
               },
-              "fullDescription": {
-                "text": "The AWS RDS has no retention. Missing retention can cause losing important event information. To fix this, set a `backup_retention_period`."
+              "full_description": {
+                "text": "Detected 'Fprintf' or similar writing to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-fprintf-to-responsewriter.no-fprintf-to-responsewriter",
               "help": {
-                "markdown": "The AWS RDS has no retention. Missing retention can cause losing important event information. To fix this, set a `backup_retention_period`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-rds-backup-no-retention.aws-rds-backup-no-retention)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS RDS has no retention. Missing retention can cause losing important event information. To fix this, set a `backup_retention_period`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected 'Fprintf' or similar writing to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected 'Fprintf' or similar writing to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-fprintf-to-responsewriter.no-fprintf-to-responsewriter)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-rds-backup-no-retention.aws-rds-backup-no-retention",
-              "id": "terraform.aws.security.aws-rds-backup-no-retention.aws-rds-backup-no-retention",
-              "name": "terraform.aws.security.aws-rds-backup-no-retention.aws-rds-backup-no-retention",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-rds-backup-no-retention.aws-rds-backup-no-retention"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.res-render-injection.res-render-injection",
+              "name": "javascript.express.security.audit.res-render-injection.res-render-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.res-render-injection.res-render-injection"
               },
-              "fullDescription": {
-                "text": "Ensure all Elasticsearch has node-to-node encryption enabled.\t"
+              "full_description": {
+                "text": "User controllable data `$REQ` enters `$RES.render(...)` this can lead to the loading of other HTML/templating pages that they may not be authorized to render. An attacker may attempt to use directory traversal techniques e.g. `../folder/index` to access other HTML pages on the file system. Where possible, do not allow users to define what should be  loaded in $RES.render or use an allow list for the existing application."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.res-render-injection.res-render-injection",
               "help": {
-                "markdown": "Ensure all Elasticsearch has node-to-node encryption enabled.\t\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-elasticsearch-nodetonode-encryption.aws-elasticsearch-nodetonode-encryption-not-enabled)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure all Elasticsearch has node-to-node encryption enabled.\t\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User controllable data `$REQ` enters `$RES.render(...)` this can lead to the loading of other HTML/templating pages that they may not be authorized to render. An attacker may attempt to use directory traversal techniques e.g. `../folder/index` to access other HTML pages on the file system. Where possible, do not allow users to define what should be  loaded in $RES.render or use an allow list for the existing application.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User controllable data `$REQ` enters `$RES.render(...)` this can lead to the loading of other HTML/templating pages that they may not be authorized to render. An attacker may attempt to use directory traversal techniques e.g. `../folder/index` to access other HTML pages on the file system. Where possible, do not allow users to define what should be  loaded in $RES.render or use an allow list for the existing application.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.res-render-injection.res-render-injection)\n - [http://expressjs.com/en/4x/api.html#res.render](http://expressjs.com/en/4x/api.html#res.render)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-elasticsearch-nodetonode-encryption.aws-elasticsearch-nodetonode-encryption-not-enabled",
-              "id": "terraform.aws.security.aws-elasticsearch-nodetonode-encryption.aws-elasticsearch-nodetonode-encryption-not-enabled",
-              "name": "terraform.aws.security.aws-elasticsearch-nodetonode-encryption.aws-elasticsearch-nodetonode-encryption-not-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-706: Use of Incorrectly-Resolved Name or Reference",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-elasticsearch-nodetonode-encryption.aws-elasticsearch-nodetonode-encryption-not-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.xss.avoid-link-to.avoid-link-to",
+              "name": "ruby.rails.security.audit.xss.avoid-link-to.avoid-link-to",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-link-to.avoid-link-to"
               },
-              "fullDescription": {
-                "text": "Detected non-static command inside `...`. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              "full_description": {
+                "text": "This code includes user input in `link_to`. In Rails 2.x, the body of `link_to` is not escaped. This means that user input which reaches the body will be executed when the HTML is rendered. Even in other versions, values starting with `javascript:` or `data:` are not escaped. It is better to create and use a safer function which checks the body argument."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-link-to.avoid-link-to",
               "help": {
-                "markdown": "Detected non-static command inside `...`. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.dangerous-subshell.dangerous-subshell)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected non-static command inside `...`. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "This code includes user input in `link_to`. In Rails 2.x, the body of `link_to` is not escaped. This means that user input which reaches the body will be executed when the HTML is rendered. Even in other versions, values starting with `javascript:` or `data:` are not escaped. It is better to create and use a safer function which checks the body argument.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This code includes user input in `link_to`. In Rails 2.x, the body of `link_to` is not escaped. This means that user input which reaches the body will be executed when the HTML is rendered. Even in other versions, values starting with `javascript:` or `data:` are not escaped. It is better to create and use a safer function which checks the body argument.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-link-to.avoid-link-to)\n - [https://brakemanscanner.org/docs/warning_types/link_to/](https://brakemanscanner.org/docs/warning_types/link_to/)\n - [https://brakemanscanner.org/docs/warning_types/link_to_href/](https://brakemanscanner.org/docs/warning_types/link_to_href/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.dangerous-subshell.dangerous-subshell",
-              "id": "ruby.lang.security.dangerous-subshell.dangerous-subshell",
-              "name": "ruby.lang.security.dangerous-subshell.dangerous-subshell",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.dangerous-subshell.dangerous-subshell"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.xss.mustache.explicit-unescape.template-explicit-unescape",
+              "name": "javascript.express.security.audit.xss.mustache.explicit-unescape.template-explicit-unescape",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.mustache.explicit-unescape.template-explicit-unescape"
               },
-              "fullDescription": {
-                "text": "Detected an explicit unescape in a Pug template, using either '!=' or '!{...}'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location."
+              "full_description": {
+                "text": "Detected an explicit unescape in a Mustache template, using triple braces '{{{...}}}' or ampersand '&'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.explicit-unescape.template-explicit-unescape",
               "help": {
-                "markdown": "Detected an explicit unescape in a Pug template, using either '!=' or '!{...}'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape)\n - [https://pugjs.org/language/code.html#unescaped-buffered-code](https://pugjs.org/language/code.html#unescaped-buffered-code)\n - [https://pugjs.org/language/attributes.html#unescaped-attributes](https://pugjs.org/language/attributes.html#unescaped-attributes)\n",
-                "text": "Detected an explicit unescape in a Pug template, using either '!=' or '!{...}'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an explicit unescape in a Mustache template, using triple braces '{{{...}}}' or ampersand '&'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an explicit unescape in a Mustache template, using triple braces '{{{...}}}' or ampersand '&'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.explicit-unescape.template-explicit-unescape)\n - [https://github.com/janl/mustache.js/#variables](https://github.com/janl/mustache.js/#variables)\n - [https://ractive.js.org/v0.x/0.7/mustaches#variables](https://ractive.js.org/v0.x/0.7/mustaches#variables)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape",
-              "id": "javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape",
-              "name": "javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -14864,3524 +15694,3587 @@
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "kotlin.lang.security.no-null-cipher.no-null-cipher",
+              "name": "kotlin.lang.security.no-null-cipher.no-null-cipher",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.no-null-cipher.no-null-cipher"
               },
-              "fullDescription": {
-                "text": "JMS Object messages depend on Java Serialization for marshalling/unmarshalling of the message payload when ObjectMessage.getObject() is called. Deserialization of untrusted data can lead to security flaws; a remote attacker could via a crafted JMS ObjectMessage to execute arbitrary code with the permissions of the application listening/consuming JMS Messages. In this case, the JMS MessageListener consume an ObjectMessage type received inside the onMessage method, which may lead to arbitrary code execution when calling the $Y.getObject method."
+              "full_description": {
+                "text": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.no-null-cipher.no-null-cipher",
               "help": {
-                "markdown": "JMS Object messages depend on Java Serialization for marshalling/unmarshalling of the message payload when ObjectMessage.getObject() is called. Deserialization of untrusted data can lead to security flaws; a remote attacker could via a crafted JMS ObjectMessage to execute arbitrary code with the permissions of the application listening/consuming JMS Messages. In this case, the JMS MessageListener consume an ObjectMessage type received inside the onMessage method, which may lead to arbitrary code execution when calling the $Y.getObject method.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.insecure-jms-deserialization.insecure-jms-deserialization)\n - [https://www.blackhat.com/docs/us-16/materials/us-16-Kaiser-Pwning-Your-Java-Messaging-With-Deserialization-Vulnerabilities-wp.pdf](https://www.blackhat.com/docs/us-16/materials/us-16-Kaiser-Pwning-Your-Java-Messaging-With-Deserialization-Vulnerabilities-wp.pdf)\n",
-                "text": "JMS Object messages depend on Java Serialization for marshalling/unmarshalling of the message payload when ObjectMessage.getObject() is called. Deserialization of untrusted data can lead to security flaws; a remote attacker could via a crafted JMS ObjectMessage to execute arbitrary code with the permissions of the application listening/consuming JMS Messages. In this case, the JMS MessageListener consume an ObjectMessage type received inside the onMessage method, which may lead to arbitrary code execution when calling the $Y.getObject method.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.no-null-cipher.no-null-cipher)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.insecure-jms-deserialization.insecure-jms-deserialization",
-              "id": "java.lang.security.insecure-jms-deserialization.insecure-jms-deserialization",
-              "name": "java.lang.security.insecure-jms-deserialization.insecure-jms-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.insecure-jms-deserialization.insecure-jms-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.brakeman.check-sql.check-sql",
+              "name": "ruby.rails.security.brakeman.check-sql.check-sql",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-sql.check-sql"
               },
-              "fullDescription": {
-                "text": "The marshal module is not intended to be secure against erroneous or maliciously constructed data. Never unmarshal data received from an untrusted or unauthenticated source. See more details: https://docs.python.org/3/library/marshal.html?highlight=security"
+              "full_description": {
+                "text": "Found potential SQL injection due to unsafe SQL query construction via $X. Where possible, prefer parameterized queries."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-sql.check-sql",
               "help": {
-                "markdown": "The marshal module is not intended to be secure against erroneous or maliciously constructed data. Never unmarshal data received from an untrusted or unauthenticated source. See more details: https://docs.python.org/3/library/marshal.html?highlight=security\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.marshal.marshal-usage)\n - [https://docs.python.org/3/library/marshal.html?highlight=security](https://docs.python.org/3/library/marshal.html?highlight=security)\n",
-                "text": "The marshal module is not intended to be secure against erroneous or maliciously constructed data. Never unmarshal data received from an untrusted or unauthenticated source. See more details: https://docs.python.org/3/library/marshal.html?highlight=security\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found potential SQL injection due to unsafe SQL query construction via $X. Where possible, prefer parameterized queries.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found potential SQL injection due to unsafe SQL query construction via $X. Where possible, prefer parameterized queries.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-sql.check-sql)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n - [https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails3.1/app/models/product.rb](https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails3.1/app/models/product.rb)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.marshal.marshal-usage",
-              "id": "python.lang.security.audit.marshal.marshal-usage",
-              "name": "python.lang.security.audit.marshal.marshal-usage",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.marshal.marshal-usage"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader."
-              },
-              "help": {
-                "markdown": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-textiowrapper)\n",
-                "text": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "id": "python.django.security.injection.code.user-exec.user-exec",
+              "name": "python.django.security.injection.code.user-exec.user-exec",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.code.user-exec.user-exec"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-textiowrapper",
-              "id": "python.lang.compatibility.python37.python37-compatibility-textiowrapper",
-              "name": "python.lang.compatibility.python37.python37-compatibility-textiowrapper",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
+              "full_description": {
+                "text": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need."
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-textiowrapper"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "<- A new object is created where the class name is based on user input. This could lead to remote code execution, as it allows to instantiate any class in the application."
-              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.code.user-exec.user-exec",
               "help": {
-                "markdown": "<- A new object is created where the class name is based on user input. This could lead to remote code execution, as it allows to instantiate any class in the application.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.injection.tainted-object-instantiation.tainted-object-instantiation)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "<- A new object is created where the class name is based on user input. This could lead to remote code execution, as it allows to instantiate any class in the application.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.code.user-exec.user-exec)\n - [https://owasp.org/www-community/attacks/Code_Injection](https://owasp.org/www-community/attacks/Code_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.injection.tainted-object-instantiation.tainted-object-instantiation",
-              "id": "php.lang.security.injection.tainted-object-instantiation.tainted-object-instantiation",
-              "name": "php.lang.security.injection.tainted-object-instantiation.tainted-object-instantiation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.injection.tainted-object-instantiation.tainted-object-instantiation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-amazon-mws-auth-token.detected-amazon-mws-auth-token",
+              "name": "generic.secrets.security.detected-amazon-mws-auth-token.detected-amazon-mws-auth-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-amazon-mws-auth-token.detected-amazon-mws-auth-token"
               },
-              "fullDescription": {
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `bcrypt` node.js package."
+              "full_description": {
+                "text": "Amazon MWS Auth Token detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-amazon-mws-auth-token.detected-amazon-mws-auth-token",
               "help": {
-                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `bcrypt` node.js package.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html](https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html)\n - [https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n - [https://www.npmjs.com/package/bcrypt](https://www.npmjs.com/package/bcrypt)\n",
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `bcrypt` node.js package.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Amazon MWS Auth Token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Amazon MWS Auth Token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-amazon-mws-auth-token.detected-amazon-mws-auth-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.md5-used-as-password.md5-used-as-password",
-              "id": "javascript.lang.security.audit.md5-used-as-password.md5-used-as-password",
-              "name": "javascript.lang.security.audit.md5-used-as-password.md5-used-as-password",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.md5-used-as-password.md5-used-as-password"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.flask.security.audit.render-template-string.render-template-string",
+              "name": "python.flask.security.audit.render-template-string.render-template-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.render-template-string.render-template-string"
               },
-              "fullDescription": {
-                "text": "linux shadow file detected"
+              "full_description": {
+                "text": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.render-template-string.render-template-string",
               "help": {
-                "markdown": "linux shadow file detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-etc-shadow.detected-etc-shadow)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "linux shadow file detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.render-template-string.render-template-string)\n - [https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html](https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-etc-shadow.detected-etc-shadow",
-              "id": "generic.secrets.security.detected-etc-shadow.detected-etc-shadow",
-              "name": "generic.secrets.security.detected-etc-shadow.detected-etc-shadow",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-etc-shadow.detected-etc-shadow"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.jwt.security.audit.jwt-exposed-data.jwt-python-exposed-data",
+              "name": "python.jwt.security.audit.jwt-exposed-data.jwt-python-exposed-data",
+              "short_description": {
+                "text": "Semgrep Finding: python.jwt.security.audit.jwt-exposed-data.jwt-python-exposed-data"
               },
-              "fullDescription": {
-                "text": "Mass assignment protection disabled for '$MODEL'. This could permit assignment to sensitive model fields without intention. Instead, use 'attr_accessible' for the model or disable mass assigment using 'config.active_record.whitelist_attributes = true'. ':without_protection => true' must be removed for this to take effect."
+              "full_description": {
+                "text": "The object is passed strictly to jwt.encode(...) Make sure that sensitive information is not exposed through JWT token payload."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.jwt.security.audit.jwt-exposed-data.jwt-python-exposed-data",
               "help": {
-                "markdown": "Mass assignment protection disabled for '$MODEL'. This could permit assignment to sensitive model fields without intention. Instead, use 'attr_accessible' for the model or disable mass assigment using 'config.active_record.whitelist_attributes = true'. ':without_protection => true' must be removed for this to take effect.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.mass-assignment-protection-disabled.mass-assignment-protection-disabled)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n",
-                "text": "Mass assignment protection disabled for '$MODEL'. This could permit assignment to sensitive model fields without intention. Instead, use 'attr_accessible' for the model or disable mass assigment using 'config.active_record.whitelist_attributes = true'. ':without_protection => true' must be removed for this to take effect.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The object is passed strictly to jwt.encode(...) Make sure that sensitive information is not exposed through JWT token payload.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The object is passed strictly to jwt.encode(...) Make sure that sensitive information is not exposed through JWT token payload.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.jwt.security.audit.jwt-exposed-data.jwt-python-exposed-data)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.mass-assignment-protection-disabled.mass-assignment-protection-disabled",
-              "id": "ruby.lang.security.mass-assignment-protection-disabled.mass-assignment-protection-disabled",
-              "name": "ruby.lang.security.mass-assignment-protection-disabled.mass-assignment-protection-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "CWE-522: Insufficiently Protected Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.mass-assignment-protection-disabled.mass-assignment-protection-disabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-facebook-oauth.detected-facebook-oauth",
+              "name": "generic.secrets.security.detected-facebook-oauth.detected-facebook-oauth",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-facebook-oauth.detected-facebook-oauth"
               },
-              "fullDescription": {
-                "text": "Webviews were observed that explictly allow JavaScript in an WKWebview to open windows automatically. Consider disabling this functionality if not required, following the principle of least privelege."
+              "full_description": {
+                "text": "Facebook OAuth detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-facebook-oauth.detected-facebook-oauth",
               "help": {
-                "markdown": "Webviews were observed that explictly allow JavaScript in an WKWebview to open windows automatically. Consider disabling this functionality if not required, following the principle of least privelege.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/swift.webview.webview-js-window.swift-webview-config-allows-js-open-windows)\n - [https://mas.owasp.org/MASVS/controls/MASVS-PLATFORM-2/](https://mas.owasp.org/MASVS/controls/MASVS-PLATFORM-2/)\n - [https://developer.apple.com/documentation/webkit/wkpreferences/1536573-javascriptcanopenwindowsautomati](https://developer.apple.com/documentation/webkit/wkpreferences/1536573-javascriptcanopenwindowsautomati)\n",
-                "text": "Webviews were observed that explictly allow JavaScript in an WKWebview to open windows automatically. Consider disabling this functionality if not required, following the principle of least privelege.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Facebook OAuth detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Facebook OAuth detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-facebook-oauth.detected-facebook-oauth)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/swift.webview.webview-js-window.swift-webview-config-allows-js-open-windows",
-              "id": "swift.webview.webview-js-window.swift-webview-config-allows-js-open-windows",
-              "name": "swift.webview.webview-js-window.swift-webview-config-allows-js-open-windows",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-272: Least Privilege Violation",
-                  "HIGH CONFIDENCE",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: swift.webview.webview-js-window.swift-webview-config-allows-js-open-windows"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-private-key.detected-private-key",
+              "name": "generic.secrets.security.detected-private-key.detected-private-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-private-key.detected-private-key"
               },
-              "fullDescription": {
-                "text": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Options struct."
+              "full_description": {
+                "text": "Private Key detected. This is a sensitive credential and should not be hardcoded here. Instead, store this in a separate, private file."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-private-key.detected-private-key",
               "help": {
-                "markdown": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Options struct.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.gorilla.security.audit.session-cookie-missing-httponly.session-cookie-missing-httponly)\n - [https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/user/session/session.go#L69](https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/user/session/session.go#L69)\n",
-                "text": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Options struct.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Private Key detected. This is a sensitive credential and should not be hardcoded here. Instead, store this in a separate, private file.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Private Key detected. This is a sensitive credential and should not be hardcoded here. Instead, store this in a separate, private file.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-private-key.detected-private-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.gorilla.security.audit.session-cookie-missing-httponly.session-cookie-missing-httponly",
-              "id": "go.gorilla.security.audit.session-cookie-missing-httponly.session-cookie-missing-httponly",
-              "name": "go.gorilla.security.audit.session-cookie-missing-httponly.session-cookie-missing-httponly",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.gorilla.security.audit.session-cookie-missing-httponly.session-cookie-missing-httponly"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.secrets.security.detected-facebook-access-token.detected-facebook-access-token",
+              "name": "generic.secrets.security.detected-facebook-access-token.detected-facebook-access-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-facebook-access-token.detected-facebook-access-token"
               },
-              "fullDescription": {
-                "text": "Allowing user input to `send_file` allows a malicious user to potentially read arbitrary files from the server. Avoid accepting user input in `send_file` or normalize with `File.basename(...)`"
+              "full_description": {
+                "text": "Facebook Access Token detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-facebook-access-token.detected-facebook-access-token",
               "help": {
-                "markdown": "Allowing user input to `send_file` allows a malicious user to potentially read arbitrary files from the server. Avoid accepting user input in `send_file` or normalize with `File.basename(...)`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-send-file.check-send-file)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control/](https://owasp.org/Top10/A01_2021-Broken_Access_Control/)\n",
-                "text": "Allowing user input to `send_file` allows a malicious user to potentially read arbitrary files from the server. Avoid accepting user input in `send_file` or normalize with `File.basename(...)`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Facebook Access Token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Facebook Access Token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-facebook-access-token.detected-facebook-access-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-send-file.check-send-file",
-              "id": "ruby.rails.security.brakeman.check-send-file.check-send-file",
-              "name": "ruby.rails.security.brakeman.check-send-file.check-send-file",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-73: External Control of File Name or Path",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-send-file.check-send-file"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
+              "name": "java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated"
               },
-              "fullDescription": {
-                "text": "Insecure transport rules to catch socket connections to http, telnet, and ftp servers. This is dangerous because these are protocols that do not encrypt traffic."
+              "full_description": {
+                "text": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use HttpClientBuilder instead."
               },
-              "help": {
-                "markdown": "Insecure transport rules to catch socket connections to http, telnet, and ftp servers. This is dangerous because these are protocols that do not encrypt traffic.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.socket-request.socket-request)\n - [https://docs.oracle.com/javase/8/docs/api/java/net/Socket.html](https://docs.oracle.com/javase/8/docs/api/java/net/Socket.html)\n",
-                "text": "Insecure transport rules to catch socket connections to http, telnet, and ftp servers. This is dangerous because these are protocols that do not encrypt traffic.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
+              "help": {
+                "text": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use HttpClientBuilder instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use HttpClientBuilder instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.socket-request.socket-request",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.socket-request.socket-request",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.socket-request.socket-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-326: Inadequate Encryption Strength",
                   "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.socket-request.socket-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.net.unescaped-data-in-url.unescaped-data-in-url",
+              "name": "go.lang.security.audit.net.unescaped-data-in-url.unescaped-data-in-url",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.unescaped-data-in-url.unescaped-data-in-url"
               },
-              "fullDescription": {
-                "text": "Untrusted user input in {url: ...} can result in Open Redirect vulnerability."
+              "full_description": {
+                "text": "Found a formatted template string passed to 'template.URL()'. 'template.URL()' does not escape contents, and this could result in XSS (cross-site scripting) and therefore confidential data being stolen. Sanitize data coming into this function or make sure that no user-controlled input is coming into the function."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-url.unescaped-data-in-url",
               "help": {
-                "markdown": "Untrusted user input in {url: ...} can result in Open Redirect vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Untrusted user input in {url: ...} can result in Open Redirect vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found a formatted template string passed to 'template.URL()'. 'template.URL()' does not escape contents, and this could result in XSS (cross-site scripting) and therefore confidential data being stolen. Sanitize data coming into this function or make sure that no user-controlled input is coming into the function.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a formatted template string passed to 'template.URL()'. 'template.URL()' does not escape contents, and this could result in XSS (cross-site scripting) and therefore confidential data being stolen. Sanitize data coming into this function or make sure that no user-controlled input is coming into the function.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-url.unescaped-data-in-url)\n - [https://golang.org/pkg/html/template/#URL](https://golang.org/pkg/html/template/#URL)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect",
-              "id": "typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect",
-              "name": "typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.unsanitized-input.response-contains-unsanitized-input",
+              "name": "python.flask.security.unsanitized-input.response-contains-unsanitized-input",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.unsanitized-input.response-contains-unsanitized-input"
               },
-              "fullDescription": {
-                "text": "If an attacker can supply values that the application then uses to determine which method or field to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner."
+              "full_description": {
+                "text": "Flask response reflects unsanitized user input. This could lead to a cross-site scripting vulnerability (https://owasp.org/www-community/attacks/xss/) in which an attacker causes arbitrary code to be executed in the user's browser. To prevent, please sanitize the user input, e.g. by rendering the response in a Jinja2 template (see considerations in https://flask.palletsprojects.com/en/1.0.x/security/)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.unsanitized-input.response-contains-unsanitized-input",
               "help": {
-                "markdown": "If an attacker can supply values that the application then uses to determine which method or field to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.unsafe-reflect-by-name.unsafe-reflect-by-name)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "If an attacker can supply values that the application then uses to determine which method or field to invoke, the potential exists for the attacker to create control flow paths through the application that were not intended by the application developers. This attack vector may allow the attacker to bypass authentication or access control checks or otherwise cause the application to behave in an unexpected manner.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Flask response reflects unsanitized user input. This could lead to a cross-site scripting vulnerability (https://owasp.org/www-community/attacks/xss/) in which an attacker causes arbitrary code to be executed in the user's browser. To prevent, please sanitize the user input, e.g. by rendering the response in a Jinja2 template (see considerations in https://flask.palletsprojects.com/en/1.0.x/security/).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Flask response reflects unsanitized user input. This could lead to a cross-site scripting vulnerability (https://owasp.org/www-community/attacks/xss/) in which an attacker causes arbitrary code to be executed in the user's browser. To prevent, please sanitize the user input, e.g. by rendering the response in a Jinja2 template (see considerations in https://flask.palletsprojects.com/en/1.0.x/security/).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.unsanitized-input.response-contains-unsanitized-input)\n - [https://flask.palletsprojects.com/en/1.0.x/security/](https://flask.palletsprojects.com/en/1.0.x/security/)\n - [https://owasp.org/www-community/attacks/xss/](https://owasp.org/www-community/attacks/xss/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.unsafe-reflect-by-name.unsafe-reflect-by-name",
-              "id": "go.lang.security.audit.unsafe-reflect-by-name.unsafe-reflect-by-name",
-              "name": "go.lang.security.audit.unsafe-reflect-by-name.unsafe-reflect-by-name",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.unsafe-reflect-by-name.unsafe-reflect-by-name"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve.insecure-urlopener-retrieve",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve.insecure-urlopener-retrieve",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve.insecure-urlopener-retrieve"
               },
-              "fullDescription": {
-                "text": "User data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list."
+              "full_description": {
+                "text": "Detected an unsecured transmission channel. 'URLopener.retrieve(...)' is being used with 'http://'. Use 'https://' instead to secure the channel."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve.insecure-urlopener-retrieve",
               "help": {
-                "markdown": "User data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.os-system-injection.os-system-injection)\n - [https://owasp.org/www-community/attacks/Command_Injection](https://owasp.org/www-community/attacks/Command_Injection)\n",
-                "text": "User data detected in os.system. This could be vulnerable to a command injection and should be avoided. If this must be done, use the 'subprocess' module instead and pass the arguments as a list.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an unsecured transmission channel. 'URLopener.retrieve(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an unsecured transmission channel. 'URLopener.retrieve(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve.insecure-urlopener-retrieve)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.retrieve](https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.retrieve)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.injection.os-system-injection.os-system-injection",
-              "id": "python.flask.security.injection.os-system-injection.os-system-injection",
-              "name": "python.flask.security.injection.os-system-injection.os-system-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.injection.os-system-injection.os-system-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "typescript.react.security.audit.react-jwt-decoded-property.react-jwt-decoded-property",
+              "name": "typescript.react.security.audit.react-jwt-decoded-property.react-jwt-decoded-property",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.react.security.audit.react-jwt-decoded-property.react-jwt-decoded-property"
               },
-              "fullDescription": {
-                "text": "Allowing spawning arbitrary programs or running shell processes with arbitrary arguments may end up in a command injection vulnerability. Try to avoid non-literal values for the command string. If it is not possible, then do not let running arbitrary commands, use a white list for inputs."
+              "full_description": {
+                "text": "Property decoded from JWT token without verifying and cannot be trustworthy."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
+              },
+              "help_uri": "https://semgrep.dev/r/typescript.react.security.audit.react-jwt-decoded-property.react-jwt-decoded-property",
               "help": {
-                "markdown": "Allowing spawning arbitrary programs or running shell processes with arbitrary arguments may end up in a command injection vulnerability. Try to avoid non-literal values for the command string. If it is not possible, then do not let running arbitrary commands, use a white list for inputs.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.detect-child-process.detect-child-process)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Allowing spawning arbitrary programs or running shell processes with arbitrary arguments may end up in a command injection vulnerability. Try to avoid non-literal values for the command string. If it is not possible, then do not let running arbitrary commands, use a white list for inputs.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Property decoded from JWT token without verifying and cannot be trustworthy.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Property decoded from JWT token without verifying and cannot be trustworthy.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.audit.react-jwt-decoded-property.react-jwt-decoded-property)\n - [https://pragmaticwebsecurity.com/articles/oauthoidc/localstorage-xss.html](https://pragmaticwebsecurity.com/articles/oauthoidc/localstorage-xss.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.detect-child-process.detect-child-process",
-              "id": "javascript.aws-lambda.security.detect-child-process.detect-child-process",
-              "name": "javascript.aws-lambda.security.detect-child-process.detect-child-process",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-922: Insecure Storage of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.detect-child-process.detect-child-process"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "trailofbits.go.string-to-int-signedness-cast.string-to-int-signedness-cast",
+              "name": "trailofbits.go.string-to-int-signedness-cast.string-to-int-signedness-cast",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.string-to-int-signedness-cast.string-to-int-signedness-cast"
               },
-              "fullDescription": {
-                "text": "Detected non-static script inside otto VM. Audit the input to 'VM.Run'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              "full_description": {
+                "text": "Downcasting or changing sign of an integer with `$CAST_METHOD` method"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.string-to-int-signedness-cast.string-to-int-signedness-cast",
               "help": {
-                "markdown": "Detected non-static script inside otto VM. Audit the input to 'VM.Run'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.otto.security.audit.dangerous-execution.dangerous-execution)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected non-static script inside otto VM. Audit the input to 'VM.Run'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Downcasting or changing sign of an integer with `$CAST_METHOD` method\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Downcasting or changing sign of an integer with `$CAST_METHOD` method\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.string-to-int-signedness-cast.string-to-int-signedness-cast)\n - [https://github.com/golang/go/issues/30209](https://github.com/golang/go/issues/30209)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.otto.security.audit.dangerous-execution.dangerous-execution",
-              "id": "go.otto.security.audit.dangerous-execution.dangerous-execution",
-              "name": "go.otto.security.audit.dangerous-execution.dangerous-execution",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-681: Incorrect Conversion between Numeric Types",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.otto.security.audit.dangerous-execution.dangerous-execution"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.razor.security.html-raw-json.html-raw-json",
+              "name": "csharp.razor.security.html-raw-json.html-raw-json",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.razor.security.html-raw-json.html-raw-json"
               },
-              "fullDescription": {
-                "text": "Checks for redefinitions of functions that check TLS/SSL certificate verification. This can lead to vulnerabilities, as simple errors in the code can result in lack of proper certificate validation. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks."
+              "full_description": {
+                "text": "Unencoded JSON in HTML context is vulnerable to cross-site scripting, because `</script>` is not properly encoded."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/csharp.razor.security.html-raw-json.html-raw-json",
               "help": {
-                "markdown": "Checks for redefinitions of functions that check TLS/SSL certificate verification. This can lead to vulnerabilities, as simple errors in the code can result in lack of proper certificate validation. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.bypass-tls-verification.bypass-tls-verification)\n - [https://stackoverflow.com/questions/4072585/disabling-ssl-certificate-validation-in-spring-resttemplate](https://stackoverflow.com/questions/4072585/disabling-ssl-certificate-validation-in-spring-resttemplate)\n - [https://stackoverflow.com/questions/35530558/how-to-fix-unsafe-implementation-of-x509trustmanager-in-android-app?rq=1](https://stackoverflow.com/questions/35530558/how-to-fix-unsafe-implementation-of-x509trustmanager-in-android-app?rq=1)\n",
-                "text": "Checks for redefinitions of functions that check TLS/SSL certificate verification. This can lead to vulnerabilities, as simple errors in the code can result in lack of proper certificate validation. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Unencoded JSON in HTML context is vulnerable to cross-site scripting, because `</script>` is not properly encoded.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Unencoded JSON in HTML context is vulnerable to cross-site scripting, because `</script>` is not properly encoded.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.razor.security.html-raw-json.html-raw-json)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.bypass-tls-verification.bypass-tls-verification",
-              "id": "problem-based-packs.insecure-transport.java-spring.bypass-tls-verification.bypass-tls-verification",
-              "name": "problem-based-packs.insecure-transport.java-spring.bypass-tls-verification.bypass-tls-verification",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-spring.bypass-tls-verification.bypass-tls-verification"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.java-jwt.security.jwt-hardcode.java-jwt-hardcoded-secret",
+              "name": "java.java-jwt.security.jwt-hardcode.java-jwt-hardcoded-secret",
+              "short_description": {
+                "text": "Semgrep Finding: java.java-jwt.security.jwt-hardcode.java-jwt-hardcoded-secret"
               },
-              "fullDescription": {
-                "text": "Detected JWT token decoded with 'verify=False'. This bypasses any integrity checks for the token which means the token could be tampered with by malicious actors. Ensure that the JWT token is verified."
+              "full_description": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.java-jwt.security.jwt-hardcode.java-jwt-hardcoded-secret",
               "help": {
-                "markdown": "Detected JWT token decoded with 'verify=False'. This bypasses any integrity checks for the token which means the token could be tampered with by malicious actors. Ensure that the JWT token is verified.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.jwt.security.unverified-jwt-decode.unverified-jwt-decode)\n - [https://github.com/we45/Vulnerable-Flask-App/blob/752ee16087c0bfb79073f68802d907569a1f0df7/app/app.py#L96](https://github.com/we45/Vulnerable-Flask-App/blob/752ee16087c0bfb79073f68802d907569a1f0df7/app/app.py#L96)\n",
-                "text": "Detected JWT token decoded with 'verify=False'. This bypasses any integrity checks for the token which means the token could be tampered with by malicious actors. Ensure that the JWT token is verified.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.java-jwt.security.jwt-hardcode.java-jwt-hardcoded-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.jwt.security.unverified-jwt-decode.unverified-jwt-decode",
-              "id": "python.jwt.security.unverified-jwt-decode.unverified-jwt-decode",
-              "name": "python.jwt.security.unverified-jwt-decode.unverified-jwt-decode",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-287: Improper Authentication",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "HIGH CONFIDENCE",
                   "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.jwt.security.unverified-jwt-decode.unverified-jwt-decode"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.cryptography.security.insecure-cipher-algorithms-blowfish.insecure-cipher-algorithm-blowfish",
+              "name": "python.cryptography.security.insecure-cipher-algorithms-blowfish.insecure-cipher-algorithm-blowfish",
+              "short_description": {
+                "text": "Semgrep Finding: python.cryptography.security.insecure-cipher-algorithms-blowfish.insecure-cipher-algorithm-blowfish"
               },
-              "fullDescription": {
-                "text": "this function is only available on Python 3.6+"
+              "full_description": {
+                "text": "Blowfish is a block cipher developed by Bruce Schneier. It is known to be susceptible to attacks when using weak keys.  The author has recommended that users of Blowfish move to newer algorithms such as AES. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms-blowfish.insecure-cipher-algorithm-blowfish",
               "help": {
-                "markdown": "this function is only available on Python 3.6+\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-ssl)\n",
-                "text": "this function is only available on Python 3.6+\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Blowfish is a block cipher developed by Bruce Schneier. It is known to be susceptible to attacks when using weak keys.  The author has recommended that users of Blowfish move to newer algorithms such as AES. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Blowfish is a block cipher developed by Bruce Schneier. It is known to be susceptible to attacks when using weak keys.  The author has recommended that users of Blowfish move to newer algorithms such as AES. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms-blowfish.insecure-cipher-algorithm-blowfish)\n - [https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#weak-ciphers](https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#weak-ciphers)\n - [https://tools.ietf.org/html/rfc5469](https://tools.ietf.org/html/rfc5469)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-ssl",
-              "id": "python.lang.compatibility.python36.python36-compatibility-ssl",
-              "name": "python.lang.compatibility.python36.python36-compatibility-ssl",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python36.python36-compatibility-ssl"
+                "tags": [
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.cryptography.security.insufficient-ec-key-size.insufficient-ec-key-size",
+              "name": "python.cryptography.security.insufficient-ec-key-size.insufficient-ec-key-size",
+              "short_description": {
+                "text": "Semgrep Finding: python.cryptography.security.insufficient-ec-key-size.insufficient-ec-key-size"
               },
-              "fullDescription": {
-                "text": "Unsafe functions do not perform boundary checks or have other side effects, use with care."
+              "full_description": {
+                "text": "Detected an insufficient curve size for EC. NIST recommends a key size of 224 or higher. For example, use 'ec.SECP256R1'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.cryptography.security.insufficient-ec-key-size.insufficient-ec-key-size",
               "help": {
-                "markdown": "Unsafe functions do not perform boundary checks or have other side effects, use with care.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.security.unsafe.ocamllint-unsafe)\n - [https://v2.ocaml.org/api/Bigarray.Array1.html#VALunsafe_get](https://v2.ocaml.org/api/Bigarray.Array1.html#VALunsafe_get)\n - [https://v2.ocaml.org/api/Bytes.html#VALunsafe_to_string](https://v2.ocaml.org/api/Bytes.html#VALunsafe_to_string)\n",
-                "text": "Unsafe functions do not perform boundary checks or have other side effects, use with care.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an insufficient curve size for EC. NIST recommends a key size of 224 or higher. For example, use 'ec.SECP256R1'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an insufficient curve size for EC. NIST recommends a key size of 224 or higher. For example, use 'ec.SECP256R1'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insufficient-ec-key-size.insufficient-ec-key-size)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n - [https://cryptography.io/en/latest/hazmat/primitives/asymmetric/ec/#elliptic-curves](https://cryptography.io/en/latest/hazmat/primitives/asymmetric/ec/#elliptic-curves)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ocaml.lang.security.unsafe.ocamllint-unsafe",
-              "id": "ocaml.lang.security.unsafe.ocamllint-unsafe",
-              "name": "ocaml.lang.security.unsafe.ocamllint-unsafe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-242: Use of Inherently Dangerous Function (4.12)",
+                  "CWE-326: Inadequate Encryption Strength",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ocaml.lang.security.unsafe.ocamllint-unsafe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.spring.security.injection.tainted-html-string.tainted-html-string",
+              "name": "java.spring.security.injection.tainted-html-string.tainted-html-string",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.injection.tainted-html-string.tainted-html-string"
               },
-              "fullDescription": {
-                "text": "$sceProvider is set to false. Disabling Strict Contextual escaping (SCE) in an AngularJS application could provide additional attack surface for XSS vulnerabilities."
+              "full_description": {
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. You can use the OWASP ESAPI encoder if you must render user data."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.injection.tainted-html-string.tainted-html-string",
               "help": {
-                "markdown": "$sceProvider is set to false. Disabling Strict Contextual escaping (SCE) in an AngularJS application could provide additional attack surface for XSS vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-sce-disabled.detect-angular-sce-disabled)\n - [https://docs.angularjs.org/api/ng/service/$sce](https://docs.angularjs.org/api/ng/service/$sce)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "$sceProvider is set to false. Disabling Strict Contextual escaping (SCE) in an AngularJS application could provide additional attack surface for XSS vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. You can use the OWASP ESAPI encoder if you must render user data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. You can use the OWASP ESAPI encoder if you must render user data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.injection.tainted-html-string.tainted-html-string)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-sce-disabled.detect-angular-sce-disabled",
-              "id": "javascript.angular.security.detect-angular-sce-disabled.detect-angular-sce-disabled",
-              "name": "javascript.angular.security.detect-angular-sce-disabled.detect-angular-sce-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "HIGH CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-sce-disabled.detect-angular-sce-disabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.lang.security.json-entity-escape.json-entity-escape",
+              "name": "ruby.lang.security.json-entity-escape.json-entity-escape",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.json-entity-escape.json-entity-escape"
               },
-              "fullDescription": {
-                "text": "Evaluating non-constant commands. This can lead to command injection."
+              "full_description": {
+                "text": "Checks if HTML escaping is globally disabled for JSON output. This could lead to XSS."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.json-entity-escape.json-entity-escape",
               "help": {
-                "markdown": "Evaluating non-constant commands. This can lead to command injection.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.eval-use.eval-use)\n - [https://www.php.net/manual/en/function.eval](https://www.php.net/manual/en/function.eval)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/NoEvalsSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/NoEvalsSniff.php)\n",
-                "text": "Evaluating non-constant commands. This can lead to command injection.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks if HTML escaping is globally disabled for JSON output. This could lead to XSS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks if HTML escaping is globally disabled for JSON output. This could lead to XSS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.json-entity-escape.json-entity-escape)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.eval-use.eval-use",
-              "id": "php.lang.security.eval-use.eval-use",
-              "name": "php.lang.security.eval-use.eval-use",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.eval-use.eval-use"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.visualforce.security.ncino.xml.cspheaderattribute.csp-header-attribute",
+              "name": "generic.visualforce.security.ncino.xml.cspheaderattribute.csp-header-attribute",
+              "short_description": {
+                "text": "Semgrep Finding: generic.visualforce.security.ncino.xml.cspheaderattribute.csp-header-attribute"
               },
-              "fullDescription": {
-                "text": "AWS Access Key ID Value detected. This is a sensitive credential and should not be hardcoded here. Instead, read this value from an environment variable or keep it in a separate, private file."
+              "full_description": {
+                "text": "Visualforce Pages must have the cspHeader attribute set to true. This attribute is available in API version 55 or higher."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/generic.visualforce.security.ncino.xml.cspheaderattribute.csp-header-attribute",
               "help": {
-                "markdown": "AWS Access Key ID Value detected. This is a sensitive credential and should not be hardcoded here. Instead, read this value from an environment variable or keep it in a separate, private file.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-aws-access-key-id-value.detected-aws-access-key-id-value)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "AWS Access Key ID Value detected. This is a sensitive credential and should not be hardcoded here. Instead, read this value from an environment variable or keep it in a separate, private file.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Visualforce Pages must have the cspHeader attribute set to true. This attribute is available in API version 55 or higher.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Visualforce Pages must have the cspHeader attribute set to true. This attribute is available in API version 55 or higher.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.visualforce.security.ncino.xml.cspheaderattribute.csp-header-attribute)\n - [https://help.salesforce.com/s/articleView?id=sf.csp_trusted_sites.htm&type=5](https://help.salesforce.com/s/articleView?id=sf.csp_trusted_sites.htm&type=5)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-aws-access-key-id-value.detected-aws-access-key-id-value",
-              "id": "generic.secrets.security.detected-aws-access-key-id-value.detected-aws-access-key-id-value",
-              "name": "generic.secrets.security.detected-aws-access-key-id-value.detected-aws-access-key-id-value",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-aws-access-key-id-value.detected-aws-access-key-id-value"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.caching.query-string.flask-cache-query-string",
+              "name": "python.flask.caching.query-string.flask-cache-query-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.caching.query-string.flask-cache-query-string"
               },
-              "fullDescription": {
-                "text": "Found an initialization of the Intercom Messenger that identifies a User, but does not specify a `user_hash`.This configuration allows users to impersonate one another. See the Intercom Identity Verification docs for more context https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile"
+              "full_description": {
+                "text": "Flask-caching doesn't cache query strings by default. You have to use `query_string=True`. Also you shouldn't cache verbs that can mutate state."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.caching.query-string.flask-cache-query-string",
               "help": {
-                "markdown": "Found an initialization of the Intercom Messenger that identifies a User, but does not specify a `user_hash`.This configuration allows users to impersonate one another. See the Intercom Identity Verification docs for more context https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash)\n - [https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile](https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile)\n",
-                "text": "Found an initialization of the Intercom Messenger that identifies a User, but does not specify a `user_hash`.This configuration allows users to impersonate one another. See the Intercom Identity Verification docs for more context https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Flask-caching doesn't cache query strings by default. You have to use `query_string=True`. Also you shouldn't cache verbs that can mutate state.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Flask-caching doesn't cache query strings by default. You have to use `query_string=True`. Also you shouldn't cache verbs that can mutate state.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.caching.query-string.flask-cache-query-string)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash",
-              "id": "javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash",
-              "name": "javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-287: Improper Authentication",
-                  "MEDIUM CONFIDENCE",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.use-defused-xml-parse.use-defused-xml-parse",
+              "name": "python.lang.security.use-defused-xml-parse.use-defused-xml-parse",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.use-defused-xml-parse.use-defused-xml-parse"
               },
-              "fullDescription": {
-                "text": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity."
+              "full_description": {
+                "text": "The native Python `xml` library is vulnerable to XML External Entity (XXE) attacks.  These attacks can leak confidential data and \"XML bombs\" can cause denial of service. Do not use this library to parse untrusted input. Instead  the Python documentation recommends using `defusedxml`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.use-defused-xml-parse.use-defused-xml-parse",
               "help": {
-                "markdown": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/bash.curl.security.curl-eval.curl-eval)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The native Python `xml` library is vulnerable to XML External Entity (XXE) attacks.  These attacks can leak confidential data and \"XML bombs\" can cause denial of service. Do not use this library to parse untrusted input. Instead  the Python documentation recommends using `defusedxml`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The native Python `xml` library is vulnerable to XML External Entity (XXE) attacks.  These attacks can leak confidential data and \"XML bombs\" can cause denial of service. Do not use this library to parse untrusted input. Instead  the Python documentation recommends using `defusedxml`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.use-defused-xml-parse.use-defused-xml-parse)\n - [https://docs.python.org/3/library/xml.html](https://docs.python.org/3/library/xml.html)\n - [https://github.com/tiran/defusedxml](https://github.com/tiran/defusedxml)\n - [https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing](https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing)\n"
               },
-              "helpUri": "https://semgrep.dev/r/bash.curl.security.curl-eval.curl-eval",
-              "id": "bash.curl.security.curl-eval.curl-eval",
-              "name": "bash.curl.security.curl-eval.curl-eval",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: bash.curl.security.curl-eval.curl-eval"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.express-insecure-template-usage.express-insecure-template-usage",
+              "name": "javascript.express.security.express-insecure-template-usage.express-insecure-template-usage",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-insecure-template-usage.express-insecure-template-usage"
+              },
+              "full_description": {
+                "text": "User data from `$REQ` is being compiled into the template, which can lead to a Server Side Template Injection (SSTI) vulnerability."
               },
-              "fullDescription": {
-                "text": "Found request data in 'send_mail(...)' that uses 'html_message'. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS."
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-insecure-template-usage.express-insecure-template-usage",
               "help": {
-                "markdown": "Found request data in 'send_mail(...)' that uses 'html_message'. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.email.xss-send-mail-html-message.xss-send-mail-html-message)\n - [https://www.damonkohler.com/2008/12/email-injection.html](https://www.damonkohler.com/2008/12/email-injection.html)\n",
-                "text": "Found request data in 'send_mail(...)' that uses 'html_message'. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data from `$REQ` is being compiled into the template, which can lead to a Server Side Template Injection (SSTI) vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data from `$REQ` is being compiled into the template, which can lead to a Server Side Template Injection (SSTI) vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-insecure-template-usage.express-insecure-template-usage)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.email.xss-send-mail-html-message.xss-send-mail-html-message",
-              "id": "python.django.security.injection.email.xss-send-mail-html-message.xss-send-mail-html-message",
-              "name": "python.django.security.injection.email.xss-send-mail-html-message.xss-send-mail-html-message",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')",
+                  "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.email.xss-send-mail-html-message.xss-send-mail-html-message"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-artifactory-password.detected-artifactory-password",
+              "name": "generic.secrets.security.detected-artifactory-password.detected-artifactory-password",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-artifactory-password.detected-artifactory-password"
               },
-              "fullDescription": {
-                "text": "Detected input from a HTTPServletRequest going into a session command, like `setAttribute`. User input into such a command could lead to an attacker inputting malicious code into your session parameters, blurring the line between what's trusted and untrusted, and therefore leading to a trust boundary violation. This could lead to programmers trusting unvalidated data. Instead, thoroughly sanitize user input before passing it into such function calls."
+              "full_description": {
+                "text": "Artifactory token detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-artifactory-password.detected-artifactory-password",
               "help": {
-                "markdown": "Detected input from a HTTPServletRequest going into a session command, like `setAttribute`. User input into such a command could lead to an attacker inputting malicious code into your session parameters, blurring the line between what's trusted and untrusted, and therefore leading to a trust boundary violation. This could lead to programmers trusting unvalidated data. Instead, thoroughly sanitize user input before passing it into such function calls.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.tainted-session-from-http-request.tainted-session-from-http-request)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Detected input from a HTTPServletRequest going into a session command, like `setAttribute`. User input into such a command could lead to an attacker inputting malicious code into your session parameters, blurring the line between what's trusted and untrusted, and therefore leading to a trust boundary violation. This could lead to programmers trusting unvalidated data. Instead, thoroughly sanitize user input before passing it into such function calls.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Artifactory token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Artifactory token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-artifactory-password.detected-artifactory-password)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.tainted-session-from-http-request.tainted-session-from-http-request",
-              "id": "java.lang.security.audit.tainted-session-from-http-request.tainted-session-from-http-request",
-              "name": "java.lang.security.audit.tainted-session-from-http-request.tainted-session-from-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-501: Trust Boundary Violation",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.tainted-session-from-http-request.tainted-session-from-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "rust.lang.security.reqwest-accept-invalid.reqwest-accept-invalid",
+              "name": "rust.lang.security.reqwest-accept-invalid.reqwest-accept-invalid",
+              "short_description": {
+                "text": "Semgrep Finding: rust.lang.security.reqwest-accept-invalid.reqwest-accept-invalid"
               },
-              "fullDescription": {
-                "text": "Detected an AppService that was not configured to use TLS 1.2. Add `site_config.min_tls_version = \"1.2\"` in your resource block."
+              "full_description": {
+                "text": "Dangerously accepting invalid TLS information"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/rust.lang.security.reqwest-accept-invalid.reqwest-accept-invalid",
               "help": {
-                "markdown": "Detected an AppService that was not configured to use TLS 1.2. Add `site_config.min_tls_version = \"1.2\"` in your resource block.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-use-secure-tls-policy.appservice-use-secure-tls-policy)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#min_tls_version](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#min_tls_version)\n",
-                "text": "Detected an AppService that was not configured to use TLS 1.2. Add `site_config.min_tls_version = \"1.2\"` in your resource block.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Dangerously accepting invalid TLS information\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Dangerously accepting invalid TLS information\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/rust.lang.security.reqwest-accept-invalid.reqwest-accept-invalid)\n - [https://docs.rs/reqwest/latest/reqwest/struct.ClientBuilder.html#method.danger_accept_invalid_hostnames](https://docs.rs/reqwest/latest/reqwest/struct.ClientBuilder.html#method.danger_accept_invalid_hostnames)\n - [https://docs.rs/reqwest/latest/reqwest/struct.ClientBuilder.html#method.danger_accept_invalid_certs](https://docs.rs/reqwest/latest/reqwest/struct.ClientBuilder.html#method.danger_accept_invalid_certs)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-use-secure-tls-policy.appservice-use-secure-tls-policy",
-              "id": "terraform.azure.security.appservice.appservice-use-secure-tls-policy.appservice-use-secure-tls-policy",
-              "name": "terraform.azure.security.appservice.appservice-use-secure-tls-policy.appservice-use-secure-tls-policy",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-295: Improper Certificate Validation",
                   "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-use-secure-tls-policy.appservice-use-secure-tls-policy"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "solidity.security.no-bidi-characters.no-bidi-characters",
+              "name": "solidity.security.no-bidi-characters.no-bidi-characters",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.no-bidi-characters.no-bidi-characters"
               },
-              "fullDescription": {
-                "text": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-parameter-entities\" to false."
+              "full_description": {
+                "text": "The code must not contain any of Unicode Direction Control Characters"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.no-bidi-characters.no-bidi-characters",
               "help": {
-                "markdown": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-external-parameter-entities-true.documentbuilderfactory-external-parameter-entities-true)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n",
-                "text": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The code must not contain any of Unicode Direction Control Characters\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The code must not contain any of Unicode Direction Control Characters\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.no-bidi-characters.no-bidi-characters)\n - [https://entethalliance.org/specs/ethtrust-sl/v1/#req-1-unicode-bdo](https://entethalliance.org/specs/ethtrust-sl/v1/#req-1-unicode-bdo)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-external-parameter-entities-true.documentbuilderfactory-external-parameter-entities-true",
-              "id": "java.lang.security.audit.xxe.documentbuilderfactory-external-parameter-entities-true.documentbuilderfactory-external-parameter-entities-true",
-              "name": "java.lang.security.audit.xxe.documentbuilderfactory-external-parameter-entities-true.documentbuilderfactory-external-parameter-entities-true",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "CWE-837: Improper Enforcement of a Single, Unique Action",
                   "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.xxe.documentbuilderfactory-external-parameter-entities-true.documentbuilderfactory-external-parameter-entities-true"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.distributed.security.require-encryption",
+              "name": "python.distributed.security.require-encryption",
+              "short_description": {
+                "text": "Semgrep Finding: python.distributed.security.require-encryption"
               },
-              "fullDescription": {
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              "full_description": {
+                "text": "Initializing a security context for Dask (`distributed`) without \"require_encryption\" keyword argument may silently fail to provide security."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.distributed.security.require-encryption",
               "help": {
-                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.boto3.security.hardcoded-token.hardcoded-token)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n - [https://bento.dev/checks/boto3/hardcoded-access-token/](https://bento.dev/checks/boto3/hardcoded-access-token/)\n - [https://aws.amazon.com/blogs/security/what-to-do-if-you-inadvertently-expose-an-aws-access-key/](https://aws.amazon.com/blogs/security/what-to-do-if-you-inadvertently-expose-an-aws-access-key/)\n",
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Initializing a security context for Dask (`distributed`) without \"require_encryption\" keyword argument may silently fail to provide security.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Initializing a security context for Dask (`distributed`) without \"require_encryption\" keyword argument may silently fail to provide security.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.distributed.security.require-encryption)\n - [https://distributed.dask.org/en/latest/tls.html?highlight=require_encryption#parameters](https://distributed.dask.org/en/latest/tls.html?highlight=require_encryption#parameters)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.boto3.security.hardcoded-token.hardcoded-token",
-              "id": "python.boto3.security.hardcoded-token.hardcoded-token",
-              "name": "python.boto3.security.hardcoded-token.hardcoded-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.boto3.security.hardcoded-token.hardcoded-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.x-frame-options-misconfiguration.x-frame-options-misconfiguration",
+              "name": "javascript.express.security.x-frame-options-misconfiguration.x-frame-options-misconfiguration",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.x-frame-options-misconfiguration.x-frame-options-misconfiguration"
               },
-              "fullDescription": {
-                "text": "Detected a unquoted template variable as an attribute. If unquoted, a malicious actor could inject custom JavaScript handlers. To fix this, add quotes around the template expression, like this: \"<%= expr %>\"."
+              "full_description": {
+                "text": "By letting user input control `X-Frame-Options` header, there is a risk that software does not properly verify whether or not a browser should be allowed to render a page in an `iframe`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.x-frame-options-misconfiguration.x-frame-options-misconfiguration",
               "help": {
-                "markdown": "Detected a unquoted template variable as an attribute. If unquoted, a malicious actor could inject custom JavaScript handlers. To fix this, add quotes around the template expression, like this: \"<%= expr %>\".\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.unquoted-attribute.unquoted-attribute)\n - [https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#unquoted-attributes](https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#unquoted-attributes)\n - [https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss](https://flask.palletsprojects.com/en/1.1.x/security/#cross-site-scripting-xss)\n",
-                "text": "Detected a unquoted template variable as an attribute. If unquoted, a malicious actor could inject custom JavaScript handlers. To fix this, add quotes around the template expression, like this: \"<%= expr %>\".\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "By letting user input control `X-Frame-Options` header, there is a risk that software does not properly verify whether or not a browser should be allowed to render a page in an `iframe`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "By letting user input control `X-Frame-Options` header, there is a risk that software does not properly verify whether or not a browser should be allowed to render a page in an `iframe`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.x-frame-options-misconfiguration.x-frame-options-misconfiguration)\n - [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.unquoted-attribute.unquoted-attribute",
-              "id": "ruby.rails.security.audit.xss.templates.unquoted-attribute.unquoted-attribute",
-              "name": "ruby.rails.security.audit.xss.templates.unquoted-attribute.unquoted-attribute",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-451: User Interface (UI) Misrepresentation of Critical Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.unquoted-attribute.unquoted-attribute"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.dangerous-globals-use.dangerous-globals-use",
+              "name": "python.lang.security.dangerous-globals-use.dangerous-globals-use",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.dangerous-globals-use.dangerous-globals-use"
               },
-              "fullDescription": {
-                "text": "The use of $sce.trustAsJs can be dangerous if unsanitized user input flows through this API."
+              "full_description": {
+                "text": "Found non static data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.dangerous-globals-use.dangerous-globals-use",
               "help": {
-                "markdown": "The use of $sce.trustAsJs can be dangerous if unsanitized user input flows through this API.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-js-method.detect-angular-trust-as-js-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsJs](https://docs.angularjs.org/api/ng/service/$sce#trustAsJs)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "The use of $sce.trustAsJs can be dangerous if unsanitized user input flows through this API.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found non static data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found non static data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-globals-use.dangerous-globals-use)\n - [https://github.com/mpirnat/lets-be-bad-guys/blob/d92768fb3ade32956abd53bd6bb06e19d634a084/badguys/vulnerable/views.py#L181-L186](https://github.com/mpirnat/lets-be-bad-guys/blob/d92768fb3ade32956abd53bd6bb06e19d634a084/badguys/vulnerable/views.py#L181-L186)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-js-method.detect-angular-trust-as-js-method",
-              "id": "javascript.angular.security.detect-angular-trust-as-js-method.detect-angular-trust-as-js-method",
-              "name": "javascript.angular.security.detect-angular-trust-as-js-method.detect-angular-trust-as-js-method",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-js-method.detect-angular-trust-as-js-method"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.express-puppeteer-injection.express-puppeteer-injection",
+              "name": "javascript.express.security.express-puppeteer-injection.express-puppeteer-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-puppeteer-injection.express-puppeteer-injection"
               },
-              "fullDescription": {
-                "text": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`."
+              "full_description": {
+                "text": "If unverified user data can reach the `puppeteer` methods it can result in Server-Side Request Forgery vulnerabilities"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-puppeteer-injection.express-puppeteer-injection",
               "help": {
-                "markdown": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/json.aws.security.wildcard-assume-role.wildcard-assume-role)\n - [https://rhinosecuritylabs.com/aws/assume-worst-aws-assume-role-enumeration/](https://rhinosecuritylabs.com/aws/assume-worst-aws-assume-role-enumeration/)\n",
-                "text": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `puppeteer` methods it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `puppeteer` methods it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-puppeteer-injection.express-puppeteer-injection)\n - [https://pptr.dev/api/puppeteer.page](https://pptr.dev/api/puppeteer.page)\n"
               },
-              "helpUri": "https://semgrep.dev/r/json.aws.security.wildcard-assume-role.wildcard-assume-role",
-              "id": "json.aws.security.wildcard-assume-role.wildcard-assume-role",
-              "name": "json.aws.security.wildcard-assume-role.wildcard-assume-role",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-250: Execution with Unnecessary Privileges",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: json.aws.security.wildcard-assume-role.wildcard-assume-role"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.pycryptodome.security.insecure-cipher-algorithm-des.insecure-cipher-algorithm-des",
+              "name": "python.pycryptodome.security.insecure-cipher-algorithm-des.insecure-cipher-algorithm-des",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insecure-cipher-algorithm-des.insecure-cipher-algorithm-des"
               },
-              "fullDescription": {
-                "text": "By default, clients can connect to App Service by using both HTTP or HTTPS. HTTP should be disabled enabling the HTTPS Only setting."
+              "full_description": {
+                "text": "Detected DES cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-des.insecure-cipher-algorithm-des",
               "help": {
-                "markdown": "By default, clients can connect to App Service by using both HTTP or HTTPS. HTTP should be disabled enabling the HTTPS Only setting.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-enable-https-only.appservice-enable-https-only)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#https_only](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#https_only)\n - [https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-bindings#enforce-https](https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-bindings#enforce-https)\n",
-                "text": "By default, clients can connect to App Service by using both HTTP or HTTPS. HTTP should be disabled enabling the HTTPS Only setting.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected DES cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected DES cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-des.insecure-cipher-algorithm-des)\n - [https://cwe.mitre.org/data/definitions/326.html](https://cwe.mitre.org/data/definitions/326.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-enable-https-only.appservice-enable-https-only",
-              "id": "terraform.azure.security.appservice.appservice-enable-https-only.appservice-enable-https-only",
-              "name": "terraform.azure.security.appservice.appservice-enable-https-only.appservice-enable-https-only",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-enable-https-only.appservice-enable-https-only"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.s3-public-rw-bucket.s3-public-rw-bucket",
+              "name": "terraform.lang.security.s3-public-rw-bucket.s3-public-rw-bucket",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.s3-public-rw-bucket.s3-public-rw-bucket"
               },
-              "fullDescription": {
-                "text": "Hardcoded variable `DEBUG` detected. Set this by using FLASK_DEBUG environment variable"
+              "full_description": {
+                "text": "S3 bucket with public read-write access detected."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.s3-public-rw-bucket.s3-public-rw-bucket",
               "help": {
-                "markdown": "Hardcoded variable `DEBUG` detected. Set this by using FLASK_DEBUG environment variable\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_DEBUG)\n - [https://bento.dev/checks/flask/avoid-hardcoded-config/](https://bento.dev/checks/flask/avoid-hardcoded-config/)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features)\n",
-                "text": "Hardcoded variable `DEBUG` detected. Set this by using FLASK_DEBUG environment variable\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "S3 bucket with public read-write access detected.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "S3 bucket with public read-write access detected.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.s3-public-rw-bucket.s3-public-rw-bucket)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl)\n - [https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_DEBUG",
-              "id": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_DEBUG",
-              "name": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_DEBUG",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-489: Active Debug Code",
-                  "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_DEBUG"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.angular.security.detect-angular-resource-loading.detect-angular-resource-loading",
+              "name": "javascript.angular.security.detect-angular-resource-loading.detect-angular-resource-loading",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-resource-loading.detect-angular-resource-loading"
               },
-              "fullDescription": {
-                "text": "Scala applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Remove it from configuration."
+              "full_description": {
+                "text": "$sceDelegateProvider allowlisting can introduce security issues if wildcards are used."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-resource-loading.detect-angular-resource-loading",
               "help": {
-                "markdown": "Scala applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Remove it from configuration.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.scalac-debug.scalac-debug)\n - [https://docs.scala-lang.org/overviews/compiler-options/index.html](https://docs.scala-lang.org/overviews/compiler-options/index.html)\n",
-                "text": "Scala applications built with `debug` set to true in production may leak debug information to attackers. Debug mode also affects performance and reliability. Remove it from configuration.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "$sceDelegateProvider allowlisting can introduce security issues if wildcards are used.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "$sceDelegateProvider allowlisting can introduce security issues if wildcards are used.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-resource-loading.detect-angular-resource-loading)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsJs](https://docs.angularjs.org/api/ng/service/$sce#trustAsJs)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.scalac-debug.scalac-debug",
-              "id": "scala.lang.security.audit.scalac-debug.scalac-debug",
-              "name": "scala.lang.security.audit.scalac-debug.scalac-debug",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-489: Active Debug Code",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.scalac-debug.scalac-debug"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.insecure-deserialization.insecure-deserialization",
+              "name": "python.flask.security.insecure-deserialization.insecure-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.insecure-deserialization.insecure-deserialization"
               },
-              "fullDescription": {
-                "text": "Found a formatted template string passed to 'template. HTMLAttr()'. 'template.HTMLAttr()' does not escape contents. Be absolutely sure there is no user-controlled data in this template or validate and sanitize the data before passing it into the template."
+              "full_description": {
+                "text": "Detected the use of an insecure deserialization library in a Flask route. These libraries are prone to code execution vulnerabilities. Ensure user data does not enter this function. To fix this, try to avoid serializing whole objects. Consider instead using a serializer such as JSON."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.insecure-deserialization.insecure-deserialization",
               "help": {
-                "markdown": "Found a formatted template string passed to 'template. HTMLAttr()'. 'template.HTMLAttr()' does not escape contents. Be absolutely sure there is no user-controlled data in this template or validate and sanitize the data before passing it into the template.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-htmlattr.unescaped-data-in-htmlattr)\n - [https://golang.org/pkg/html/template/#HTMLAttr](https://golang.org/pkg/html/template/#HTMLAttr)\n",
-                "text": "Found a formatted template string passed to 'template. HTMLAttr()'. 'template.HTMLAttr()' does not escape contents. Be absolutely sure there is no user-controlled data in this template or validate and sanitize the data before passing it into the template.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected the use of an insecure deserialization library in a Flask route. These libraries are prone to code execution vulnerabilities. Ensure user data does not enter this function. To fix this, try to avoid serializing whole objects. Consider instead using a serializer such as JSON.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the use of an insecure deserialization library in a Flask route. These libraries are prone to code execution vulnerabilities. Ensure user data does not enter this function. To fix this, try to avoid serializing whole objects. Consider instead using a serializer such as JSON.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.insecure-deserialization.insecure-deserialization)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-htmlattr.unescaped-data-in-htmlattr",
-              "id": "go.lang.security.audit.net.unescaped-data-in-htmlattr.unescaped-data-in-htmlattr",
-              "name": "go.lang.security.audit.net.unescaped-data-in-htmlattr.unescaped-data-in-htmlattr",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.unescaped-data-in-htmlattr.unescaped-data-in-htmlattr"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.secrets.security.detected-outlook-team.detected-outlook-team",
+              "name": "generic.secrets.security.detected-outlook-team.detected-outlook-team",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-outlook-team.detected-outlook-team"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `exec` method it can result in Remote Code Execution"
+              "full_description": {
+                "text": "Outlook Team detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-outlook-team.detected-outlook-team",
               "help": {
-                "markdown": "If unverified user data can reach the `exec` method it can result in Remote Code Execution\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.shelljs.security.shelljs-exec-injection.shelljs-exec-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "If unverified user data can reach the `exec` method it can result in Remote Code Execution\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Outlook Team detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Outlook Team detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-outlook-team.detected-outlook-team)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.shelljs.security.shelljs-exec-injection.shelljs-exec-injection",
-              "id": "javascript.shelljs.security.shelljs-exec-injection.shelljs-exec-injection",
-              "name": "javascript.shelljs.security.shelljs-exec-injection.shelljs-exec-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.shelljs.security.shelljs-exec-injection.shelljs-exec-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.sequelize.security.audit.sequelize-weak-tls-version.sequelize-weak-tls-version",
+              "name": "javascript.sequelize.security.audit.sequelize-weak-tls-version.sequelize-weak-tls-version",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.sequelize.security.audit.sequelize-weak-tls-version.sequelize-weak-tls-version"
               },
-              "fullDescription": {
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements instead. You can obtain a PreparedStatement using 'SqlCommand' and 'SqlParameter'."
+              "full_description": {
+                "text": "TLS1.0 and TLS1.1 are deprecated and should not be used anymore. By default, NodeJS used TLSv1.2. So, TLS min version must not be downgrade to TLS1.0 or TLS1.1. Enforce TLS1.3 is highly recommended This rule checks TLS configuration only for PostgreSQL, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-weak-tls-version.sequelize-weak-tls-version",
               "help": {
-                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements instead. You can obtain a PreparedStatement using 'SqlCommand' and 'SqlParameter'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.sqli.csharp-sqli.csharp-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements instead. You can obtain a PreparedStatement using 'SqlCommand' and 'SqlParameter'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "TLS1.0 and TLS1.1 are deprecated and should not be used anymore. By default, NodeJS used TLSv1.2. So, TLS min version must not be downgrade to TLS1.0 or TLS1.1. Enforce TLS1.3 is highly recommended This rule checks TLS configuration only for PostgreSQL, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "TLS1.0 and TLS1.1 are deprecated and should not be used anymore. By default, NodeJS used TLSv1.2. So, TLS min version must not be downgrade to TLS1.0 or TLS1.1. Enforce TLS1.3 is highly recommended This rule checks TLS configuration only for PostgreSQL, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-weak-tls-version.sequelize-weak-tls-version)\n - [https://node-postgres.com/features/ssl](https://node-postgres.com/features/ssl)\n - [https://nodejs.org/api/tls.html#tls_class_tls_tlssocket](https://nodejs.org/api/tls.html#tls_class_tls_tlssocket)\n - [https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options](https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options)\n - [https://nodejs.org/api/tls.html#tls_tls_default_min_version](https://nodejs.org/api/tls.html#tls_tls_default_min_version)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.sqli.csharp-sqli.csharp-sqli",
-              "id": "csharp.lang.security.sqli.csharp-sqli.csharp-sqli",
-              "name": "csharp.lang.security.sqli.csharp-sqli.csharp-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.sqli.csharp-sqli.csharp-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.insecure-hash-function.insecure-hash-function",
+              "name": "python.lang.security.insecure-hash-function.insecure-hash-function",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.insecure-hash-function.insecure-hash-function"
               },
-              "fullDescription": {
-                "text": "Detected Flask route directly returning a formatted string. This is subject to cross-site scripting if user input can reach the string. Consider using the template engine instead and rendering pages with 'render_template()'."
+              "full_description": {
+                "text": "Detected use of an insecure MD4 or MD5 hash function. These functions have known vulnerabilities and are considered deprecated. Consider using 'SHA256' or a similar function instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.insecure-hash-function.insecure-hash-function",
               "help": {
-                "markdown": "Detected Flask route directly returning a formatted string. This is subject to cross-site scripting if user input can reach the string. Consider using the template engine instead and rendering pages with 'render_template()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.directly-returned-format-string.directly-returned-format-string)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected Flask route directly returning a formatted string. This is subject to cross-site scripting if user input can reach the string. Consider using the template engine instead and rendering pages with 'render_template()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected use of an insecure MD4 or MD5 hash function. These functions have known vulnerabilities and are considered deprecated. Consider using 'SHA256' or a similar function instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of an insecure MD4 or MD5 hash function. These functions have known vulnerabilities and are considered deprecated. Consider using 'SHA256' or a similar function instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.insecure-hash-function.insecure-hash-function)\n - [https://tools.ietf.org/html/rfc6151](https://tools.ietf.org/html/rfc6151)\n - [https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision](https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.directly-returned-format-string.directly-returned-format-string",
-              "id": "python.flask.security.audit.directly-returned-format-string.directly-returned-format-string",
-              "name": "python.flask.security.audit.directly-returned-format-string.directly-returned-format-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.directly-returned-format-string.directly-returned-format-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.dotnet.security.web-config-insecure-cookie-settings.web-config-insecure-cookie-settings",
+              "name": "csharp.dotnet.security.web-config-insecure-cookie-settings.web-config-insecure-cookie-settings",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.dotnet.security.web-config-insecure-cookie-settings.web-config-insecure-cookie-settings"
+              },
+              "full_description": {
+                "text": "Cookie Secure flag is explicitly disabled. You should enforce this value to avoid accidentally presenting sensitive cookie values over plaintext HTTP connections."
               },
-              "fullDescription": {
-                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.dotnet.security.web-config-insecure-cookie-settings.web-config-insecure-cookie-settings",
               "help": {
-                "markdown": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.tainted-url-host.tainted-url-host)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n",
-                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Cookie Secure flag is explicitly disabled. You should enforce this value to avoid accidentally presenting sensitive cookie values over plaintext HTTP connections.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Cookie Secure flag is explicitly disabled. You should enforce this value to avoid accidentally presenting sensitive cookie values over plaintext HTTP connections.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.web-config-insecure-cookie-settings.web-config-insecure-cookie-settings)\n - [https://docs.microsoft.com/en-us/aspnet/web-api/overview/advanced/http-cookies](https://docs.microsoft.com/en-us/aspnet/web-api/overview/advanced/http-cookies)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.web.security.formsauthentication.requiressl?redirectedfrom=MSDN&view=netframework-4.8#System_Web_Security_FormsAuthentication_RequireSSL](https://docs.microsoft.com/en-us/dotnet/api/system.web.security.formsauthentication.requiressl?redirectedfrom=MSDN&view=netframework-4.8#System_Web_Security_FormsAuthentication_RequireSSL)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.web.security.roles.cookierequiressl?redirectedfrom=MSDN&view=netframework-4.8#System_Web_Security_Roles_CookieRequireSSL](https://docs.microsoft.com/en-us/dotnet/api/system.web.security.roles.cookierequiressl?redirectedfrom=MSDN&view=netframework-4.8#System_Web_Security_Roles_CookieRequireSSL)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.injection.tainted-url-host.tainted-url-host",
-              "id": "python.flask.security.injection.tainted-url-host.tainted-url-host",
-              "name": "python.flask.security.injection.tainted-url-host.tainted-url-host",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "LOW CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.injection.tainted-url-host.tainted-url-host"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.express-vm2-injection.express-vm2-injection",
+              "name": "javascript.express.security.express-vm2-injection.express-vm2-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-vm2-injection.express-vm2-injection"
               },
-              "fullDescription": {
-                "text": "This code contains bidirectional (bidi) characters. While this is useful for support of right-to-left languages such as Arabic or Hebrew, it can also be used to trick language parsers into executing code in a manner that is different from how it is displayed in code editing and review tools. If this is not what you were expecting, please review this code in an editor that can reveal hidden Unicode characters."
+              "full_description": {
+                "text": "Make sure that unverified user data can not reach `vm2`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-vm2-injection.express-vm2-injection",
               "help": {
-                "markdown": "This code contains bidirectional (bidi) characters. While this is useful for support of right-to-left languages such as Arabic or Hebrew, it can also be used to trick language parsers into executing code in a manner that is different from how it is displayed in code editing and review tools. If this is not what you were expecting, please review this code in an editor that can reveal hidden Unicode characters.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.unicode.security.bidi.contains-bidirectional-characters)\n - [https://trojansource.codes/](https://trojansource.codes/)\n",
-                "text": "This code contains bidirectional (bidi) characters. While this is useful for support of right-to-left languages such as Arabic or Hebrew, it can also be used to trick language parsers into executing code in a manner that is different from how it is displayed in code editing and review tools. If this is not what you were expecting, please review this code in an editor that can reveal hidden Unicode characters.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Make sure that unverified user data can not reach `vm2`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Make sure that unverified user data can not reach `vm2`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-vm2-injection.express-vm2-injection)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.unicode.security.bidi.contains-bidirectional-characters",
-              "id": "generic.unicode.security.bidi.contains-bidirectional-characters",
-              "name": "generic.unicode.security.bidi.contains-bidirectional-characters",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.unicode.security.bidi.contains-bidirectional-characters"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.md5-used-as-password.md5-used-as-password",
+              "name": "java.lang.security.audit.md5-used-as-password.md5-used-as-password",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.md5-used-as-password.md5-used-as-password"
               },
-              "fullDescription": {
-                "text": "The SimpleTypeResolver class is insecure and should not be used. Using SimpleTypeResolver to deserialize JSON could allow the remote client to execute malicious code within the app and take control of the web server."
+              "full_description": {
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as PBKDF2 or bcrypt. You can use `javax.crypto.SecretKeyFactory` with `SecretKeyFactory.getInstance(\"PBKDF2WithHmacSHA1\")` or, if using Spring, `org.springframework.security.crypto.bcrypt`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.md5-used-as-password.md5-used-as-password",
               "help": {
-                "markdown": "The SimpleTypeResolver class is insecure and should not be used. Using SimpleTypeResolver to deserialize JSON could allow the remote client to execute malicious code within the app and take control of the web server.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.javascript-serializer.insecure-javascriptserializer-deserialization)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.web.script.serialization.simpletyperesolver?view=netframework-4.8#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.web.script.serialization.simpletyperesolver?view=netframework-4.8#remarks)\n",
-                "text": "The SimpleTypeResolver class is insecure and should not be used. Using SimpleTypeResolver to deserialize JSON could allow the remote client to execute malicious code within the app and take control of the web server.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as PBKDF2 or bcrypt. You can use `javax.crypto.SecretKeyFactory` with `SecretKeyFactory.getInstance(\"PBKDF2WithHmacSHA1\")` or, if using Spring, `org.springframework.security.crypto.bcrypt`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as PBKDF2 or bcrypt. You can use `javax.crypto.SecretKeyFactory` with `SecretKeyFactory.getInstance(\"PBKDF2WithHmacSHA1\")` or, if using Spring, `org.springframework.security.crypto.bcrypt`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html](https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n - [https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SecretKeyFactory](https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SecretKeyFactory)\n - [https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.html](https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.javascript-serializer.insecure-javascriptserializer-deserialization",
-              "id": "csharp.lang.security.insecure-deserialization.javascript-serializer.insecure-javascriptserializer-deserialization",
-              "name": "csharp.lang.security.insecure-deserialization.javascript-serializer.insecure-javascriptserializer-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.javascript-serializer.insecure-javascriptserializer-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.jjwt.security.jwt-none-alg.jjwt-none-alg",
+              "name": "java.jjwt.security.jwt-none-alg.jjwt-none-alg",
+              "short_description": {
+                "text": "Semgrep Finding: java.jjwt.security.jwt-none-alg.jjwt-none-alg"
               },
-              "fullDescription": {
-                "text": "The RSA key size $SIZE is insufficent by NIST standards. It is recommended to use a key length of 2048 or higher."
+              "full_description": {
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.jjwt.security.jwt-none-alg.jjwt-none-alg",
               "help": {
-                "markdown": "The RSA key size $SIZE is insufficent by NIST standards. It is recommended to use a key length of 2048 or higher.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.insufficient-rsa-key-size.insufficient-rsa-key-size)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n",
-                "text": "The RSA key size $SIZE is insufficent by NIST standards. It is recommended to use a key length of 2048 or higher.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.jjwt.security.jwt-none-alg.jjwt-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
-              "id": "ruby.lang.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
-              "name": "ruby.lang.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "HIGH CONFIDENCE",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "LOW CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.insufficient-rsa-key-size.insufficient-rsa-key-size"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.dangerous-code-run.dangerous-interactive-code-run",
+              "name": "python.lang.security.dangerous-code-run.dangerous-interactive-code-run",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.dangerous-code-run.dangerous-interactive-code-run"
               },
-              "fullDescription": {
-                "text": "abi.encodePacked hash collision with variable length arguments in $F()"
+              "full_description": {
+                "text": "Found user controlled data inside InteractiveConsole/InteractiveInterpreter method. This is dangerous if external data can reach this function call because it allows a malicious actor to run arbitrary Python code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.dangerous-code-run.dangerous-interactive-code-run",
               "help": {
-                "markdown": "abi.encodePacked hash collision with variable length arguments in $F()\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.encode-packed-collision.encode-packed-collision)\n - [https://swcregistry.io/docs/SWC-133](https://swcregistry.io/docs/SWC-133)\n",
-                "text": "abi.encodePacked hash collision with variable length arguments in $F()\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user controlled data inside InteractiveConsole/InteractiveInterpreter method. This is dangerous if external data can reach this function call because it allows a malicious actor to run arbitrary Python code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user controlled data inside InteractiveConsole/InteractiveInterpreter method. This is dangerous if external data can reach this function call because it allows a malicious actor to run arbitrary Python code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-code-run.dangerous-interactive-code-run)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.encode-packed-collision.encode-packed-collision",
-              "id": "solidity.security.encode-packed-collision.encode-packed-collision",
-              "name": "solidity.security.encode-packed-collision.encode-packed-collision",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-20: Improper Input Validation",
-                  "HIGH CONFIDENCE",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.encode-packed-collision.encode-packed-collision"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "csharp.lang.security.cryptography.x509-subject-name-validation.X509-subject-name-validation",
+              "name": "csharp.lang.security.cryptography.x509-subject-name-validation.X509-subject-name-validation",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.cryptography.x509-subject-name-validation.X509-subject-name-validation"
               },
-              "fullDescription": {
-                "text": "Checks for dangerous permitted attributes that can lead to mass assignment vulnerabilities. Query parameters allowed using permit and attr_accessible are checked for allowance of dangerous attributes admin, banned, role, and account_id. Also checks for usages of params.permit!, which allows everything. Fix: don't allow admin, banned, role, and account_id using permit or attr_accessible."
+              "full_description": {
+                "text": "Validating certificates based on subject name is bad practice. Use the X509Certificate2.Verify() method instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.cryptography.x509-subject-name-validation.X509-subject-name-validation",
               "help": {
-                "markdown": "Checks for dangerous permitted attributes that can lead to mass assignment vulnerabilities. Query parameters allowed using permit and attr_accessible are checked for allowance of dangerous attributes admin, banned, role, and account_id. Also checks for usages of params.permit!, which allows everything. Fix: don't allow admin, banned, role, and account_id using permit or attr_accessible.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.model-attr-accessible.model-attr-accessible)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_model_attr_accessible.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_model_attr_accessible.rb)\n",
-                "text": "Checks for dangerous permitted attributes that can lead to mass assignment vulnerabilities. Query parameters allowed using permit and attr_accessible are checked for allowance of dangerous attributes admin, banned, role, and account_id. Also checks for usages of params.permit!, which allows everything. Fix: don't allow admin, banned, role, and account_id using permit or attr_accessible.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Validating certificates based on subject name is bad practice. Use the X509Certificate2.Verify() method instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Validating certificates based on subject name is bad practice. Use the X509Certificate2.Verify() method instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.cryptography.x509-subject-name-validation.X509-subject-name-validation)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.identitymodel.tokens.issuernameregistry?view=netframework-4.8](https://docs.microsoft.com/en-us/dotnet/api/system.identitymodel.tokens.issuernameregistry?view=netframework-4.8)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.model-attr-accessible.model-attr-accessible",
-              "id": "ruby.lang.security.model-attr-accessible.model-attr-accessible",
-              "name": "ruby.lang.security.model-attr-accessible.model-attr-accessible",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-295: Improper Certificate Validation",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.model-attr-accessible.model-attr-accessible"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.symfony.security.audit.symfony-csrf-protection-disabled.symfony-csrf-protection-disabled",
+              "name": "php.symfony.security.audit.symfony-csrf-protection-disabled.symfony-csrf-protection-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: php.symfony.security.audit.symfony-csrf-protection-disabled.symfony-csrf-protection-disabled"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a pg8000 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.run(\"SELECT :value FROM table\", value=myvalue)'. You can also create prepared statements with 'conn.prepare': 'conn.prepare(\"SELECT (:v) FROM table\")'"
+              "full_description": {
+                "text": "CSRF protection is disabled for this configuration. This is a security risk. Make sure that it is safe or consider setting `csrf_protection` property to `true`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.symfony.security.audit.symfony-csrf-protection-disabled.symfony-csrf-protection-disabled",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a pg8000 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.run(\"SELECT :value FROM table\", value=myvalue)'. You can also create prepared statements with 'conn.prepare': 'conn.prepare(\"SELECT (:v) FROM table\")'\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.sqli.pg8000-sqli.pg8000-sqli)\n - [https://github.com/tlocke/pg8000](https://github.com/tlocke/pg8000)\n",
-                "text": "Detected string concatenation with a non-literal variable in a pg8000 Python SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can create parameterized queries like so: 'conn.run(\"SELECT :value FROM table\", value=myvalue)'. You can also create prepared statements with 'conn.prepare': 'conn.prepare(\"SELECT (:v) FROM table\")'\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "CSRF protection is disabled for this configuration. This is a security risk. Make sure that it is safe or consider setting `csrf_protection` property to `true`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "CSRF protection is disabled for this configuration. This is a security risk. Make sure that it is safe or consider setting `csrf_protection` property to `true`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.symfony.security.audit.symfony-csrf-protection-disabled.symfony-csrf-protection-disabled)\n - [https://symfony.com/doc/current/security/csrf.html](https://symfony.com/doc/current/security/csrf.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.sqli.pg8000-sqli.pg8000-sqli",
-              "id": "python.lang.security.audit.sqli.pg8000-sqli.pg8000-sqli",
-              "name": "python.lang.security.audit.sqli.pg8000-sqli.pg8000-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.sqli.pg8000-sqli.pg8000-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.audit.secure-set-cookie.secure-set-cookie",
+              "name": "python.flask.security.audit.secure-set-cookie.secure-set-cookie",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.secure-set-cookie.secure-set-cookie"
               },
-              "fullDescription": {
-                "text": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Cookie."
+              "full_description": {
+                "text": "Found a Flask cookie with insecurely configured properties.  By default the secure, httponly and samesite ar configured insecurely. cookies should be handled securely by setting `secure=True`, `httponly=True`, and `samesite='Lax'` in response.set_cookie(...). If these parameters are not properly set, your cookies are not properly protected and are at risk of being stolen by an attacker. Include the `secure=True`, `httponly=True`, `samesite='Lax'` arguments or set these to be true in the Flask configuration."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.secure-set-cookie.secure-set-cookie",
               "help": {
-                "markdown": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Cookie.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.cookie-missing-httponly.cookie-missing-httponly)\n - [https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/util/cookie.go](https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/util/cookie.go)\n - [https://golang.org/src/net/http/cookie.go](https://golang.org/src/net/http/cookie.go)\n",
-                "text": "A session cookie was detected without setting the 'HttpOnly' flag. The 'HttpOnly' flag for cookies instructs the browser to forbid client-side scripts from reading the cookie which mitigates XSS attacks. Set the 'HttpOnly' flag by setting 'HttpOnly' to 'true' in the Cookie.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found a Flask cookie with insecurely configured properties.  By default the secure, httponly and samesite ar configured insecurely. cookies should be handled securely by setting `secure=True`, `httponly=True`, and `samesite='Lax'` in response.set_cookie(...). If these parameters are not properly set, your cookies are not properly protected and are at risk of being stolen by an attacker. Include the `secure=True`, `httponly=True`, `samesite='Lax'` arguments or set these to be true in the Flask configuration.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a Flask cookie with insecurely configured properties.  By default the secure, httponly and samesite ar configured insecurely. cookies should be handled securely by setting `secure=True`, `httponly=True`, and `samesite='Lax'` in response.set_cookie(...). If these parameters are not properly set, your cookies are not properly protected and are at risk of being stolen by an attacker. Include the `secure=True`, `httponly=True`, `samesite='Lax'` arguments or set these to be true in the Flask configuration.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.secure-set-cookie.secure-set-cookie)\n - [https://flask.palletsprojects.com/en/3.0.x/api/#flask.Response.set_cookie](https://flask.palletsprojects.com/en/3.0.x/api/#flask.Response.set_cookie)\n - [https://flask.palletsprojects.com/en/3.0.x/security/#set-cookie-options](https://flask.palletsprojects.com/en/3.0.x/security/#set-cookie-options)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.cookie-missing-httponly.cookie-missing-httponly",
-              "id": "go.lang.security.audit.net.cookie-missing-httponly.cookie-missing-httponly",
-              "name": "go.lang.security.audit.net.cookie-missing-httponly.cookie-missing-httponly",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "LOW CONFIDENCE",
                   "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.cookie-missing-httponly.cookie-missing-httponly"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.node-expat.security.audit.expat-xxe.expat-xxe",
+              "name": "javascript.node-expat.security.audit.expat-xxe.expat-xxe",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.node-expat.security.audit.expat-xxe.expat-xxe"
               },
-              "fullDescription": {
-                "text": "By default, AWS SecretManager secrets are encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your secrets in the Secret Manager. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so."
+              "full_description": {
+                "text": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.node-expat.security.audit.expat-xxe.expat-xxe",
               "help": {
-                "markdown": "By default, AWS SecretManager secrets are encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your secrets in the Secret Manager. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-secretsmanager-secret-unencrypted.aws-secretsmanager-secret-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "By default, AWS SecretManager secrets are encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your secrets in the Secret Manager. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.node-expat.security.audit.expat-xxe.expat-xxe)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-secretsmanager-secret-unencrypted.aws-secretsmanager-secret-unencrypted",
-              "id": "terraform.aws.security.aws-secretsmanager-secret-unencrypted.aws-secretsmanager-secret-unencrypted",
-              "name": "terraform.aws.security.aws-secretsmanager-secret-unencrypted.aws-secretsmanager-secret-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-secretsmanager-secret-unencrypted.aws-secretsmanager-secret-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.browser.security.open-redirect.js-open-redirect",
+              "name": "javascript.browser.security.open-redirect.js-open-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.browser.security.open-redirect.js-open-redirect"
               },
-              "fullDescription": {
-                "text": "Usage of NumPy library inside PyTorch `$MODULE` module was found. Avoid mixing these libraries for efficiency and proper ONNX loading"
+              "full_description": {
+                "text": "The application accepts potentially user-controlled input `$PROP` which can control the location of the current window context. This can lead two types of vulnerabilities open-redirection and Cross-Site-Scripting (XSS) with JavaScript URIs. It is recommended to validate user-controllable input before allowing it to control the redirection."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.browser.security.open-redirect.js-open-redirect",
               "help": {
-                "markdown": "Usage of NumPy library inside PyTorch `$MODULE` module was found. Avoid mixing these libraries for efficiency and proper ONNX loading\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules)\n - [https://tanelp.github.io/posts/a-bug-that-plagues-thousands-of-open-source-ml-projects](https://tanelp.github.io/posts/a-bug-that-plagues-thousands-of-open-source-ml-projects)\n",
-                "text": "Usage of NumPy library inside PyTorch `$MODULE` module was found. Avoid mixing these libraries for efficiency and proper ONNX loading\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The application accepts potentially user-controlled input `$PROP` which can control the location of the current window context. This can lead two types of vulnerabilities open-redirection and Cross-Site-Scripting (XSS) with JavaScript URIs. It is recommended to validate user-controllable input before allowing it to control the redirection.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The application accepts potentially user-controlled input `$PROP` which can control the location of the current window context. This can lead two types of vulnerabilities open-redirection and Cross-Site-Scripting (XSS) with JavaScript URIs. It is recommended to validate user-controllable input before allowing it to control the redirection.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.open-redirect.js-open-redirect)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules",
-              "id": "trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules",
-              "name": "trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "MEDIUM CONFIDENCE"
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.python.numpy-in-pytorch-modules.numpy-in-pytorch-modules"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.mb-ereg-replace-eval.mb-ereg-replace-eval",
+              "name": "php.lang.security.mb-ereg-replace-eval.mb-ereg-replace-eval",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.mb-ereg-replace-eval.mb-ereg-replace-eval"
               },
-              "fullDescription": {
-                "text": "File traversal when extracting zip archive"
+              "full_description": {
+                "text": "Calling mb_ereg_replace with user input in the options can lead to arbitrary code execution. The eval modifier (`e`) evaluates the replacement argument as code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.mb-ereg-replace-eval.mb-ereg-replace-eval",
               "help": {
-                "markdown": "File traversal when extracting zip archive\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.zip.path-traversal-inside-zip-extraction)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "File traversal when extracting zip archive\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Calling mb_ereg_replace with user input in the options can lead to arbitrary code execution. The eval modifier (`e`) evaluates the replacement argument as code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Calling mb_ereg_replace with user input in the options can lead to arbitrary code execution. The eval modifier (`e`) evaluates the replacement argument as code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.mb-ereg-replace-eval.mb-ereg-replace-eval)\n - [https://www.php.net/manual/en/function.mb-ereg-replace.php](https://www.php.net/manual/en/function.mb-ereg-replace.php)\n - [https://www.php.net/manual/en/function.mb-regex-set-options.php](https://www.php.net/manual/en/function.mb-regex-set-options.php)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.zip.path-traversal-inside-zip-extraction",
-              "id": "go.lang.security.zip.path-traversal-inside-zip-extraction",
-              "name": "go.lang.security.zip.path-traversal-inside-zip-extraction",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.zip.path-traversal-inside-zip-extraction"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "java.lang.security.audit.crypto.use-of-sha1.use-of-sha1",
+              "name": "java.lang.security.audit.crypto.use-of-sha1.use-of-sha1",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-sha1.use-of-sha1"
               },
-              "fullDescription": {
-                "text": "Detected a request using 'http://'. This request will be unencrypted, and attackers could listen into traffic on the network and be able to obtain sensitive information. Use 'https://' instead."
+              "full_description": {
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-sha1.use-of-sha1",
               "help": {
-                "markdown": "Detected a request using 'http://'. This request will be unencrypted, and attackers could listen into traffic on the network and be able to obtain sensitive information. Use 'https://' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected a request using 'http://'. This request will be unencrypted, and attackers could listen into traffic on the network and be able to obtain sensitive information. Use 'https://' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-sha1.use-of-sha1)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http",
-              "id": "python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http",
-              "name": "python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-328: Use of Weak Hash",
+                  "HIGH CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.lang.security.hardcoded-secret-rsa-passphrase.hardcoded-secret-rsa-passphrase",
+              "name": "ruby.lang.security.hardcoded-secret-rsa-passphrase.hardcoded-secret-rsa-passphrase",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.hardcoded-secret-rsa-passphrase.hardcoded-secret-rsa-passphrase"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation or formatting in a call to a command via 'sh'. This could be a command injection vulnerability if the data is user-controlled. Instead, use a list and append the argument."
+              "full_description": {
+                "text": "Found the use of an hardcoded passphrase for RSA. The passphrase can be easily discovered, and therefore should not be stored in source-code. It is recommended to remove the passphrase from source-code, and use system environment variables or a restricted configuration file."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.hardcoded-secret-rsa-passphrase.hardcoded-secret-rsa-passphrase",
               "help": {
-                "markdown": "Detected string concatenation or formatting in a call to a command via 'sh'. This could be a command injection vulnerability if the data is user-controlled. Instead, use a list and append the argument.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sh.security.string-concat.string-concat)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected string concatenation or formatting in a call to a command via 'sh'. This could be a command injection vulnerability if the data is user-controlled. Instead, use a list and append the argument.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found the use of an hardcoded passphrase for RSA. The passphrase can be easily discovered, and therefore should not be stored in source-code. It is recommended to remove the passphrase from source-code, and use system environment variables or a restricted configuration file.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found the use of an hardcoded passphrase for RSA. The passphrase can be easily discovered, and therefore should not be stored in source-code. It is recommended to remove the passphrase from source-code, and use system environment variables or a restricted configuration file.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.hardcoded-secret-rsa-passphrase.hardcoded-secret-rsa-passphrase)\n - [https://cwe.mitre.org/data/definitions/522.html](https://cwe.mitre.org/data/definitions/522.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.sh.security.string-concat.string-concat",
-              "id": "python.sh.security.string-concat.string-concat",
-              "name": "python.sh.security.string-concat.string-concat",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.sh.security.string-concat.string-concat"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.express-third-party-object-deserialization.express-third-party-object-deserialization",
+              "name": "javascript.express.security.audit.express-third-party-object-deserialization.express-third-party-object-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-third-party-object-deserialization.express-third-party-object-deserialization"
               },
-              "fullDescription": {
-                "text": "Stripe API Key detected"
+              "full_description": {
+                "text": "The following function call $SER.$FUNC accepts user controlled data which can result in Remote Code Execution (RCE) through Object Deserialization. It is recommended to use secure data processing alternatives such as JSON.parse() and Buffer.from()."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-third-party-object-deserialization.express-third-party-object-deserialization",
               "help": {
-                "markdown": "Stripe API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-stripe-api-key.detected-stripe-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Stripe API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The following function call $SER.$FUNC accepts user controlled data which can result in Remote Code Execution (RCE) through Object Deserialization. It is recommended to use secure data processing alternatives such as JSON.parse() and Buffer.from().\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The following function call $SER.$FUNC accepts user controlled data which can result in Remote Code Execution (RCE) through Object Deserialization. It is recommended to use secure data processing alternatives such as JSON.parse() and Buffer.from().\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-third-party-object-deserialization.express-third-party-object-deserialization)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-stripe-api-key.detected-stripe-api-key",
-              "id": "generic.secrets.security.detected-stripe-api-key.detected-stripe-api-key",
-              "name": "generic.secrets.security.detected-stripe-api-key.detected-stripe-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-stripe-api-key.detected-stripe-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.azure.security.storage.storage-allow-microsoft-service-bypass.storage-allow-microsoft-service-bypass",
+              "name": "terraform.azure.security.storage.storage-allow-microsoft-service-bypass.storage-allow-microsoft-service-bypass",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.storage.storage-allow-microsoft-service-bypass.storage-allow-microsoft-service-bypass"
               },
-              "fullDescription": {
-                "text": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Some Microsoft services that interact with storage accounts operate from networks that can't be granted access through network rules. To help this type of service work as intended, allow the set of trusted Microsoft services to bypass the network rules"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.storage.storage-allow-microsoft-service-bypass.storage-allow-microsoft-service-bypass",
               "help": {
-                "markdown": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-fsx-lustre-files-ystem.aws-fsx-lustre-filesystem-encrypted-with-cmk)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Some Microsoft services that interact with storage accounts operate from networks that can't be granted access through network rules. To help this type of service work as intended, allow the set of trusted Microsoft services to bypass the network rules\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Some Microsoft services that interact with storage accounts operate from networks that can't be granted access through network rules. To help this type of service work as intended, allow the set of trusted Microsoft services to bypass the network rules\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.storage.storage-allow-microsoft-service-bypass.storage-allow-microsoft-service-bypass)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#bypass](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#bypass)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#bypass](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#bypass)\n - [https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security#trusted-microsoft-services](https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security#trusted-microsoft-services)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-fsx-lustre-files-ystem.aws-fsx-lustre-filesystem-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-fsx-lustre-files-ystem.aws-fsx-lustre-filesystem-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-fsx-lustre-files-ystem.aws-fsx-lustre-filesystem-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "CWE-284: Improper Access Control",
                   "LOW CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-fsx-lustre-files-ystem.aws-fsx-lustre-filesystem-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-rc4",
+              "name": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-rc4",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.use_of_weak_crypto.use-of-rc4"
               },
-              "fullDescription": {
-                "text": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
+              "full_description": {
+                "text": "Detected RC4 cipher algorithm which is insecure. The algorithm has many known vulnerabilities. Use AES instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-rc4",
               "help": {
-                "markdown": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spel-injection.spel-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected RC4 cipher algorithm which is insecure. The algorithm has many known vulnerabilities. Use AES instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected RC4 cipher algorithm which is insecure. The algorithm has many known vulnerabilities. Use AES instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-rc4)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.audit.spel-injection.spel-injection",
-              "id": "java.spring.security.audit.spel-injection.spel-injection",
-              "name": "java.spring.security.audit.spel-injection.spel-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.audit.spel-injection.spel-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.redacted-cartel-custom-approval-bug.redacted-cartel-custom-approval-bug",
+              "name": "solidity.security.redacted-cartel-custom-approval-bug.redacted-cartel-custom-approval-bug",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.redacted-cartel-custom-approval-bug.redacted-cartel-custom-approval-bug"
               },
-              "fullDescription": {
-                "text": "The NetDataContractSerializer type is dangerous and is not recommended for data processing. Applications should stop using NetDataContractSerializer as soon as possible, even if they believe the data they're processing to be trustworthy. NetDataContractSerializer is insecure and can't be made secure"
+              "full_description": {
+                "text": "transferFrom() can steal allowance of other accounts"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.redacted-cartel-custom-approval-bug.redacted-cartel-custom-approval-bug",
               "help": {
-                "markdown": "The NetDataContractSerializer type is dangerous and is not recommended for data processing. Applications should stop using NetDataContractSerializer as soon as possible, even if they believe the data they're processing to be trustworthy. NetDataContractSerializer is insecure and can't be made secure\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.net-data-contract.insecure-netdatacontract-deserialization)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.netdatacontractserializer?view=netframework-4.8#security](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.netdatacontractserializer?view=netframework-4.8#security)\n",
-                "text": "The NetDataContractSerializer type is dangerous and is not recommended for data processing. Applications should stop using NetDataContractSerializer as soon as possible, even if they believe the data they're processing to be trustworthy. NetDataContractSerializer is insecure and can't be made secure\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "transferFrom() can steal allowance of other accounts\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "transferFrom() can steal allowance of other accounts\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.redacted-cartel-custom-approval-bug.redacted-cartel-custom-approval-bug)\n - [https://medium.com/immunefi/redacted-cartel-custom-approval-logic-bugfix-review-9b2d039ca2c5](https://medium.com/immunefi/redacted-cartel-custom-approval-logic-bugfix-review-9b2d039ca2c5)\n - [https://etherscan.io/address/0x186E55C0BebD2f69348d94C4A27556d93C5Bd36C](https://etherscan.io/address/0x186E55C0BebD2f69348d94C4A27556d93C5Bd36C)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.net-data-contract.insecure-netdatacontract-deserialization",
-              "id": "csharp.lang.security.insecure-deserialization.net-data-contract.insecure-netdatacontract-deserialization",
-              "name": "csharp.lang.security.insecure-deserialization.net-data-contract.insecure-netdatacontract-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-688: Function Call With Incorrect Variable or Reference as Argument",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.net-data-contract.insecure-netdatacontract-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.express-xml2json-xxe-event.express-xml2json-xxe-event",
+              "name": "javascript.express.security.audit.express-xml2json-xxe-event.express-xml2json-xxe-event",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-xml2json-xxe-event.express-xml2json-xxe-event"
               },
-              "fullDescription": {
-                "text": "Detected direct use of jinja2. If not done properly, this may bypass HTML escaping which opens up the application to cross-site scripting (XSS) vulnerabilities. Prefer using the Flask method 'render_template()' and templates with a '.html' extension in order to prevent XSS."
+              "full_description": {
+                "text": "Xml Parser is used inside Request Event. Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-xml2json-xxe-event.express-xml2json-xxe-event",
               "help": {
-                "markdown": "Detected direct use of jinja2. If not done properly, this may bypass HTML escaping which opens up the application to cross-site scripting (XSS) vulnerabilities. Prefer using the Flask method 'render_template()' and templates with a '.html' extension in order to prevent XSS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2)\n - [https://jinja.palletsprojects.com/en/2.11.x/api/#basics](https://jinja.palletsprojects.com/en/2.11.x/api/#basics)\n",
-                "text": "Detected direct use of jinja2. If not done properly, this may bypass HTML escaping which opens up the application to cross-site scripting (XSS) vulnerabilities. Prefer using the Flask method 'render_template()' and templates with a '.html' extension in order to prevent XSS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Xml Parser is used inside Request Event. Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Xml Parser is used inside Request Event. Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-xml2json-xxe-event.express-xml2json-xxe-event)\n - [https://www.npmjs.com/package/xml2json](https://www.npmjs.com/package/xml2json)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2",
-              "id": "python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2",
-              "name": "python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.rigoblock-missing-access-control.rigoblock-missing-access-control",
+              "name": "solidity.security.rigoblock-missing-access-control.rigoblock-missing-access-control",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.rigoblock-missing-access-control.rigoblock-missing-access-control"
               },
-              "fullDescription": {
-                "text": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use SystemDefaultHttpClient instead, which supports TLS1.2."
+              "full_description": {
+                "text": "setMultipleAllowances() is missing onlyOwner modifier"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/solidity.security.rigoblock-missing-access-control.rigoblock-missing-access-control",
               "help": {
-                "markdown": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use SystemDefaultHttpClient instead, which supports TLS1.2.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use SystemDefaultHttpClient instead, which supports TLS1.2.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "setMultipleAllowances() is missing onlyOwner modifier\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "setMultipleAllowances() is missing onlyOwner modifier\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.rigoblock-missing-access-control.rigoblock-missing-access-control)\n - [https://twitter.com/danielvf/status/1494317265835147272](https://twitter.com/danielvf/status/1494317265835147272)\n - [https://etherscan.io/address/0x876b9ebd725d1fa0b879fcee12560a6453b51dc8](https://etherscan.io/address/0x876b9ebd725d1fa0b879fcee12560a6453b51dc8)\n - [https://play.secdim.com/game/dapp/challenge/rigoownsol](https://play.secdim.com/game/dapp/challenge/rigoownsol)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
-              "id": "kotlin.lang.security.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
-              "name": "kotlin.lang.security.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-284: Improper Access Control",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid",
+              "name": "python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid"
               },
-              "fullDescription": {
-                "text": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings"
+              "full_description": {
+                "text": "Use $FORM.cleaned_data[] instead of request.POST[] after form.is_valid() has been executed to only access sanitized data"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid",
               "help": {
-                "markdown": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.functionapp.functionapp-authentication-enabled.functionapp-authentication-enabled)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#enabled)\n",
-                "text": "Enabling authentication ensures that all communications in the application are authenticated. The `auth_settings` block needs to be filled out with the appropriate auth backend settings\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Use $FORM.cleaned_data[] instead of request.POST[] after form.is_valid() has been executed to only access sanitized data\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use $FORM.cleaned_data[] instead of request.POST[] after form.is_valid() has been executed to only access sanitized data\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid)\n - [https://docs.djangoproject.com/en/4.2/ref/forms/api/#accessing-clean-data](https://docs.djangoproject.com/en/4.2/ref/forms/api/#accessing-clean-data)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.functionapp.functionapp-authentication-enabled.functionapp-authentication-enabled",
-              "id": "terraform.azure.security.functionapp.functionapp-authentication-enabled.functionapp-authentication-enabled",
-              "name": "terraform.azure.security.functionapp.functionapp-authentication-enabled.functionapp-authentication-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-287: Improper Authentication",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-20: Improper Input Validation",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.functionapp.functionapp-authentication-enabled.functionapp-authentication-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.playwright.security.audit.playwright-setcontent-injection.playwright-setcontent-injection",
+              "name": "javascript.playwright.security.audit.playwright-setcontent-injection.playwright-setcontent-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-setcontent-injection.playwright-setcontent-injection"
               },
-              "fullDescription": {
-                "text": "This call turns off CSRF protection allowing CSRF attacks against the application"
+              "full_description": {
+                "text": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-setcontent-injection.playwright-setcontent-injection",
               "help": {
-                "markdown": "This call turns off CSRF protection allowing CSRF attacks against the application\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.rails-skip-forgery-protection.rails-skip-forgery-protection)\n - [https://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection/ClassMethods.html#method-i-skip_forgery_protection](https://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection/ClassMethods.html#method-i-skip_forgery_protection)\n",
-                "text": "This call turns off CSRF protection allowing CSRF attacks against the application\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-setcontent-injection.playwright-setcontent-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.rails-skip-forgery-protection.rails-skip-forgery-protection",
-              "id": "ruby.rails.security.audit.rails-skip-forgery-protection.rails-skip-forgery-protection",
-              "name": "ruby.rails.security.audit.rails-skip-forgery-protection.rails-skip-forgery-protection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.rails-skip-forgery-protection.rails-skip-forgery-protection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.symfony.security.audit.symfony-non-literal-redirect.symfony-non-literal-redirect",
+              "name": "php.symfony.security.audit.symfony-non-literal-redirect.symfony-non-literal-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: php.symfony.security.audit.symfony-non-literal-redirect.symfony-non-literal-redirect"
               },
-              "fullDescription": {
-                "text": "ELB has no logging. Missing logs can cause missing important event information."
+              "full_description": {
+                "text": "The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/php.symfony.security.audit.symfony-non-literal-redirect.symfony-non-literal-redirect",
               "help": {
-                "markdown": "ELB has no logging. Missing logs can cause missing important event information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-elb-access-logs-not-enabled.aws-elb-access-logs-not-enabled)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "ELB has no logging. Missing logs can cause missing important event information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.symfony.security.audit.symfony-non-literal-redirect.symfony-non-literal-redirect)\n - [https://symfony.com/doc/current/controller.html#redirecting](https://symfony.com/doc/current/controller.html#redirecting)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-elb-access-logs-not-enabled.aws-elb-access-logs-not-enabled",
-              "id": "terraform.aws.security.aws-elb-access-logs-not-enabled.aws-elb-access-logs-not-enabled",
-              "name": "terraform.aws.security.aws-elb-access-logs-not-enabled.aws-elb-access-logs-not-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-elb-access-logs-not-enabled.aws-elb-access-logs-not-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "yaml.kubernetes.security.hostpid-pod.hostpid-pod",
+              "name": "yaml.kubernetes.security.hostpid-pod.hostpid-pod",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.hostpid-pod.hostpid-pod"
               },
-              "fullDescription": {
-                "text": "The `vm` module enables compiling and running code within V8 Virtual Machine contexts. The `vm` module is not a security mechanism. Do not use it to run untrusted code. If code passed to `vm` functions is controlled by user input it could result in command injection. Do not let user input in `vm` functions."
+              "full_description": {
+                "text": "Pod is sharing the host process ID namespace. When paired with ptrace this can be used to escalate privileges outside of the container. Remove the 'hostPID' key to disable this functionality."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.hostpid-pod.hostpid-pod",
               "help": {
-                "markdown": "The `vm` module enables compiling and running code within V8 Virtual Machine contexts. The `vm` module is not a security mechanism. Do not use it to run untrusted code. If code passed to `vm` functions is controlled by user input it could result in command injection. Do not let user input in `vm` functions.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.vm-runincontext-injection.vm-runincontext-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "The `vm` module enables compiling and running code within V8 Virtual Machine contexts. The `vm` module is not a security mechanism. Do not use it to run untrusted code. If code passed to `vm` functions is controlled by user input it could result in command injection. Do not let user input in `vm` functions.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Pod is sharing the host process ID namespace. When paired with ptrace this can be used to escalate privileges outside of the container. Remove the 'hostPID' key to disable this functionality.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Pod is sharing the host process ID namespace. When paired with ptrace this can be used to escalate privileges outside of the container. Remove the 'hostPID' key to disable this functionality.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.hostpid-pod.hostpid-pod)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.vm-runincontext-injection.vm-runincontext-injection",
-              "id": "javascript.aws-lambda.security.vm-runincontext-injection.vm-runincontext-injection",
-              "name": "javascript.aws-lambda.security.vm-runincontext-injection.vm-runincontext-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-269: Improper Privilege Management",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.vm-runincontext-injection.vm-runincontext-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "c.lang.security.random-fd-exhaustion.random-fd-exhaustion",
+              "name": "c.lang.security.random-fd-exhaustion.random-fd-exhaustion",
+              "short_description": {
+                "text": "Semgrep Finding: c.lang.security.random-fd-exhaustion.random-fd-exhaustion"
               },
-              "fullDescription": {
-                "text": "Sauce Token detected"
+              "full_description": {
+                "text": "Call to 'read()' without error checking is susceptible to file descriptor exhaustion. Consider using the 'getrandom()' function."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/c.lang.security.random-fd-exhaustion.random-fd-exhaustion",
               "help": {
-                "markdown": "Sauce Token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-sauce-token.detected-sauce-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Sauce Token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Call to 'read()' without error checking is susceptible to file descriptor exhaustion. Consider using the 'getrandom()' function.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Call to 'read()' without error checking is susceptible to file descriptor exhaustion. Consider using the 'getrandom()' function.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/c.lang.security.random-fd-exhaustion.random-fd-exhaustion)\n - [https://lwn.net/Articles/606141/](https://lwn.net/Articles/606141/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-sauce-token.detected-sauce-token",
-              "id": "generic.secrets.security.detected-sauce-token.detected-sauce-token",
-              "name": "generic.secrets.security.detected-sauce-token.detected-sauce-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-774: Allocation of File Descriptors or Handles Without Limits or Throttling",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-sauce-token.detected-sauce-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.iam.no-iam-priv-esc-other-users.no-iam-priv-esc-other-users",
+              "name": "terraform.lang.security.iam.no-iam-priv-esc-other-users.no-iam-priv-esc-other-users",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-priv-esc-other-users.no-iam-priv-esc-other-users"
               },
-              "fullDescription": {
-                "text": "The AWS configuration aggregator does not aggregate all AWS Config region. This may result in unmonitored configuration in regions that are thought to be unused. Configure the aggregator with all_regions for the source."
+              "full_description": {
+                "text": "Ensure that IAM policies with permissions on other users don't allow for privilege escalation. This can lead to an attacker gaining full administrator access of AWS accounts. Instead, specify which user the permission should be used on or do not use the listed actions. $RESOURCE"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-other-users.no-iam-priv-esc-other-users",
               "help": {
-                "markdown": "The AWS configuration aggregator does not aggregate all AWS Config region. This may result in unmonitored configuration in regions that are thought to be unused. Configure the aggregator with all_regions for the source.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-config-aggregator-not-all-regions.aws-config-aggregator-not-all-regions)\n - [https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/](https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/)\n",
-                "text": "The AWS configuration aggregator does not aggregate all AWS Config region. This may result in unmonitored configuration in regions that are thought to be unused. Configure the aggregator with all_regions for the source.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure that IAM policies with permissions on other users don't allow for privilege escalation. This can lead to an attacker gaining full administrator access of AWS accounts. Instead, specify which user the permission should be used on or do not use the listed actions. $RESOURCE\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure that IAM policies with permissions on other users don't allow for privilege escalation. This can lead to an attacker gaining full administrator access of AWS accounts. Instead, specify which user the permission should be used on or do not use the listed actions. $RESOURCE\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-other-users.no-iam-priv-esc-other-users)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/](https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/)\n - [https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMPrivilegeEscalation.py](https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMPrivilegeEscalation.py)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-config-aggregator-not-all-regions.aws-config-aggregator-not-all-regions",
-              "id": "terraform.aws.security.aws-config-aggregator-not-all-regions.aws-config-aggregator-not-all-regions",
-              "name": "terraform.aws.security.aws-config-aggregator-not-all-regions.aws-config-aggregator-not-all-regions",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-778: Insufficient Logging",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A09:2021 - Security Logging and Monitoring Failures",
+                  "CWE-269: Improper Privilege Management",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-config-aggregator-not-all-regions.aws-config-aggregator-not-all-regions"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.injection.path-traversal-open.path-traversal-open",
+              "name": "python.flask.security.injection.path-traversal-open.path-traversal-open",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.injection.path-traversal-open.path-traversal-open"
               },
-              "fullDescription": {
-                "text": "Detected the use of `$TRUST`. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. If you have to use `$TRUST`, ensure it does not come from user-input or use the appropriate prevention mechanism e.g. input validation or sanitization depending on the context."
+              "full_description": {
+                "text": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.injection.path-traversal-open.path-traversal-open",
               "help": {
-                "markdown": "Detected the use of `$TRUST`. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. If you have to use `$TRUST`, ensure it does not come from user-input or use the appropriate prevention mechanism e.g. input validation or sanitization depending on the context.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.angular.security.audit.angular-domsanitizer.angular-bypasssecuritytrust)\n - [https://angular.io/api/platform-browser/DomSanitizer](https://angular.io/api/platform-browser/DomSanitizer)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)\n",
-                "text": "Detected the use of `$TRUST`. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. If you have to use `$TRUST`, ensure it does not come from user-input or use the appropriate prevention mechanism e.g. input validation or sanitization depending on the context.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.path-traversal-open.path-traversal-open)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.angular.security.audit.angular-domsanitizer.angular-bypasssecuritytrust",
-              "id": "typescript.angular.security.audit.angular-domsanitizer.angular-bypasssecuritytrust",
-              "name": "typescript.angular.security.audit.angular-domsanitizer.angular-bypasssecuritytrust",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.angular.security.audit.angular-domsanitizer.angular-bypasssecuritytrust"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open-ftp.insecure-openerdirector-open-ftp",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open-ftp.insecure-openerdirector-open-ftp",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open-ftp.insecure-openerdirector-open-ftp"
               },
-              "fullDescription": {
-                "text": "User-controllable argument $DATAVAL to $METHOD passed to Axios via internal handler $INNERFUNC. This could be a server-side request forgery. A user could call a restricted API or leak internal headers to an unauthorized party. Validate your user arguments against an allowlist of known URLs, or consider refactoring so that user-controlled data is not necessary."
+              "full_description": {
+                "text": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'ftp://'. Information sent over this connection will be unencrypted. Consider using SFTP instead. urllib does not support SFTP, so consider a library which supports SFTP."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open-ftp.insecure-openerdirector-open-ftp",
               "help": {
-                "markdown": "User-controllable argument $DATAVAL to $METHOD passed to Axios via internal handler $INNERFUNC. This could be a server-side request forgery. A user could call a restricted API or leak internal headers to an unauthorized party. Validate your user arguments against an allowlist of known URLs, or consider refactoring so that user-controlled data is not necessary.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.apollo.security.apollo-axios-ssrf.apollo-axios-ssrf)\n - [https://www.cvedetails.com/cve/CVE-2020-28168/](https://www.cvedetails.com/cve/CVE-2020-28168/)\n - [https://owasp.org/www-community/attacks/Server_Side_Request_Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n",
-                "text": "User-controllable argument $DATAVAL to $METHOD passed to Axios via internal handler $INNERFUNC. This could be a server-side request forgery. A user could call a restricted API or leak internal headers to an unauthorized party. Validate your user arguments against an allowlist of known URLs, or consider refactoring so that user-controlled data is not necessary.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'ftp://'. Information sent over this connection will be unencrypted. Consider using SFTP instead. urllib does not support SFTP, so consider a library which supports SFTP.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'ftp://'. Information sent over this connection will be unencrypted. Consider using SFTP instead. urllib does not support SFTP, so consider a library which supports SFTP.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open-ftp.insecure-openerdirector-open-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.OpenerDirector.open](https://docs.python.org/3/library/urllib.request.html#urllib.request.OpenerDirector.open)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.apollo.security.apollo-axios-ssrf.apollo-axios-ssrf",
-              "id": "javascript.apollo.security.apollo-axios-ssrf.apollo-axios-ssrf",
-              "name": "javascript.apollo.security.apollo-axios-ssrf.apollo-axios-ssrf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.apollo.security.apollo-axios-ssrf.apollo-axios-ssrf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.telnetlib.telnetlib",
+              "name": "python.lang.security.audit.telnetlib.telnetlib",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.telnetlib.telnetlib"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need to do this, use `escape_javascript` or its alias, `j`. However, this will not protect from XSS in all circumstances; see the references for more information. Consider placing this value in the HTML portion (outside of a script tag)."
+              "full_description": {
+                "text": "Telnet does not encrypt communications. Use SSH instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.telnetlib.telnetlib",
               "help": {
-                "markdown": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need to do this, use `escape_javascript` or its alias, `j`. However, this will not protect from XSS in all circumstances; see the references for more information. Consider placing this value in the HTML portion (outside of a script tag).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.var-in-script-tag.var-in-script-tag)\n - [https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/](https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/)\n - [https://www.youtube.com/watch?v=yYTkLUEdIyE](https://www.youtube.com/watch?v=yYTkLUEdIyE)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n",
-                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need to do this, use `escape_javascript` or its alias, `j`. However, this will not protect from XSS in all circumstances; see the references for more information. Consider placing this value in the HTML portion (outside of a script tag).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Telnet does not encrypt communications. Use SSH instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Telnet does not encrypt communications. Use SSH instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.telnetlib.telnetlib)\n - [https://docs.python.org/3/library/telnetlib.html](https://docs.python.org/3/library/telnetlib.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.var-in-script-tag.var-in-script-tag",
-              "id": "ruby.rails.security.audit.xss.templates.var-in-script-tag.var-in-script-tag",
-              "name": "ruby.rails.security.audit.xss.templates.var-in-script-tag.var-in-script-tag",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.var-in-script-tag.var-in-script-tag"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.xss.jsf.autoescape-disabled.autoescape-disabled",
+              "name": "java.lang.security.audit.xss.jsf.autoescape-disabled.autoescape-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.xss.jsf.autoescape-disabled.autoescape-disabled"
               },
-              "fullDescription": {
-                "text": "Square OAuth Secret detected"
+              "full_description": {
+                "text": "Detected an element with disabled HTML escaping. If external data can reach this, this is a cross-site scripting (XSS) vulnerability. Ensure no external data can reach here, or remove 'escape=false' from this element."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.xss.jsf.autoescape-disabled.autoescape-disabled",
               "help": {
-                "markdown": "Square OAuth Secret detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-square-oauth-secret.detected-square-oauth-secret)\n - [https://github.com/Yelp/detect-secrets/blob/master/tests/plugins/square_oauth_test.py](https://github.com/Yelp/detect-secrets/blob/master/tests/plugins/square_oauth_test.py)\n",
-                "text": "Square OAuth Secret detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an element with disabled HTML escaping. If external data can reach this, this is a cross-site scripting (XSS) vulnerability. Ensure no external data can reach here, or remove 'escape=false' from this element.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an element with disabled HTML escaping. If external data can reach this, this is a cross-site scripting (XSS) vulnerability. Ensure no external data can reach here, or remove 'escape=false' from this element.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xss.jsf.autoescape-disabled.autoescape-disabled)\n - [https://stackoverflow.com/a/7442668](https://stackoverflow.com/a/7442668)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-square-oauth-secret.detected-square-oauth-secret",
-              "id": "generic.secrets.security.detected-square-oauth-secret.detected-square-oauth-secret",
-              "name": "generic.secrets.security.detected-square-oauth-secret.detected-square-oauth-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-square-oauth-secret.detected-square-oauth-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.http-components-request.http-components-request",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.http-components-request.http-components-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.http-components-request.http-components-request"
               },
-              "fullDescription": {
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
+              "full_description": {
+                "text": "Checks for requests sent via Apache HTTP Components to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
               },
-              "help": {
-                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.aws-lambda.security.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n",
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.http-components-request.http-components-request",
+              "help": {
+                "text": "Checks for requests sent via Apache HTTP Components to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests sent via Apache HTTP Components to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.http-components-request.http-components-request)\n - [https://hc.apache.org/httpcomponents-client-ga/quickstart.html](https://hc.apache.org/httpcomponents-client-ga/quickstart.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.aws-lambda.security.tainted-sql-string.tainted-sql-string",
-              "id": "go.aws-lambda.security.tainted-sql-string.tainted-sql-string",
-              "name": "go.aws-lambda.security.tainted-sql-string.tainted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.aws-lambda.security.tainted-sql-string.tainted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.audit.openssl-decrypt-validate.openssl-decrypt-validate",
+              "name": "php.lang.security.audit.openssl-decrypt-validate.openssl-decrypt-validate",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.audit.openssl-decrypt-validate.openssl-decrypt-validate"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "The function `openssl_decrypt` returns either a string of the decrypted data on success or `false` on failure. If the failure case is not handled, this could lead to undefined behavior in your application. Please handle the case where `openssl_decrypt` returns `false`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.audit.openssl-decrypt-validate.openssl-decrypt-validate",
               "help": {
-                "markdown": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-evaluate-code-injection.playwright-evaluate-code-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The function `openssl_decrypt` returns either a string of the decrypted data on success or `false` on failure. If the failure case is not handled, this could lead to undefined behavior in your application. Please handle the case where `openssl_decrypt` returns `false`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The function `openssl_decrypt` returns either a string of the decrypted data on success or `false` on failure. If the failure case is not handled, this could lead to undefined behavior in your application. Please handle the case where `openssl_decrypt` returns `false`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.audit.openssl-decrypt-validate.openssl-decrypt-validate)\n - [https://www.php.net/manual/en/function.openssl-decrypt.php](https://www.php.net/manual/en/function.openssl-decrypt.php)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-evaluate-code-injection.playwright-evaluate-code-injection",
-              "id": "javascript.playwright.security.audit.playwright-evaluate-code-injection.playwright-evaluate-code-injection",
-              "name": "javascript.playwright.security.audit.playwright-evaluate-code-injection.playwright-evaluate-code-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-252: Unchecked Return Value",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-evaluate-code-injection.playwright-evaluate-code-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.httpclient-http-request.httpclient-http-request",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.httpclient-http-request.httpclient-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.httpclient-http-request.httpclient-http-request"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `DB['select * from items where name = ?', name]`"
+              "full_description": {
+                "text": "Checks for requests sent via HttpClient to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpclient-http-request.httpclient-http-request",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `DB['select * from items where name = ?', name]`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.sequel-sqli.sequel-sqli)\n - [https://github.com/jeremyevans/sequel#label-Arbitrary+SQL+queries](https://github.com/jeremyevans/sequel#label-Arbitrary+SQL+queries)\n",
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `DB['select * from items where name = ?', name]`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests sent via HttpClient to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests sent via HttpClient to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpclient-http-request.httpclient-http-request)\n - [https://openjdk.java.net/groups/net/httpclient/intro.html](https://openjdk.java.net/groups/net/httpclient/intro.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.aws-lambda.security.sequel-sqli.sequel-sqli",
-              "id": "ruby.aws-lambda.security.sequel-sqli.sequel-sqli",
-              "name": "ruby.aws-lambda.security.sequel-sqli.sequel-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.aws-lambda.security.sequel-sqli.sequel-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open-ftp.insecure-urlopener-open-ftp",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open-ftp.insecure-urlopener-open-ftp",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open-ftp.insecure-urlopener-open-ftp"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a go-pg SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead of string concatenation. You can use parameterized queries like so: '(SELECT ? FROM table, data1)'"
+              "full_description": {
+                "text": "Detected an insecure transmission channel. 'URLopener.open(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open-ftp.insecure-urlopener-open-ftp",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a go-pg SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead of string concatenation. You can use parameterized queries like so: '(SELECT ? FROM table, data1)'\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.sqli.pg-sqli.pg-sqli)\n - [https://pg.uptrace.dev/](https://pg.uptrace.dev/)\n - [https://pkg.go.dev/github.com/go-pg/pg/v10](https://pkg.go.dev/github.com/go-pg/pg/v10)\n",
-                "text": "Detected string concatenation with a non-literal variable in a go-pg SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries instead of string concatenation. You can use parameterized queries like so: '(SELECT ? FROM table, data1)'\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an insecure transmission channel. 'URLopener.open(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an insecure transmission channel. 'URLopener.open(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open-ftp.insecure-urlopener-open-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.open](https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.open)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.sqli.pg-sqli.pg-sqli",
-              "id": "go.lang.security.audit.sqli.pg-sqli.pg-sqli",
-              "name": "go.lang.security.audit.sqli.pg-sqli.pg-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.sqli.pg-sqli.pg-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.python.pickles-in-pytorch.pickles-in-pytorch",
+              "name": "trailofbits.python.pickles-in-pytorch.pickles-in-pytorch",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.python.pickles-in-pytorch.pickles-in-pytorch"
               },
-              "fullDescription": {
-                "text": "Detected a Storage that was not configured to deny action by default. Add `enable_https_traffic_only = true` in your resource block."
+              "full_description": {
+                "text": "Functions reliant on pickle can result in arbitrary code execution.  Consider loading from `state_dict`, using fickling, or switching to a safer serialization method like ONNX"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.python.pickles-in-pytorch.pickles-in-pytorch",
               "help": {
-                "markdown": "Detected a Storage that was not configured to deny action by default. Add `enable_https_traffic_only = true` in your resource block.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.storage.storage-enforce-https.storage-enforce-https)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#enable_https_traffic_only](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#enable_https_traffic_only)\n - [https://docs.microsoft.com/en-us/azure/storage/common/storage-require-secure-transfer](https://docs.microsoft.com/en-us/azure/storage/common/storage-require-secure-transfer)\n",
-                "text": "Detected a Storage that was not configured to deny action by default. Add `enable_https_traffic_only = true` in your resource block.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Functions reliant on pickle can result in arbitrary code execution.  Consider loading from `state_dict`, using fickling, or switching to a safer serialization method like ONNX\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Functions reliant on pickle can result in arbitrary code execution.  Consider loading from `state_dict`, using fickling, or switching to a safer serialization method like ONNX\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.pickles-in-pytorch.pickles-in-pytorch)\n - [https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/](https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.storage.storage-enforce-https.storage-enforce-https",
-              "id": "terraform.azure.security.storage.storage-enforce-https.storage-enforce-https",
-              "name": "terraform.azure.security.storage.storage-enforce-https.storage-enforce-https",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.storage.storage-enforce-https.storage-enforce-https"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.express-ssrf.express-ssrf",
+              "name": "javascript.express.security.audit.express-ssrf.express-ssrf",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-ssrf.express-ssrf"
               },
-              "fullDescription": {
-                "text": "Static IV used with AES in CBC mode. Static IVs enable chosen-plaintext attacks against encrypted data."
+              "full_description": {
+                "text": "The following request $REQUEST.$METHOD() was found to be crafted from user-input `$REQ` which can lead to Server-Side Request Forgery (SSRF) vulnerabilities. It is recommended where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommeneded to follow OWASP best practices to prevent abuse. "
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-ssrf.express-ssrf",
               "help": {
-                "markdown": "Static IV used with AES in CBC mode. Static IVs enable chosen-plaintext attacks against encrypted data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.openssl-cbc-static-iv.openssl-cbc-static-iv)\n - [https://csrc.nist.gov/publications/detail/sp/800-38a/final](https://csrc.nist.gov/publications/detail/sp/800-38a/final)\n",
-                "text": "Static IV used with AES in CBC mode. Static IVs enable chosen-plaintext attacks against encrypted data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The following request $REQUEST.$METHOD() was found to be crafted from user-input `$REQ` which can lead to Server-Side Request Forgery (SSRF) vulnerabilities. It is recommended where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommeneded to follow OWASP best practices to prevent abuse. \n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The following request $REQUEST.$METHOD() was found to be crafted from user-input `$REQ` which can lead to Server-Side Request Forgery (SSRF) vulnerabilities. It is recommended where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommeneded to follow OWASP best practices to prevent abuse. \n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-ssrf.express-ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.openssl-cbc-static-iv.openssl-cbc-static-iv",
-              "id": "php.lang.security.openssl-cbc-static-iv.openssl-cbc-static-iv",
-              "name": "php.lang.security.openssl-cbc-static-iv.openssl-cbc-static-iv",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-329: Generation of Predictable IV with CBC Mode",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.openssl-cbc-static-iv.openssl-cbc-static-iv"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.pycryptodome.security.insecure-cipher-algorithm-blowfish.insecure-cipher-algorithm-blowfish",
+              "name": "python.pycryptodome.security.insecure-cipher-algorithm-blowfish.insecure-cipher-algorithm-blowfish",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insecure-cipher-algorithm-blowfish.insecure-cipher-algorithm-blowfish"
               },
-              "fullDescription": {
-                "text": "'html_safe' renders raw HTML. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify."
+              "full_description": {
+                "text": "Detected Blowfish cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-blowfish.insecure-cipher-algorithm-blowfish",
               "help": {
-                "markdown": "'html_safe' renders raw HTML. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-html-safe.avoid-html-safe)\n - [https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===](https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===)\n - [https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027](https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027)\n",
-                "text": "'html_safe' renders raw HTML. This means that normal HTML escaping is bypassed. If user data can be controlled here, this exposes your application to cross-site scripting (XSS). If you need to do this, be sure to correctly sanitize the data using a library such as DOMPurify.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected Blowfish cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected Blowfish cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-blowfish.insecure-cipher-algorithm-blowfish)\n - [https://stackoverflow.com/questions/1135186/whats-wrong-with-xor-encryption](https://stackoverflow.com/questions/1135186/whats-wrong-with-xor-encryption)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-html-safe.avoid-html-safe",
-              "id": "ruby.rails.security.audit.xss.templates.avoid-html-safe.avoid-html-safe",
-              "name": "ruby.rails.security.audit.xss.templates.avoid-html-safe.avoid-html-safe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.avoid-html-safe.avoid-html-safe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "c.lang.security.insecure-use-scanf-fn.insecure-use-scanf-fn",
+              "name": "c.lang.security.insecure-use-scanf-fn.insecure-use-scanf-fn",
+              "short_description": {
+                "text": "Semgrep Finding: c.lang.security.insecure-use-scanf-fn.insecure-use-scanf-fn"
               },
-              "fullDescription": {
-                "text": "Found a formatted template string passed to 'template.HTML()'. 'template.HTML()' does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability."
+              "full_description": {
+                "text": "Avoid using 'scanf()'. This function, when used improperly, does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' instead for reading input."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/c.lang.security.insecure-use-scanf-fn.insecure-use-scanf-fn",
               "help": {
-                "markdown": "Found a formatted template string passed to 'template.HTML()'. 'template.HTML()' does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.formatted-template-string.formatted-template-string)\n - [https://golang.org/pkg/html/template/#HTML](https://golang.org/pkg/html/template/#HTML)\n",
-                "text": "Found a formatted template string passed to 'template.HTML()'. 'template.HTML()' does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using 'scanf()'. This function, when used improperly, does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' instead for reading input.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using 'scanf()'. This function, when used improperly, does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' instead for reading input.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/c.lang.security.insecure-use-scanf-fn.insecure-use-scanf-fn)\n - [http://sekrit.de/webdocs/c/beginners-guide-away-from-scanf.html](http://sekrit.de/webdocs/c/beginners-guide-away-from-scanf.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.formatted-template-string.formatted-template-string",
-              "id": "go.lang.security.audit.net.formatted-template-string.formatted-template-string",
-              "name": "go.lang.security.audit.net.formatted-template-string.formatted-template-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-676: Use of Potentially Dangerous Function",
+                  "LOW CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.formatted-template-string.formatted-template-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.script-engine-injection.script-engine-injection",
+              "name": "java.lang.security.audit.script-engine-injection.script-engine-injection",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.script-engine-injection.script-engine-injection"
               },
-              "fullDescription": {
-                "text": "Detected input from a HTTPServletRequest going into a SQL sink or statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead."
+              "full_description": {
+                "text": "Detected potential code injection using ScriptEngine. Ensure user-controlled data cannot enter '.eval()', otherwise, this is a code injection vulnerability."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.script-engine-injection.script-engine-injection",
               "help": {
-                "markdown": "Detected input from a HTTPServletRequest going into a SQL sink or statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n",
-                "text": "Detected input from a HTTPServletRequest going into a SQL sink or statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use parameterized SQL queries or properly sanitize user input instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected potential code injection using ScriptEngine. Ensure user-controlled data cannot enter '.eval()', otherwise, this is a code injection vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected potential code injection using ScriptEngine. Ensure user-controlled data cannot enter '.eval()', otherwise, this is a code injection vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.script-engine-injection.script-engine-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request",
-              "id": "java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request",
-              "name": "java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.xss.no-direct-response-writer.no-direct-response-writer",
+              "name": "java.lang.security.audit.xss.no-direct-response-writer.no-direct-response-writer",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.xss.no-direct-response-writer.no-direct-response-writer"
               },
-              "fullDescription": {
-                "text": "Detected 'printf' or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users."
+              "full_description": {
+                "text": "Detected a request with potential user-input going into a OutputStream or Writer object. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as JavaServer Faces (JSFs) which automatically escapes HTML views."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.xss.no-direct-response-writer.no-direct-response-writer",
               "help": {
-                "markdown": "Detected 'printf' or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-printf-in-responsewriter.no-printf-in-responsewriter)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n",
-                "text": "Detected 'printf' or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a request with potential user-input going into a OutputStream or Writer object. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as JavaServer Faces (JSFs) which automatically escapes HTML views.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a request with potential user-input going into a OutputStream or Writer object. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as JavaServer Faces (JSFs) which automatically escapes HTML views.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xss.no-direct-response-writer.no-direct-response-writer)\n - [https://www3.ntu.edu.sg/home/ehchua/programming/java/JavaServerFaces.html](https://www3.ntu.edu.sg/home/ehchua/programming/java/JavaServerFaces.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-printf-in-responsewriter.no-printf-in-responsewriter",
-              "id": "go.lang.security.audit.xss.no-printf-in-responsewriter.no-printf-in-responsewriter",
-              "name": "go.lang.security.audit.xss.no-printf-in-responsewriter.no-printf-in-responsewriter",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.xss.no-printf-in-responsewriter.no-printf-in-responsewriter"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-httponly",
+              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-httponly",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-httponly"
               },
-              "fullDescription": {
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
+              "full_description": {
+                "text": "Default session middleware settings: `httpOnly` not set. It ensures the cookie is sent only over HTTP(S), not client JavaScript, helping to protect against cross-site scripting attacks."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-httponly",
               "help": {
-                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.jwt.security.jwt-none-alg.ruby-jwt-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Default session middleware settings: `httpOnly` not set. It ensures the cookie is sent only over HTTP(S), not client JavaScript, helping to protect against cross-site scripting attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Default session middleware settings: `httpOnly` not set. It ensures the cookie is sent only over HTTP(S), not client JavaScript, helping to protect against cross-site scripting attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-httponly)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.jwt.security.jwt-none-alg.ruby-jwt-none-alg",
-              "id": "ruby.jwt.security.jwt-none-alg.ruby-jwt-none-alg",
-              "name": "ruby.jwt.security.jwt-none-alg.ruby-jwt-none-alg",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.jwt.security.jwt-none-alg.ruby-jwt-none-alg"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.dangerous-exec-cmd.dangerous-exec-cmd",
+              "name": "go.lang.security.audit.dangerous-exec-cmd.dangerous-exec-cmd",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.dangerous-exec-cmd.dangerous-exec-cmd"
               },
-              "fullDescription": {
-                "text": "Checks for unsafe use of Object#send, try, __send__, and public_send. These only account for unsafe use of a method, not target. This can lead to arbitrary calling of exit, along with arbitrary code execution. Please be sure to sanitize input in order to avoid this."
+              "full_description": {
+                "text": "Detected non-static command inside exec.Cmd. Audit the input to 'exec.Cmd'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.dangerous-exec-cmd.dangerous-exec-cmd",
               "help": {
-                "markdown": "Checks for unsafe use of Object#send, try, __send__, and public_send. These only account for unsafe use of a method, not target. This can lead to arbitrary calling of exit, along with arbitrary code execution. Please be sure to sanitize input in order to avoid this.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.no-send.bad-send)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_send.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_send.rb)\n - [https://the.igreque.info/posts/2016/01-object-send-considered-harmful-en.html](https://the.igreque.info/posts/2016/01-object-send-considered-harmful-en.html)\n",
-                "text": "Checks for unsafe use of Object#send, try, __send__, and public_send. These only account for unsafe use of a method, not target. This can lead to arbitrary calling of exit, along with arbitrary code execution. Please be sure to sanitize input in order to avoid this.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected non-static command inside exec.Cmd. Audit the input to 'exec.Cmd'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-static command inside exec.Cmd. Audit the input to 'exec.Cmd'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.dangerous-exec-cmd.dangerous-exec-cmd)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.no-send.bad-send",
-              "id": "ruby.lang.security.no-send.bad-send",
-              "name": "ruby.lang.security.no-send.bad-send",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.no-send.bad-send"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.jsonwebtoken.security.audit.jwt-exposed-data.jwt-exposed-data",
+              "name": "javascript.jsonwebtoken.security.audit.jwt-exposed-data.jwt-exposed-data",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.jsonwebtoken.security.audit.jwt-exposed-data.jwt-exposed-data"
               },
-              "fullDescription": {
-                "text": "Detected input from a HTTPServletRequest going into an LDAP query. This could lead to LDAP injection if the input is not properly sanitized, which could result in attackers modifying objects in the LDAP tree structure. Ensure data passed to an LDAP query is not controllable or properly sanitize the data."
+              "full_description": {
+                "text": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.jsonwebtoken.security.audit.jwt-exposed-data.jwt-exposed-data",
               "help": {
-                "markdown": "Detected input from a HTTPServletRequest going into an LDAP query. This could lead to LDAP injection if the input is not properly sanitized, which could result in attackers modifying objects in the LDAP tree structure. Ensure data passed to an LDAP query is not controllable or properly sanitize the data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.tainted-ldapi-from-http-request.tainted-ldapi-from-http-request)\n - [https://sensei.securecodewarrior.com/recipes/scw%3Ajava%3ALDAP-injection](https://sensei.securecodewarrior.com/recipes/scw%3Ajava%3ALDAP-injection)\n",
-                "text": "Detected input from a HTTPServletRequest going into an LDAP query. This could lead to LDAP injection if the input is not properly sanitized, which could result in attackers modifying objects in the LDAP tree structure. Ensure data passed to an LDAP query is not controllable or properly sanitize the data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jsonwebtoken.security.audit.jwt-exposed-data.jwt-exposed-data)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.tainted-ldapi-from-http-request.tainted-ldapi-from-http-request",
-              "id": "java.lang.security.audit.tainted-ldapi-from-http-request.tainted-ldapi-from-http-request",
-              "name": "java.lang.security.audit.tainted-ldapi-from-http-request.tainted-ldapi-from-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.tainted-ldapi-from-http-request.tainted-ldapi-from-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.insecure-deserialization.insecure-typefilterlevel-full.insecure-typefilterlevel-full",
+              "name": "csharp.lang.security.insecure-deserialization.insecure-typefilterlevel-full.insecure-typefilterlevel-full",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.insecure-typefilterlevel-full.insecure-typefilterlevel-full"
               },
-              "fullDescription": {
-                "text": "Semgrep detected a Kubernetes core API ClusterRole with excessive permissions. Attaching excessive permissions to a ClusterRole associated with the core namespace allows the V1 API to perform arbitrary actions on arbitrary resources attached to the cluster. Prefer explicit allowlists of verbs/resources when configuring the core API namespace. "
+              "full_description": {
+                "text": "Using a .NET remoting service can lead to RCE, even if you try to configure TypeFilterLevel. Recommended to switch from .NET Remoting to WCF https://docs.microsoft.com/en-us/dotnet/framework/wcf/migrating-from-net-remoting-to-wcf"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.insecure-typefilterlevel-full.insecure-typefilterlevel-full",
               "help": {
-                "markdown": "Semgrep detected a Kubernetes core API ClusterRole with excessive permissions. Attaching excessive permissions to a ClusterRole associated with the core namespace allows the V1 API to perform arbitrary actions on arbitrary resources attached to the cluster. Prefer explicit allowlists of verbs/resources when configuring the core API namespace. \n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.legacy-api-clusterrole-excessive-permissions.legacy-api-clusterrole-excessive-permissions)\n - [https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole)\n - [https://kubernetes.io/docs/concepts/security/rbac-good-practices/#general-good-practice](https://kubernetes.io/docs/concepts/security/rbac-good-practices/#general-good-practice)\n - [https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#api-groups](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#api-groups)\n",
-                "text": "Semgrep detected a Kubernetes core API ClusterRole with excessive permissions. Attaching excessive permissions to a ClusterRole associated with the core namespace allows the V1 API to perform arbitrary actions on arbitrary resources attached to the cluster. Prefer explicit allowlists of verbs/resources when configuring the core API namespace. \n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using a .NET remoting service can lead to RCE, even if you try to configure TypeFilterLevel. Recommended to switch from .NET Remoting to WCF https://docs.microsoft.com/en-us/dotnet/framework/wcf/migrating-from-net-remoting-to-wcf\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using a .NET remoting service can lead to RCE, even if you try to configure TypeFilterLevel. Recommended to switch from .NET Remoting to WCF https://docs.microsoft.com/en-us/dotnet/framework/wcf/migrating-from-net-remoting-to-wcf\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.insecure-typefilterlevel-full.insecure-typefilterlevel-full)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.formatters.typefilterlevel?view=net-6.0](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.formatters.typefilterlevel?view=net-6.0)\n - [https://www.synacktiv.com/en/publications/izi-izi-pwn2own-ics-miami.html](https://www.synacktiv.com/en/publications/izi-izi-pwn2own-ics-miami.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.legacy-api-clusterrole-excessive-permissions.legacy-api-clusterrole-excessive-permissions",
-              "id": "yaml.kubernetes.security.legacy-api-clusterrole-excessive-permissions.legacy-api-clusterrole-excessive-permissions",
-              "name": "yaml.kubernetes.security.legacy-api-clusterrole-excessive-permissions.legacy-api-clusterrole-excessive-permissions",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-269: Improper Privilege Management",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.legacy-api-clusterrole-excessive-permissions.legacy-api-clusterrole-excessive-permissions"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.deserialization.extract-user-data",
+              "name": "php.lang.security.deserialization.extract-user-data",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.deserialization.extract-user-data"
               },
-              "fullDescription": {
-                "text": "Data from request is passed to a file name `$FILE`. This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library."
+              "full_description": {
+                "text": "Do not call 'extract()' on user-controllable data. If you must, then you must also provide the EXTR_SKIP flag to prevent overwriting existing variables."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.deserialization.extract-user-data",
               "help": {
-                "markdown": "Data from request is passed to a file name `$FILE`. This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-file-name.path-traversal-file-name)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n",
-                "text": "Data from request is passed to a file name `$FILE`. This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Do not call 'extract()' on user-controllable data. If you must, then you must also provide the EXTR_SKIP flag to prevent overwriting existing variables.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Do not call 'extract()' on user-controllable data. If you must, then you must also provide the EXTR_SKIP flag to prevent overwriting existing variables.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.deserialization.extract-user-data)\n - [https://www.php.net/manual/en/function.extract.php#refsect1-function.extract-notes](https://www.php.net/manual/en/function.extract.php#refsect1-function.extract-notes)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-file-name.path-traversal-file-name",
-              "id": "python.django.security.injection.path-traversal.path-traversal-file-name.path-traversal-file-name",
-              "name": "python.django.security.injection.path-traversal.path-traversal-file-name.path-traversal-file-name",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.path-traversal.path-traversal-file-name.path-traversal-file-name"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.pycryptodome.security.insecure-cipher-algorithm-rc4.insecure-cipher-algorithm-rc4",
+              "name": "python.pycryptodome.security.insecure-cipher-algorithm-rc4.insecure-cipher-algorithm-rc4",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insecure-cipher-algorithm-rc4.insecure-cipher-algorithm-rc4"
               },
-              "fullDescription": {
-                "text": "Detected non-static command inside 'open'. Audit the input to 'open'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              "full_description": {
+                "text": "Detected ARC4 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-rc4.insecure-cipher-algorithm-rc4",
               "help": {
-                "markdown": "Detected non-static command inside 'open'. Audit the input to 'open'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.dangerous-open.dangerous-open)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected non-static command inside 'open'. Audit the input to 'open'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected ARC4 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected ARC4 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-rc4.insecure-cipher-algorithm-rc4)\n - [https://cwe.mitre.org/data/definitions/326.html](https://cwe.mitre.org/data/definitions/326.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.dangerous-open.dangerous-open",
-              "id": "ruby.lang.security.dangerous-open.dangerous-open",
-              "name": "ruby.lang.security.dangerous-open.dangerous-open",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.dangerous-open.dangerous-open"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.tecra-coin-burnfrom-bug.tecra-coin-burnfrom-bug",
+              "name": "solidity.security.tecra-coin-burnfrom-bug.tecra-coin-burnfrom-bug",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.tecra-coin-burnfrom-bug.tecra-coin-burnfrom-bug"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "Parameter \"from\" is checked at incorrect position in \"_allowances\" mapping"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.tecra-coin-burnfrom-bug.tecra-coin-burnfrom-bug",
               "help": {
-                "markdown": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-evaluate-code-injection.puppeteer-evaluate-code-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Parameter \"from\" is checked at incorrect position in \"_allowances\" mapping\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Parameter \"from\" is checked at incorrect position in \"_allowances\" mapping\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.tecra-coin-burnfrom-bug.tecra-coin-burnfrom-bug)\n - [https://twitter.com/Mauricio_0218/status/1490082073096462340](https://twitter.com/Mauricio_0218/status/1490082073096462340)\n - [https://etherscan.io/address/0xe38b72d6595fd3885d1d2f770aa23e94757f91a1](https://etherscan.io/address/0xe38b72d6595fd3885d1d2f770aa23e94757f91a1)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-evaluate-code-injection.puppeteer-evaluate-code-injection",
-              "id": "javascript.puppeteer.security.audit.puppeteer-evaluate-code-injection.puppeteer-evaluate-code-injection",
-              "name": "javascript.puppeteer.security.audit.puppeteer-evaluate-code-injection.puppeteer-evaluate-code-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-688: Function Call With Incorrect Variable or Reference as Argument",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.puppeteer.security.audit.puppeteer-evaluate-code-injection.puppeteer-evaluate-code-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument",
+              "name": "python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument"
               },
-              "fullDescription": {
-                "text": "Ensure IAM policies don't allow credentials exposure. Credentials exposure actions return credentials as part of the API response, and can possibly lead to leaking important credentials. Instead, use another action that doesn't return sensitive data as part of the API response."
+              "full_description": {
+                "text": "Hardcoded password is used as a default argument to '$FUNC'. This could be dangerous if a real password is not supplied."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument",
               "help": {
-                "markdown": "Ensure IAM policies don't allow credentials exposure. Credentials exposure actions return credentials as part of the API response, and can possibly lead to leaking important credentials. Instead, use another action that doesn't return sensitive data as part of the API response.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-creds-exposure.no-iam-creds-exposure)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/credentials-exposure/](https://cloudsplaining.readthedocs.io/en/latest/glossary/credentials-exposure/)\n - [https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMCredentialsExposure.py](https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMCredentialsExposure.py)\n",
-                "text": "Ensure IAM policies don't allow credentials exposure. Credentials exposure actions return credentials as part of the API response, and can possibly lead to leaking important credentials. Instead, use another action that doesn't return sensitive data as part of the API response.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Hardcoded password is used as a default argument to '$FUNC'. This could be dangerous if a real password is not supplied.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Hardcoded password is used as a default argument to '$FUNC'. This could be dangerous if a real password is not supplied.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-creds-exposure.no-iam-creds-exposure",
-              "id": "terraform.lang.security.iam.no-iam-creds-exposure.no-iam-creds-exposure",
-              "name": "terraform.lang.security.iam.no-iam-creds-exposure.no-iam-creds-exposure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-creds-exposure.no-iam-creds-exposure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.injection.open-redirect.open-redirect",
+              "name": "go.lang.security.injection.open-redirect.open-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.injection.open-redirect.open-redirect"
               },
-              "fullDescription": {
-                "text": "Detected a unescaped variables using '&attributes'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location."
+              "full_description": {
+                "text": "An HTTP redirect was found to be crafted from user-input `$REQUEST`. This can lead to open redirect vulnerabilities, potentially allowing attackers to redirect users to malicious web sites. It is recommend where possible to not allow user-input to craft the redirect URL. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to restrict the URL to domains in an allowlist."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.injection.open-redirect.open-redirect",
               "help": {
-                "markdown": "Detected a unescaped variables using '&attributes'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.pug.and-attributes.template-and-attributes)\n - [https://pugjs.org/language/attributes.html#attributes](https://pugjs.org/language/attributes.html#attributes)\n",
-                "text": "Detected a unescaped variables using '&attributes'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "An HTTP redirect was found to be crafted from user-input `$REQUEST`. This can lead to open redirect vulnerabilities, potentially allowing attackers to redirect users to malicious web sites. It is recommend where possible to not allow user-input to craft the redirect URL. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to restrict the URL to domains in an allowlist.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "An HTTP redirect was found to be crafted from user-input `$REQUEST`. This can lead to open redirect vulnerabilities, potentially allowing attackers to redirect users to malicious web sites. It is recommend where possible to not allow user-input to craft the redirect URL. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to restrict the URL to domains in an allowlist.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.injection.open-redirect.open-redirect)\n - [https://knowledge-base.secureflag.com/vulnerabilities/unvalidated_redirects___forwards/open_redirect_go_lang.html](https://knowledge-base.secureflag.com/vulnerabilities/unvalidated_redirects___forwards/open_redirect_go_lang.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.pug.and-attributes.template-and-attributes",
-              "id": "javascript.express.security.audit.xss.pug.and-attributes.template-and-attributes",
-              "name": "javascript.express.security.audit.xss.pug.and-attributes.template-and-attributes",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.pug.and-attributes.template-and-attributes"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.sqli.jpa-sqli.jpa-sqli",
+              "name": "java.lang.security.audit.sqli.jpa-sqli.jpa-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.sqli.jpa-sqli.jpa-sqli"
               },
-              "fullDescription": {
-                "text": "Flags cases of possible path traversal. If an unfiltered parameter is passed into 'fromFile', file from an arbitrary filesystem location could be read. This could lead to sensitive data exposure and other provles. Instead, sanitize the user input instead of performing direct string concatenation."
+              "full_description": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.sqli.jpa-sqli.jpa-sqli",
               "help": {
-                "markdown": "Flags cases of possible path traversal. If an unfiltered parameter is passed into 'fromFile', file from an arbitrary filesystem location could be read. This could lead to sensitive data exposure and other provles. Instead, sanitize the user input instead of performing direct string concatenation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.path-traversal-fromfile.path-traversal-fromfile)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Flags cases of possible path traversal. If an unfiltered parameter is passed into 'fromFile', file from an arbitrary filesystem location could be read. This could lead to sensitive data exposure and other provles. Instead, sanitize the user input instead of performing direct string concatenation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.jpa-sqli.jpa-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.path-traversal-fromfile.path-traversal-fromfile",
-              "id": "scala.lang.security.audit.path-traversal-fromfile.path-traversal-fromfile",
-              "name": "scala.lang.security.audit.path-traversal-fromfile.path-traversal-fromfile",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.path-traversal-fromfile.path-traversal-fromfile"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.puppeteer.security.audit.puppeteer-exposed-chrome-devtools.puppeteer-exposed-chrome-devtools",
+              "name": "javascript.puppeteer.security.audit.puppeteer-exposed-chrome-devtools.puppeteer-exposed-chrome-devtools",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.puppeteer.security.audit.puppeteer-exposed-chrome-devtools.puppeteer-exposed-chrome-devtools"
               },
-              "fullDescription": {
-                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token."
+              "full_description": {
+                "text": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-exposed-chrome-devtools.puppeteer-exposed-chrome-devtools",
               "help": {
-                "markdown": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.java-jwt.security.audit.jwt-decode-without-verify.java-jwt-decode-without-verify)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n",
-                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-exposed-chrome-devtools.puppeteer-exposed-chrome-devtools)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.java-jwt.security.audit.jwt-decode-without-verify.java-jwt-decode-without-verify",
-              "id": "java.java-jwt.security.audit.jwt-decode-without-verify.java-jwt-decode-without-verify",
-              "name": "java.java-jwt.security.audit.jwt-decode-without-verify.java-jwt-decode-without-verify",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-345: Insufficient Verification of Data Authenticity",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.java-jwt.security.audit.jwt-decode-without-verify.java-jwt-decode-without-verify"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_ENV",
+              "name": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_ENV",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_ENV"
               },
-              "fullDescription": {
-                "text": "URL rewriting has significant security risks. Since session ID appears in the URL, it may be easily seen by third parties."
+              "full_description": {
+                "text": "Hardcoded variable `ENV` detected. Set this by using FLASK_ENV environment variable"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_ENV",
               "help": {
-                "markdown": "URL rewriting has significant security risks. Since session ID appears in the URL, it may be easily seen by third parties.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.url-rewriting.url-rewriting)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "URL rewriting has significant security risks. Since session ID appears in the URL, it may be easily seen by third parties.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Hardcoded variable `ENV` detected. Set this by using FLASK_ENV environment variable\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Hardcoded variable `ENV` detected. Set this by using FLASK_ENV environment variable\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_ENV)\n - [https://bento.dev/checks/flask/avoid-hardcoded-config/](https://bento.dev/checks/flask/avoid-hardcoded-config/)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.url-rewriting.url-rewriting",
-              "id": "java.lang.security.audit.url-rewriting.url-rewriting",
-              "name": "java.lang.security.audit.url-rewriting.url-rewriting",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "CWE-489: Active Debug Code",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.url-rewriting.url-rewriting"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.js-node.http-request.http-request",
+              "name": "problem-based-packs.insecure-transport.js-node.http-request.http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.http-request.http-request"
               },
-              "fullDescription": {
-                "text": "File name based on user input risks server-side request forgery."
+              "full_description": {
+                "text": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.http-request.http-request",
               "help": {
-                "markdown": "File name based on user input risks server-side request forgery.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.injection.tainted-filename.tainted-filename)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "File name based on user input risks server-side request forgery.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.http-request.http-request)\n - [https://nodejs.org/api/http.html#http_http_request_options_callback](https://nodejs.org/api/http.html#http_http_request_options_callback)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.injection.tainted-filename.tainted-filename",
-              "id": "php.lang.security.injection.tainted-filename.tainted-filename",
-              "name": "php.lang.security.injection.tainted-filename.tainted-filename",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.injection.tainted-filename.tainted-filename"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.audit.debug-enabled.debug-enabled",
+              "name": "python.flask.security.audit.debug-enabled.debug-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.debug-enabled.debug-enabled"
               },
-              "fullDescription": {
-                "text": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data."
+              "full_description": {
+                "text": "Detected Flask app with debug=True. Do not deploy to production with this flag enabled as it will leak sensitive information. Instead, consider using Flask configuration variables or setting 'debug' using system environment variables."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.debug-enabled.debug-enabled",
               "help": {
-                "markdown": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.tainted-html-response.tainted-html-response)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected user input flowing into an HTML response. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected Flask app with debug=True. Do not deploy to production with this flag enabled as it will leak sensitive information. Instead, consider using Flask configuration variables or setting 'debug' using system environment variables.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected Flask app with debug=True. Do not deploy to production with this flag enabled as it will leak sensitive information. Instead, consider using Flask configuration variables or setting 'debug' using system environment variables.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.debug-enabled.debug-enabled)\n - [https://labs.detectify.com/2015/10/02/how-patreon-got-hacked-publicly-exposed-werkzeug-debugger/](https://labs.detectify.com/2015/10/02/how-patreon-got-hacked-publicly-exposed-werkzeug-debugger/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.tainted-html-response.tainted-html-response",
-              "id": "javascript.aws-lambda.security.tainted-html-response.tainted-html-response",
-              "name": "javascript.aws-lambda.security.tainted-html-response.tainted-html-response",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-489: Active Debug Code",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.tainted-html-response.tainted-html-response"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.docker-compose.security.selinux-separation-disabled.selinux-separation-disabled",
+              "name": "yaml.docker-compose.security.selinux-separation-disabled.selinux-separation-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.docker-compose.security.selinux-separation-disabled.selinux-separation-disabled"
               },
-              "fullDescription": {
-                "text": "Detected Django filters flagged with 'is_safe'. 'is_safe' tells Django not to apply escaping on the value returned by this filter (although the input is escaped). Used improperly, 'is_safe' could expose your application to cross-site scripting (XSS) vulnerabilities. Ensure this filter does not 1) add HTML characters, 2) remove characters, or 3) use external data in any way. Consider instead removing 'is_safe' and explicitly marking safe content with 'mark_safe()'."
+              "full_description": {
+                "text": "Service '$SERVICE' is explicitly disabling SELinux separation. This runs the service as an unconfined type. Remove 'label:disable' to prevent this."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.docker-compose.security.selinux-separation-disabled.selinux-separation-disabled",
               "help": {
-                "markdown": "Detected Django filters flagged with 'is_safe'. 'is_safe' tells Django not to apply escaping on the value returned by this filter (although the input is escaped). Used improperly, 'is_safe' could expose your application to cross-site scripting (XSS) vulnerabilities. Ensure this filter does not 1) add HTML characters, 2) remove characters, or 3) use external data in any way. Consider instead removing 'is_safe' and explicitly marking safe content with 'mark_safe()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.filter-with-is-safe.filter-with-is-safe)\n - [https://docs.djangoproject.com/en/3.1/topics/security/#cross-site-scripting-xss-protection](https://docs.djangoproject.com/en/3.1/topics/security/#cross-site-scripting-xss-protection)\n - [https://docs.djangoproject.com/en/3.1/howto/custom-template-tags/#filters-and-auto-escaping](https://docs.djangoproject.com/en/3.1/howto/custom-template-tags/#filters-and-auto-escaping)\n - [https://stackoverflow.com/questions/7665512/why-use-is-safe](https://stackoverflow.com/questions/7665512/why-use-is-safe)\n",
-                "text": "Detected Django filters flagged with 'is_safe'. 'is_safe' tells Django not to apply escaping on the value returned by this filter (although the input is escaped). Used improperly, 'is_safe' could expose your application to cross-site scripting (XSS) vulnerabilities. Ensure this filter does not 1) add HTML characters, 2) remove characters, or 3) use external data in any way. Consider instead removing 'is_safe' and explicitly marking safe content with 'mark_safe()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Service '$SERVICE' is explicitly disabling SELinux separation. This runs the service as an unconfined type. Remove 'label:disable' to prevent this.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Service '$SERVICE' is explicitly disabling SELinux separation. This runs the service as an unconfined type. Remove 'label:disable' to prevent this.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.selinux-separation-disabled.selinux-separation-disabled)\n - [https://www.projectatomic.io/blog/2016/03/dwalsh_selinux_containers/](https://www.projectatomic.io/blog/2016/03/dwalsh_selinux_containers/)\n - [https://docs.docker.com/engine/reference/run/#security-configuration](https://docs.docker.com/engine/reference/run/#security-configuration)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.filter-with-is-safe.filter-with-is-safe",
-              "id": "python.django.security.audit.xss.filter-with-is-safe.filter-with-is-safe",
-              "name": "python.django.security.audit.xss.filter-with-is-safe.filter-with-is-safe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-284: Improper Access Control",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.filter-with-is-safe.filter-with-is-safe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle",
+              "name": "java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle"
               },
-              "fullDescription": {
-                "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
+              "full_description": {
+                "text": "Using CBC with PKCS5Padding is susceptible to padding oracle attacks. A malicious actor could discern the difference between plaintext with valid or invalid padding. Further, CBC mode does not include any integrity checks. Use 'AES/GCM/NoPadding' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle",
               "help": {
-                "markdown": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.tainted-pickle-deserialization.tainted-pickle-deserialization)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n - [https://davidhamann.de/2020/04/05/exploiting-python-pickle/](https://davidhamann.de/2020/04/05/exploiting-python-pickle/)\n",
-                "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using CBC with PKCS5Padding is susceptible to padding oracle attacks. A malicious actor could discern the difference between plaintext with valid or invalid padding. Further, CBC mode does not include any integrity checks. Use 'AES/GCM/NoPadding' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using CBC with PKCS5Padding is susceptible to padding oracle attacks. A malicious actor could discern the difference between plaintext with valid or invalid padding. Further, CBC mode does not include any integrity checks. Use 'AES/GCM/NoPadding' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle)\n - [https://capec.mitre.org/data/definitions/463.html](https://capec.mitre.org/data/definitions/463.html)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#cipher-modes](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#cipher-modes)\n - [https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY](https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.tainted-pickle-deserialization.tainted-pickle-deserialization",
-              "id": "python.aws-lambda.security.tainted-pickle-deserialization.tainted-pickle-deserialization",
-              "name": "python.aws-lambda.security.tainted-pickle-deserialization.tainted-pickle-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.tainted-pickle-deserialization.tainted-pickle-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "pdb.set_trace() with the header argument is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use set_trace() without the header argument."
-              },
-              "help": {
-                "markdown": "pdb.set_trace() with the header argument is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use set_trace() without the header argument.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-pdb)\n",
-                "text": "pdb.set_trace() with the header argument is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use set_trace() without the header argument.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-pdb",
-              "id": "python.lang.compatibility.python37.python37-compatibility-pdb",
-              "name": "python.lang.compatibility.python37.python37-compatibility-pdb",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
+              "id": "go.grpc.security.grpc-client-insecure-connection.grpc-client-insecure-connection",
+              "name": "go.grpc.security.grpc-client-insecure-connection.grpc-client-insecure-connection",
+              "short_description": {
+                "text": "Semgrep Finding: go.grpc.security.grpc-client-insecure-connection.grpc-client-insecure-connection"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-pdb"
-              }
-            },
-            {
-              "defaultConfiguration": {
-                "level": "warning"
+              "full_description": {
+                "text": "Found an insecure gRPC connection using 'grpc.WithInsecure()'. This creates a connection without encryption to a gRPC server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Instead, establish a secure connection with an SSL certificate using the 'grpc.WithTransportCredentials()' function. You can create a create credentials using a 'tls.Config{}' struct with 'credentials.NewTLS()'. The final fix looks like this: 'grpc.WithTransportCredentials(credentials.NewTLS(<config>))'."
               },
-              "fullDescription": {
-                "text": "EC2 instances should not have a public IP address attached in order to block public access to the instances. To fix this, set your `associate_public_ip_address` to `\"false\"`."
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.grpc.security.grpc-client-insecure-connection.grpc-client-insecure-connection",
               "help": {
-                "markdown": "EC2 instances should not have a public IP address attached in order to block public access to the instances. To fix this, set your `associate_public_ip_address` to `\"false\"`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ec2-has-public-ip.aws-ec2-has-public-ip)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "EC2 instances should not have a public IP address attached in order to block public access to the instances. To fix this, set your `associate_public_ip_address` to `\"false\"`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found an insecure gRPC connection using 'grpc.WithInsecure()'. This creates a connection without encryption to a gRPC server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Instead, establish a secure connection with an SSL certificate using the 'grpc.WithTransportCredentials()' function. You can create a create credentials using a 'tls.Config{}' struct with 'credentials.NewTLS()'. The final fix looks like this: 'grpc.WithTransportCredentials(credentials.NewTLS(<config>))'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found an insecure gRPC connection using 'grpc.WithInsecure()'. This creates a connection without encryption to a gRPC server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Instead, establish a secure connection with an SSL certificate using the 'grpc.WithTransportCredentials()' function. You can create a create credentials using a 'tls.Config{}' struct with 'credentials.NewTLS()'. The final fix looks like this: 'grpc.WithTransportCredentials(credentials.NewTLS(<config>))'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.grpc.security.grpc-client-insecure-connection.grpc-client-insecure-connection)\n - [https://blog.gopheracademy.com/advent-2019/go-grps-and-tls/#connection-without-encryption](https://blog.gopheracademy.com/advent-2019/go-grps-and-tls/#connection-without-encryption)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-ec2-has-public-ip.aws-ec2-has-public-ip",
-              "id": "terraform.aws.security.aws-ec2-has-public-ip.aws-ec2-has-public-ip",
-              "name": "terraform.aws.security.aws-ec2-has-public-ip.aws-ec2-has-public-ip",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "CWE-300: Channel Accessible by Non-Endpoint",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-ec2-has-public-ip.aws-ec2-has-public-ip"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.xssrequestwrapper-is-insecure.xssrequestwrapper-is-insecure",
+              "name": "java.lang.security.audit.xssrequestwrapper-is-insecure.xssrequestwrapper-is-insecure",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.xssrequestwrapper-is-insecure.xssrequestwrapper-is-insecure"
               },
-              "fullDescription": {
-                "text": "User controlled data in a HTML string may result in XSS"
+              "full_description": {
+                "text": "It looks like you're using an implementation of XSSRequestWrapper from dzone. (https://www.javacodegeeks.com/2012/07/anti-cross-site-scripting-xss-filter.html) The XSS filtering in this code is not secure and can be bypassed by malicious actors. It is recommended to use a stack that automatically escapes in your view or templates instead of filtering yourself."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.xssrequestwrapper-is-insecure.xssrequestwrapper-is-insecure",
               "help": {
-                "markdown": "User controlled data in a HTML string may result in XSS\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.raw-html-concat.raw-html-concat)\n - [https://owasp.org/www-community/attacks/xss/](https://owasp.org/www-community/attacks/xss/)\n",
-                "text": "User controlled data in a HTML string may result in XSS\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "It looks like you're using an implementation of XSSRequestWrapper from dzone. (https://www.javacodegeeks.com/2012/07/anti-cross-site-scripting-xss-filter.html) The XSS filtering in this code is not secure and can be bypassed by malicious actors. It is recommended to use a stack that automatically escapes in your view or templates instead of filtering yourself.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "It looks like you're using an implementation of XSSRequestWrapper from dzone. (https://www.javacodegeeks.com/2012/07/anti-cross-site-scripting-xss-filter.html) The XSS filtering in this code is not secure and can be bypassed by malicious actors. It is recommended to use a stack that automatically escapes in your view or templates instead of filtering yourself.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xssrequestwrapper-is-insecure.xssrequestwrapper-is-insecure)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.browser.security.raw-html-concat.raw-html-concat",
-              "id": "javascript.browser.security.raw-html-concat.raw-html-concat",
-              "name": "javascript.browser.security.raw-html-concat.raw-html-concat",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.browser.security.raw-html-concat.raw-html-concat"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring",
+              "name": "javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring"
               },
-              "fullDescription": {
-                "text": "Detected a network listener listening on 0.0.0.0 or an empty string. This could unexpectedly expose the server publicly as it binds to all available interfaces. Instead, specify another IP address that is not 0.0.0.0 nor the empty string."
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a util.format / console.log function. If an attacker injects a format specifier in the string, it will forge the log message. Try to use constant values for the format string."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring",
               "help": {
-                "markdown": "Detected a network listener listening on 0.0.0.0 or an empty string. This could unexpectedly expose the server publicly as it binds to all available interfaces. Instead, specify another IP address that is not 0.0.0.0 nor the empty string.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.bind_all.avoid-bind-to-all-interfaces)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Detected a network listener listening on 0.0.0.0 or an empty string. This could unexpectedly expose the server publicly as it binds to all available interfaces. Instead, specify another IP address that is not 0.0.0.0 nor the empty string.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in a util.format / console.log function. If an attacker injects a format specifier in the string, it will forge the log message. Try to use constant values for the format string.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a util.format / console.log function. If an attacker injects a format specifier in the string, it will forge the log message. Try to use constant values for the format string.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring)\n - [https://cwe.mitre.org/data/definitions/134.html](https://cwe.mitre.org/data/definitions/134.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.bind_all.avoid-bind-to-all-interfaces",
-              "id": "go.lang.security.audit.net.bind_all.avoid-bind-to-all-interfaces",
-              "name": "go.lang.security.audit.net.bind_all.avoid-bind-to-all-interfaces",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
-                  "HIGH CONFIDENCE",
+                  "CWE-134: Use of Externally-Controlled Format String",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.bind_all.avoid-bind-to-all-interfaces"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.md5-used-as-password.md5-used-as-password",
+              "name": "go.lang.security.audit.md5-used-as-password.md5-used-as-password",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.md5-used-as-password.md5-used-as-password"
               },
-              "fullDescription": {
-                "text": "Avoid rendering user input. It may be possible for a malicious user to input a path that lets them access a template they shouldn't. To prevent this, check dynamic template paths against a predefined allowlist to make sure it's an allowed template."
+              "full_description": {
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `golang.org/x/crypto/bcrypt` package."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.md5-used-as-password.md5-used-as-password",
               "help": {
-                "markdown": "Avoid rendering user input. It may be possible for a malicious user to input a path that lets them access a template they shouldn't. To prevent this, check dynamic template paths against a predefined allowlist to make sure it's an allowed template.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-dynamic-path.avoid-render-dynamic-path)\n - [https://brakemanscanner.org/docs/warning_types/dynamic_render_paths/](https://brakemanscanner.org/docs/warning_types/dynamic_render_paths/)\n",
-                "text": "Avoid rendering user input. It may be possible for a malicious user to input a path that lets them access a template they shouldn't. To prevent this, check dynamic template paths against a predefined allowlist to make sure it's an allowed template.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `golang.org/x/crypto/bcrypt` package.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `golang.org/x/crypto/bcrypt` package.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html](https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html)\n - [https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n - [https://pkg.go.dev/golang.org/x/crypto/bcrypt](https://pkg.go.dev/golang.org/x/crypto/bcrypt)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-dynamic-path.avoid-render-dynamic-path",
-              "id": "ruby.rails.security.audit.xss.avoid-render-dynamic-path.avoid-render-dynamic-path",
-              "name": "ruby.rails.security.audit.xss.avoid-render-dynamic-path.avoid-render-dynamic-path",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-render-dynamic-path.avoid-render-dynamic-path"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-codeclimate.detected-codeclimate",
+              "name": "generic.secrets.security.detected-codeclimate.detected-codeclimate",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-codeclimate.detected-codeclimate"
               },
-              "fullDescription": {
-                "text": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher."
+              "full_description": {
+                "text": "CodeClimate detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-codeclimate.detected-codeclimate",
               "help": {
-                "markdown": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insufficient-dsa-key-size.insufficient-dsa-key-size)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n",
-                "text": "Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "CodeClimate detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "CodeClimate detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-codeclimate.detected-codeclimate)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
-              "id": "python.pycryptodome.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
-              "name": "python.pycryptodome.security.insufficient-dsa-key-size.insufficient-dsa-key-size",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insufficient-dsa-key-size.insufficient-dsa-key-size"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-provider-static-credentials.aws-provider-static-credentials",
+              "name": "terraform.aws.security.aws-provider-static-credentials.aws-provider-static-credentials",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-provider-static-credentials.aws-provider-static-credentials"
               },
-              "fullDescription": {
-                "text": "XML external entities are enabled for this XMLInputFactory. This is vulnerable to XML external entity attacks. Disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false."
+              "full_description": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-provider-static-credentials.aws-provider-static-credentials",
               "help": {
-                "markdown": "XML external entities are enabled for this XMLInputFactory. This is vulnerable to XML external entity attacks. Disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.xmlinputfactory-external-entities-enabled.xmlinputfactory-external-entities-enabled)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://www.blackhat.com/docs/us-15/materials/us-15-Wang-FileCry-The-New-Age-Of-XXE-java-wp.pdf](https://www.blackhat.com/docs/us-15/materials/us-15-Wang-FileCry-The-New-Age-Of-XXE-java-wp.pdf)\n",
-                "text": "XML external entities are enabled for this XMLInputFactory. This is vulnerable to XML external entity attacks. Disable external entities by setting \"javax.xml.stream.isSupportingExternalEntities\" to false.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-provider-static-credentials.aws-provider-static-credentials)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.xmlinputfactory-external-entities-enabled.xmlinputfactory-external-entities-enabled",
-              "id": "java.lang.security.xmlinputfactory-external-entities-enabled.xmlinputfactory-external-entities-enabled",
-              "name": "java.lang.security.xmlinputfactory-external-entities-enabled.xmlinputfactory-external-entities-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "LOW CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.xmlinputfactory-external-entities-enabled.xmlinputfactory-external-entities-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "bash.curl.security.curl-pipe-bash.curl-pipe-bash",
+              "name": "bash.curl.security.curl-pipe-bash.curl-pipe-bash",
+              "short_description": {
+                "text": "Semgrep Finding: bash.curl.security.curl-pipe-bash.curl-pipe-bash"
               },
-              "fullDescription": {
-                "text": "ERC777 tokensReceived() reentrancy"
+              "full_description": {
+                "text": "Data is being piped into `bash` from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the pipe, resulting in a system compromise. Avoid piping untrusted data into `bash` or any other shell if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/bash.curl.security.curl-pipe-bash.curl-pipe-bash",
               "help": {
-                "markdown": "ERC777 tokensReceived() reentrancy\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.erc777-reentrancy.erc777-reentrancy)\n - [https://mirror.xyz/baconcoin.eth/LHaPiX38mnx8eJ2RVKNXHttHfweQMKNGmEnX4KUksk0](https://mirror.xyz/baconcoin.eth/LHaPiX38mnx8eJ2RVKNXHttHfweQMKNGmEnX4KUksk0)\n - [https://etherscan.io/address/0xf53f00f844b381963a47fde3325011566870b31f](https://etherscan.io/address/0xf53f00f844b381963a47fde3325011566870b31f)\n",
-                "text": "ERC777 tokensReceived() reentrancy\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Data is being piped into `bash` from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the pipe, resulting in a system compromise. Avoid piping untrusted data into `bash` or any other shell if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data is being piped into `bash` from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the pipe, resulting in a system compromise. Avoid piping untrusted data into `bash` or any other shell if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/bash.curl.security.curl-pipe-bash.curl-pipe-bash)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.erc777-reentrancy.erc777-reentrancy",
-              "id": "solidity.security.erc777-reentrancy.erc777-reentrancy",
-              "name": "solidity.security.erc777-reentrancy.erc777-reentrancy",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-841: Improper Enforcement of Behavioral Workflow",
-                  "HIGH CONFIDENCE",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.erc777-reentrancy.erc777-reentrancy"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-workspaces-root-volume-unencrypted.aws-workspaces-root-volume-unencrypted",
+              "name": "terraform.aws.security.aws-workspaces-root-volume-unencrypted.aws-workspaces-root-volume-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-workspaces-root-volume-unencrypted.aws-workspaces-root-volume-unencrypted"
+              },
+              "full_description": {
+                "text": "The AWS Workspace root volume is unencrypted. The AWS KMS encryption key protects root volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
               },
-              "fullDescription": {
-                "text": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you\u2019re telling the browser to fetch in the 'integrity' attribute for all externally hosted files."
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-workspaces-root-volume-unencrypted.aws-workspaces-root-volume-unencrypted",
               "help": {
-                "markdown": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you\u2019re telling the browser to fetch in the 'integrity' attribute for all externally hosted files.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/html.security.audit.missing-integrity.missing-integrity)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n",
-                "text": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you\u2019re telling the browser to fetch in the 'integrity' attribute for all externally hosted files.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS Workspace root volume is unencrypted. The AWS KMS encryption key protects root volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS Workspace root volume is unencrypted. The AWS KMS encryption key protects root volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-workspaces-root-volume-unencrypted.aws-workspaces-root-volume-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/html.security.audit.missing-integrity.missing-integrity",
-              "id": "html.security.audit.missing-integrity.missing-integrity",
-              "name": "html.security.audit.missing-integrity.missing-integrity",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-353: Missing Support for Integrity Check",
+                  "CWE-326: Inadequate Encryption Strength",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: html.security.audit.missing-integrity.missing-integrity"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.requests.security.no-auth-over-http.no-auth-over-http",
+              "name": "python.requests.security.no-auth-over-http.no-auth-over-http",
+              "short_description": {
+                "text": "Semgrep Finding: python.requests.security.no-auth-over-http.no-auth-over-http"
               },
-              "fullDescription": {
-                "text": "Detected the use of `exec/eval`.This can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
+              "full_description": {
+                "text": "Authentication detected over HTTP. HTTP does not provide any encryption or protection for these authentication credentials. This may expose these credentials to unauthorized parties. Use 'https://' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.requests.security.no-auth-over-http.no-auth-over-http",
               "help": {
-                "markdown": "Detected the use of `exec/eval`.This can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.tainted-code-exec.tainted-code-exec)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected the use of `exec/eval`.This can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Authentication detected over HTTP. HTTP does not provide any encryption or protection for these authentication credentials. This may expose these credentials to unauthorized parties. Use 'https://' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Authentication detected over HTTP. HTTP does not provide any encryption or protection for these authentication credentials. This may expose these credentials to unauthorized parties. Use 'https://' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.requests.security.no-auth-over-http.no-auth-over-http)\n - [https://semgrep.dev/blog/2020/bento-check-no-auth-over-http/](https://semgrep.dev/blog/2020/bento-check-no-auth-over-http/)\n - [https://bento.dev/checks/requests/no-auth-over-http/](https://bento.dev/checks/requests/no-auth-over-http/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.tainted-code-exec.tainted-code-exec",
-              "id": "python.aws-lambda.security.tainted-code-exec.tainted-code-exec",
-              "name": "python.aws-lambda.security.tainted-code-exec.tainted-code-exec",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-523: Unprotected Transport of Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.tainted-code-exec.tainted-code-exec"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.ecb-cipher.ecb-cipher",
+              "name": "java.lang.security.audit.crypto.ecb-cipher.ecb-cipher",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.ecb-cipher.ecb-cipher"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`"
+              "full_description": {
+                "text": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.ecb-cipher.ecb-cipher",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.pymysql-sqli.pymysql-sqli)\n - [https://pypi.org/project/PyMySQL/#id4](https://pypi.org/project/PyMySQL/#id4)\n",
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', ('active'))`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.ecb-cipher.ecb-cipher)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.pymysql-sqli.pymysql-sqli",
-              "id": "python.aws-lambda.security.pymysql-sqli.pymysql-sqli",
-              "name": "python.aws-lambda.security.pymysql-sqli.pymysql-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.pymysql-sqli.pymysql-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.jwt-simple.security.jwt-simple-noverify.jwt-simple-noverify",
+              "name": "javascript.jwt-simple.security.jwt-simple-noverify.jwt-simple-noverify",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.jwt-simple.security.jwt-simple-noverify.jwt-simple-noverify"
               },
-              "fullDescription": {
-                "text": "The AWS Athena Work Group is unencrypted. The AWS KMS encryption key protects backups in the work group. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              "full_description": {
+                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Set 'verify' to `true` before using the token."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.jwt-simple.security.jwt-simple-noverify.jwt-simple-noverify",
               "help": {
-                "markdown": "The AWS Athena Work Group is unencrypted. The AWS KMS encryption key protects backups in the work group. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-athena-workgroup-unencrypted.aws-athena-workgroup-unencrypted)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "The AWS Athena Work Group is unencrypted. The AWS KMS encryption key protects backups in the work group. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Set 'verify' to `true` before using the token.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Set 'verify' to `true` before using the token.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jwt-simple.security.jwt-simple-noverify.jwt-simple-noverify)\n - [https://www.npmjs.com/package/jwt-simple](https://www.npmjs.com/package/jwt-simple)\n - [https://cwe.mitre.org/data/definitions/287](https://cwe.mitre.org/data/definitions/287)\n - [https://cwe.mitre.org/data/definitions/345](https://cwe.mitre.org/data/definitions/345)\n - [https://cwe.mitre.org/data/definitions/347](https://cwe.mitre.org/data/definitions/347)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-athena-workgroup-unencrypted.aws-athena-workgroup-unencrypted",
-              "id": "terraform.aws.security.aws-athena-workgroup-unencrypted.aws-athena-workgroup-unencrypted",
-              "name": "terraform.aws.security.aws-athena-workgroup-unencrypted.aws-athena-workgroup-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-287: Improper Authentication",
+                  "CWE-345: Insufficient Verification of Data Authenticity",
+                  "CWE-347: Improper Verification of Cryptographic Signature",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-athena-workgroup-unencrypted.aws-athena-workgroup-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-timestream-database-encrypted-with-cmk.aws-timestream-database-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-timestream-database-encrypted-with-cmk.aws-timestream-database-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-timestream-database-encrypted-with-cmk.aws-timestream-database-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "'render inline: ...' renders an entire ERB template inline and is dangerous. If external data can reach here, this exposes your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks. Instead, consider using a partial or another safe rendering method."
+              "full_description": {
+                "text": "Ensure Timestream database is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-timestream-database-encrypted-with-cmk.aws-timestream-database-encrypted-with-cmk",
               "help": {
-                "markdown": "'render inline: ...' renders an entire ERB template inline and is dangerous. If external data can reach here, this exposes your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks. Instead, consider using a partial or another safe rendering method.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-inline.avoid-render-inline)\n - [https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#inline-renders---even-worse-than-xss](https://brakemanpro.com/2017/09/08/cross-site-scripting-in-rails#inline-renders---even-worse-than-xss)\n",
-                "text": "'render inline: ...' renders an entire ERB template inline and is dangerous. If external data can reach here, this exposes your application to server-side template injection (SSTI) or cross-site scripting (XSS) attacks. Instead, consider using a partial or another safe rendering method.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure Timestream database is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure Timestream database is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-timestream-database-encrypted-with-cmk.aws-timestream-database-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-render-inline.avoid-render-inline",
-              "id": "ruby.rails.security.audit.xss.avoid-render-inline.avoid-render-inline",
-              "name": "ruby.rails.security.audit.xss.avoid-render-inline.avoid-render-inline",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-render-inline.avoid-render-inline"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-ssh-password.detected-ssh-password",
+              "name": "generic.secrets.security.detected-ssh-password.detected-ssh-password",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-ssh-password.detected-ssh-password"
               },
-              "fullDescription": {
-                "text": "Checks for requests sent via Java Spring RestTemplate API to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
+              "full_description": {
+                "text": "SSH Password detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-ssh-password.detected-ssh-password",
               "help": {
-                "markdown": "Checks for requests sent via Java Spring RestTemplate API to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.spring-http-request.spring-http-request)\n - [https://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/web/client/RestTemplate.html#delete-java.lang.String-java.util.Map-](https://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/web/client/RestTemplate.html#delete-java.lang.String-java.util.Map-)\n - [https://www.baeldung.com/rest-template](https://www.baeldung.com/rest-template)\n",
-                "text": "Checks for requests sent via Java Spring RestTemplate API to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "SSH Password detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "SSH Password detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-ssh-password.detected-ssh-password)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.spring-http-request.spring-http-request",
-              "id": "problem-based-packs.insecure-transport.java-spring.spring-http-request.spring-http-request",
-              "name": "problem-based-packs.insecure-transport.java-spring.spring-http-request.spring-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-spring.spring-http-request.spring-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+              "name": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.secure-cookies.django-secure-set-cookie"
               },
-              "fullDescription": {
-                "text": "Avoid using sudo in Dockerfiles. Running processes as a non-root user can help  reduce the potential impact of configuration errors and security vulnerabilities."
+              "full_description": {
+                "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.secure-cookies.django-secure-set-cookie",
               "help": {
-                "markdown": "Avoid using sudo in Dockerfiles. Running processes as a non-root user can help  reduce the potential impact of configuration errors and security vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/dockerfile.security.no-sudo-in-dockerfile.no-sudo-in-dockerfile)\n - [https://cwe.mitre.org/data/definitions/250.html](https://cwe.mitre.org/data/definitions/250.html)\n - [https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user)\n",
-                "text": "Avoid using sudo in Dockerfiles. Running processes as a non-root user can help  reduce the potential impact of configuration errors and security vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.secure-cookies.django-secure-set-cookie)\n - [https://docs.djangoproject.com/en/3.0/ref/request-response/#django.http.HttpResponse.set_cookie](https://docs.djangoproject.com/en/3.0/ref/request-response/#django.http.HttpResponse.set_cookie)\n - [https://semgrep.dev/blog/2020/bento-check-keeping-cookies-safe-in-flask/](https://semgrep.dev/blog/2020/bento-check-keeping-cookies-safe-in-flask/)\n - [https://bento.dev/checks/flask/secure-set-cookie/](https://bento.dev/checks/flask/secure-set-cookie/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/dockerfile.security.no-sudo-in-dockerfile.no-sudo-in-dockerfile",
-              "id": "dockerfile.security.no-sudo-in-dockerfile.no-sudo-in-dockerfile",
-              "name": "dockerfile.security.no-sudo-in-dockerfile.no-sudo-in-dockerfile",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-250: Execution with Unnecessary Privileges",
-                  "HIGH CONFIDENCE",
+                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "LOW CONFIDENCE",
                   "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: dockerfile.security.no-sudo-in-dockerfile.no-sudo-in-dockerfile"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-efs-filesystem-encrypted-with-cmk.aws-efs-filesystem-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-efs-filesystem-encrypted-with-cmk.aws-efs-filesystem-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-efs-filesystem-encrypted-with-cmk.aws-efs-filesystem-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "The AWS Workspace user volume is unencrypted. The AWS KMS encryption key protects user volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              "full_description": {
+                "text": "Ensure EFS filesystem is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-efs-filesystem-encrypted-with-cmk.aws-efs-filesystem-encrypted-with-cmk",
               "help": {
-                "markdown": "The AWS Workspace user volume is unencrypted. The AWS KMS encryption key protects user volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-workspaces-user-volume-unencrypted.aws-workspaces-user-volume-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS Workspace user volume is unencrypted. The AWS KMS encryption key protects user volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure EFS filesystem is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure EFS filesystem is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-efs-filesystem-encrypted-with-cmk.aws-efs-filesystem-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-workspaces-user-volume-unencrypted.aws-workspaces-user-volume-unencrypted",
-              "id": "terraform.aws.security.aws-workspaces-user-volume-unencrypted.aws-workspaces-user-volume-unencrypted",
-              "name": "terraform.aws.security.aws-workspaces-user-volume-unencrypted.aws-workspaces-user-volume-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-workspaces-user-volume-unencrypted.aws-workspaces-user-volume-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.tainted-cmd-from-http-request.tainted-cmd-from-http-request",
+              "name": "java.lang.security.audit.tainted-cmd-from-http-request.tainted-cmd-from-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.tainted-cmd-from-http-request.tainted-cmd-from-http-request"
               },
-              "fullDescription": {
-                "text": "Use of RC2 was detected. RC2 is vulnerable to related-key attacks, and is therefore considered non-compliant. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
+              "full_description": {
+                "text": "Detected input from a HTTPServletRequest going into a 'ProcessBuilder' or 'exec' command. This could lead to command injection if variables passed into the exec commands are not properly sanitized. Instead, avoid using these OS commands with user-supplied input, or, if you must use these commands, use a whitelist of specific values."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.tainted-cmd-from-http-request.tainted-cmd-from-http-request",
               "help": {
-                "markdown": "Use of RC2 was detected. RC2 is vulnerable to related-key attacks, and is therefore considered non-compliant. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-rc2.use-of-rc2)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n - [https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html](https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html)\n",
-                "text": "Use of RC2 was detected. RC2 is vulnerable to related-key attacks, and is therefore considered non-compliant. Instead, use a strong, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected input from a HTTPServletRequest going into a 'ProcessBuilder' or 'exec' command. This could lead to command injection if variables passed into the exec commands are not properly sanitized. Instead, avoid using these OS commands with user-supplied input, or, if you must use these commands, use a whitelist of specific values.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected input from a HTTPServletRequest going into a 'ProcessBuilder' or 'exec' command. This could lead to command injection if variables passed into the exec commands are not properly sanitized. Instead, avoid using these OS commands with user-supplied input, or, if you must use these commands, use a whitelist of specific values.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.tainted-cmd-from-http-request.tainted-cmd-from-http-request)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-rc2.use-of-rc2",
-              "id": "java.lang.security.audit.crypto.use-of-rc2.use-of-rc2",
-              "name": "java.lang.security.audit.crypto.use-of-rc2.use-of-rc2",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-rc2.use-of-rc2"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.no-eval.ruby-eval",
+              "name": "ruby.lang.security.no-eval.ruby-eval",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.no-eval.ruby-eval"
               },
-              "fullDescription": {
-                "text": "The EC2 launch template has Instance Metadata Service Version 1 (IMDSv1) enabled. IMDSv2 introduced session authentication tokens which improve security when talking to IMDS. You should either disable IMDS or require the use of IMDSv2."
+              "full_description": {
+                "text": "Use of eval with user-controllable input detected. This can lead  to attackers running arbitrary code. Ensure external data does not  reach here, otherwise this is a security vulnerability. Consider  other ways to do this without eval."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.no-eval.ruby-eval",
               "help": {
-                "markdown": "The EC2 launch template has Instance Metadata Service Version 1 (IMDSv1) enabled. IMDSv2 introduced session authentication tokens which improve security when talking to IMDS. You should either disable IMDS or require the use of IMDSv2.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ec2-launch-template-metadata-service-v1-enabled.aws-ec2-launch-template-metadata-service-v1-enabled)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#metadata_options](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#metadata_options)\n - [https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service](https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service)\n",
-                "text": "The EC2 launch template has Instance Metadata Service Version 1 (IMDSv1) enabled. IMDSv2 introduced session authentication tokens which improve security when talking to IMDS. You should either disable IMDS or require the use of IMDSv2.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Use of eval with user-controllable input detected. This can lead  to attackers running arbitrary code. Ensure external data does not  reach here, otherwise this is a security vulnerability. Consider  other ways to do this without eval.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use of eval with user-controllable input detected. This can lead  to attackers running arbitrary code. Ensure external data does not  reach here, otherwise this is a security vulnerability. Consider  other ways to do this without eval.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.no-eval.ruby-eval)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-ec2-launch-template-metadata-service-v1-enabled.aws-ec2-launch-template-metadata-service-v1-enabled",
-              "id": "terraform.aws.security.aws-ec2-launch-template-metadata-service-v1-enabled.aws-ec2-launch-template-metadata-service-v1-enabled",
-              "name": "terraform.aws.security.aws-ec2-launch-template-metadata-service-v1-enabled.aws-ec2-launch-template-metadata-service-v1-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1390: Weak Authentication",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-ec2-launch-template-metadata-service-v1-enabled.aws-ec2-launch-template-metadata-service-v1-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "scala.lang.security.audit.io-source-ssrf.io-source-ssrf",
+              "name": "scala.lang.security.audit.io-source-ssrf.io-source-ssrf",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.io-source-ssrf.io-source-ssrf"
               },
-              "fullDescription": {
-                "text": "PayPal Braintree Access Token detected"
+              "full_description": {
+                "text": "A parameter being passed directly into `fromURL` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.io-source-ssrf.io-source-ssrf",
               "help": {
-                "markdown": "PayPal Braintree Access Token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "PayPal Braintree Access Token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A parameter being passed directly into `fromURL` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A parameter being passed directly into `fromURL` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.io-source-ssrf.io-source-ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n - [https://www.scala-lang.org/api/current/scala/io/Source$.html#fromURL(url:java.net.URL)(implicitcodec:scala.io.Codec):scala.io.BufferedSource](https://www.scala-lang.org/api/current/scala/io/Source$.html#fromURL(url:java.net.URL)(implicitcodec:scala.io.Codec):scala.io.BufferedSource)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token",
-              "id": "generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token",
-              "name": "generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.wildcard-assume-role.wildcard-assume-role",
+              "name": "terraform.aws.security.wildcard-assume-role.wildcard-assume-role",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.wildcard-assume-role.wildcard-assume-role"
               },
-              "fullDescription": {
-                "text": "Artifactory token detected"
+              "full_description": {
+                "text": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.wildcard-assume-role.wildcard-assume-role",
               "help": {
-                "markdown": "Artifactory token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-artifactory-token.detected-artifactory-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Artifactory token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.wildcard-assume-role.wildcard-assume-role)\n - [https://rhinosecuritylabs.com/aws/assume-worst-aws-assume-role-enumeration/](https://rhinosecuritylabs.com/aws/assume-worst-aws-assume-role-enumeration/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-artifactory-token.detected-artifactory-token",
-              "id": "generic.secrets.security.detected-artifactory-token.detected-artifactory-token",
-              "name": "generic.secrets.security.detected-artifactory-token.detected-artifactory-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-250: Execution with Unnecessary Privileges",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-artifactory-token.detected-artifactory-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.lang.security.audit.rsa-padding-set.rsa-padding-set",
+              "name": "scala.lang.security.audit.rsa-padding-set.rsa-padding-set",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.rsa-padding-set.rsa-padding-set"
               },
-              "fullDescription": {
-                "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
+              "full_description": {
+                "text": "Usage of RSA without OAEP (Optimal Asymmetric Encryption Padding) may weaken encryption. This could lead to sensitive data exposure. Instead, use RSA with `OAEPWithMD5AndMGF1Padding` instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.rsa-padding-set.rsa-padding-set",
               "help": {
-                "markdown": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.eval-detected.eval-detected)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Usage of RSA without OAEP (Optimal Asymmetric Encryption Padding) may weaken encryption. This could lead to sensitive data exposure. Instead, use RSA with `OAEPWithMD5AndMGF1Padding` instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Usage of RSA without OAEP (Optimal Asymmetric Encryption Padding) may weaken encryption. This could lead to sensitive data exposure. Instead, use RSA with `OAEPWithMD5AndMGF1Padding` instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.rsa-padding-set.rsa-padding-set)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.browser.security.eval-detected.eval-detected",
-              "id": "javascript.browser.security.eval-detected.eval-detected",
-              "name": "javascript.browser.security.eval-detected.eval-detected",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-780: Use of RSA Algorithm without OAEP",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.browser.security.eval-detected.eval-detected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.angular.security.detect-angular-trust-as-method.detect-angular-trust-as-method",
+              "name": "javascript.angular.security.detect-angular-trust-as-method.detect-angular-trust-as-method",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-method.detect-angular-trust-as-method"
               },
-              "fullDescription": {
-                "text": "Detected DynamoDB query filter that is tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client."
+              "full_description": {
+                "text": "The use of $sce.trustAs can be dangerous if unsanitized user input flows through this API."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-method.detect-angular-trust-as-method",
               "help": {
-                "markdown": "Detected DynamoDB query filter that is tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dynamodb-filter-injection.dynamodb-filter-injection)\n - [https://medium.com/appsecengineer/dynamodb-injection-1db99c2454ac](https://medium.com/appsecengineer/dynamodb-injection-1db99c2454ac)\n",
-                "text": "Detected DynamoDB query filter that is tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The use of $sce.trustAs can be dangerous if unsanitized user input flows through this API.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The use of $sce.trustAs can be dangerous if unsanitized user input flows through this API.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-method.detect-angular-trust-as-method)\n - [https://docs.angularjs.org/api/ng/service/$sce](https://docs.angularjs.org/api/ng/service/$sce)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.dynamodb-filter-injection.dynamodb-filter-injection",
-              "id": "python.aws-lambda.security.dynamodb-filter-injection.dynamodb-filter-injection",
-              "name": "python.aws-lambda.security.dynamodb-filter-injection.dynamodb-filter-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-943: Improper Neutralization of Special Elements in Data Query Logic",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.dynamodb-filter-injection.dynamodb-filter-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.spawn-git-clone.spawn-git-clone",
+              "name": "javascript.lang.security.spawn-git-clone.spawn-git-clone",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.spawn-git-clone.spawn-git-clone"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result."
+              "full_description": {
+                "text": "Git allows shell commands to be specified in ext URLs for remote repositories. For example, git clone 'ext::sh -c whoami% >&2' will execute the whoami command to try to connect to a remote repository. Make sure that the URL is not controlled by external input."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.spawn-git-clone.spawn-git-clone",
               "help": {
-                "markdown": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-script-src.var-in-script-src)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n",
-                "text": "Detected a template variable used as the 'src' in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent malicious URLs from being injected and could results in a cross-site scripting (XSS) vulnerability. Prefer not to dynamically generate the 'src' attribute and use static URLs instead. If you must do this, carefully check URLs against an allowlist and be sure to URL-encode the result.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Git allows shell commands to be specified in ext URLs for remote repositories. For example, git clone 'ext::sh -c whoami% >&2' will execute the whoami command to try to connect to a remote repository. Make sure that the URL is not controlled by external input.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Git allows shell commands to be specified in ext URLs for remote repositories. For example, git clone 'ext::sh -c whoami% >&2' will execute the whoami command to try to connect to a remote repository. Make sure that the URL is not controlled by external input.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.spawn-git-clone.spawn-git-clone)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.ejs.var-in-script-src.var-in-script-src",
-              "id": "javascript.express.security.audit.xss.ejs.var-in-script-src.var-in-script-src",
-              "name": "javascript.express.security.audit.xss.ejs.var-in-script-src.var-in-script-src",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.ejs.var-in-script-src.var-in-script-src"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.mass-assignment.mass-assignment",
+              "name": "python.django.security.injection.mass-assignment.mass-assignment",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.mass-assignment.mass-assignment"
               },
-              "fullDescription": {
-                "text": "Using less than 128 bits for Blowfish is considered insecure. Use 128 bits or more, or switch to use AES instead."
+              "full_description": {
+                "text": "Mass assignment detected. This can result in assignment to model fields that are unintended and can be exploited by an attacker. Instead of using '**request.$W', assign each field you want to edit individually to prevent mass assignment. You can read more about mass assignment at https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.mass-assignment.mass-assignment",
               "help": {
-                "markdown": "Using less than 128 bits for Blowfish is considered insecure. Use 128 bits or more, or switch to use AES instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.blowfish-insufficient-key-size.blowfish-insufficient-key-size)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Using less than 128 bits for Blowfish is considered insecure. Use 128 bits or more, or switch to use AES instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Mass assignment detected. This can result in assignment to model fields that are unintended and can be exploited by an attacker. Instead of using '**request.$W', assign each field you want to edit individually to prevent mass assignment. You can read more about mass assignment at https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Mass assignment detected. This can result in assignment to model fields that are unintended and can be exploited by an attacker. Instead of using '**request.$W', assign each field you want to edit individually to prevent mass assignment. You can read more about mass assignment at https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.mass-assignment.mass-assignment)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.blowfish-insufficient-key-size.blowfish-insufficient-key-size",
-              "id": "java.lang.security.audit.blowfish-insufficient-key-size.blowfish-insufficient-key-size",
-              "name": "java.lang.security.audit.blowfish-insufficient-key-size.blowfish-insufficient-key-size",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.blowfish-insufficient-key-size.blowfish-insufficient-key-size"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-locale1",
+              "name": "python.lang.compatibility.python37.python37-compatibility-locale1",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-locale1"
               },
-              "fullDescription": {
-                "text": "Found user-controlled request data passed into HttpResponse. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed."
+              "full_description": {
+                "text": "Found usage of the 'monetary' argument in a function call of 'locale.format_string'. This is only available on Python 3.7+ and is therefore not backwards compatible. Instead, remove the 'monetary' argument."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-locale1",
               "help": {
-                "markdown": "Found user-controlled request data passed into HttpResponse. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.reflected-data-httpresponse.reflected-data-httpresponse)\n - [https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss](https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss)\n",
-                "text": "Found user-controlled request data passed into HttpResponse. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found usage of the 'monetary' argument in a function call of 'locale.format_string'. This is only available on Python 3.7+ and is therefore not backwards compatible. Instead, remove the 'monetary' argument.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found usage of the 'monetary' argument in a function call of 'locale.format_string'. This is only available on Python 3.7+ and is therefore not backwards compatible. Instead, remove the 'monetary' argument.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-locale1)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.reflected-data-httpresponse.reflected-data-httpresponse",
-              "id": "python.django.security.injection.reflected-data-httpresponse.reflected-data-httpresponse",
-              "name": "python.django.security.injection.reflected-data-httpresponse.reflected-data-httpresponse",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.reflected-data-httpresponse.reflected-data-httpresponse"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.insecure-object-assign.insecure-object-assign",
+              "name": "javascript.lang.security.insecure-object-assign.insecure-object-assign",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.insecure-object-assign.insecure-object-assign"
               },
-              "fullDescription": {
-                "text": "Found an unscoped `find(...)` with user-controllable input. If the ActiveRecord model being searched against is sensitive, this may lead to Insecure Direct Object Reference (IDOR) behavior and allow users to read arbitrary records. Scope the find to the current user, e.g. `current_user.accounts.find(params[:id])`."
+              "full_description": {
+                "text": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.insecure-object-assign.insecure-object-assign",
               "help": {
-                "markdown": "Found an unscoped `find(...)` with user-controllable input. If the ActiveRecord model being searched against is sensitive, this may lead to Insecure Direct Object Reference (IDOR) behavior and allow users to read arbitrary records. Scope the find to the current user, e.g. `current_user.accounts.find(params[:id])`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-unscoped-find.check-unscoped-find)\n - [https://brakemanscanner.org/docs/warning_types/unscoped_find/](https://brakemanscanner.org/docs/warning_types/unscoped_find/)\n - [https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails3.1/app/controllers/users_controller.rb](https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails3.1/app/controllers/users_controller.rb)\n",
-                "text": "Found an unscoped `find(...)` with user-controllable input. If the ActiveRecord model being searched against is sensitive, this may lead to Insecure Direct Object Reference (IDOR) behavior and allow users to read arbitrary records. Scope the find to the current user, e.g. `current_user.accounts.find(params[:id])`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.insecure-object-assign.insecure-object-assign)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html)\n - [https://en.wikipedia.org/wiki/Mass_assignment_vulnerability](https://en.wikipedia.org/wiki/Mass_assignment_vulnerability)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-unscoped-find.check-unscoped-find",
-              "id": "ruby.rails.security.brakeman.check-unscoped-find.check-unscoped-find",
-              "name": "ruby.rails.security.brakeman.check-unscoped-find.check-unscoped-find",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-639: Authorization Bypass Through User-Controlled Key",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-unscoped-find.check-unscoped-find"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.injection.tainted-sql-string.tainted-sql-string",
+              "name": "ruby.rails.security.injection.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.injection.tainted-sql-string.tainted-sql-string"
               },
-              "fullDescription": {
-                "text": "The special variable IFS affects how splitting takes place when expanding unquoted variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS=\",\" read -a my_array'."
+              "full_description": {
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as ActiveRecord which will protect your queries."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.injection.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "The special variable IFS affects how splitting takes place when expanding unquoted variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS=\",\" read -a my_array'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/bash.lang.security.ifs-tampering.ifs-tampering)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "The special variable IFS affects how splitting takes place when expanding unquoted variables. Don't set it globally. Prefer a dedicated utility such as 'cut' or 'awk' if you need to split input data. If you must use 'read', set IFS locally using e.g. 'IFS=\",\" read -a my_array'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as ActiveRecord which will protect your queries.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as ActiveRecord which will protect your queries.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://rorsecurity.info/portfolio/ruby-on-rails-sql-injection-cheat-sheet](https://rorsecurity.info/portfolio/ruby-on-rails-sql-injection-cheat-sheet)\n"
               },
-              "helpUri": "https://semgrep.dev/r/bash.lang.security.ifs-tampering.ifs-tampering",
-              "id": "bash.lang.security.ifs-tampering.ifs-tampering",
-              "name": "bash.lang.security.ifs-tampering.ifs-tampering",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-20: Improper Input Validation",
-                  "LOW CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: bash.lang.security.ifs-tampering.ifs-tampering"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-ipv4network1",
+              "name": "python.lang.compatibility.python37.python37-compatibility-ipv4network1",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-ipv4network1"
               },
-              "fullDescription": {
-                "text": "The AWS KMS has no rotation. Missing rotation can cause leaked key to be used by attackers. To fix this, set a `enable_key_rotation`."
+              "full_description": {
+                "text": "IPv4Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv4network1",
               "help": {
-                "markdown": "The AWS KMS has no rotation. Missing rotation can cause leaked key to be used by attackers. To fix this, set a `enable_key_rotation`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-kms-no-rotation.aws-kms-no-rotation)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS KMS has no rotation. Missing rotation can cause leaked key to be used by attackers. To fix this, set a `enable_key_rotation`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "IPv4Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "IPv4Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv4network1)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-kms-no-rotation.aws-kms-no-rotation",
-              "id": "terraform.aws.security.aws-kms-no-rotation.aws-kms-no-rotation",
-              "name": "terraform.aws.security.aws-kms-no-rotation.aws-kms-no-rotation",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-kms-no-rotation.aws-kms-no-rotation"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.aws-lambda.security.knex-sqli.knex-sqli",
+              "name": "javascript.aws-lambda.security.knex-sqli.knex-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.knex-sqli.knex-sqli"
               },
-              "fullDescription": {
-                "text": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Ensure no external data reaches here."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `knex.raw('SELECT $1 from table', [userinput])`"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.knex-sqli.knex-sqli",
               "help": {
-                "markdown": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Ensure no external data reaches here.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-spawn-process.dangerous-spawn-process)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Ensure no external data reaches here.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `knex.raw('SELECT $1 from table', [userinput])`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `knex.raw('SELECT $1 from table', [userinput])`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.knex-sqli.knex-sqli)\n - [https://knexjs.org/#Builder-fromRaw](https://knexjs.org/#Builder-fromRaw)\n - [https://knexjs.org/#Builder-whereRaw](https://knexjs.org/#Builder-whereRaw)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-spawn-process.dangerous-spawn-process",
-              "id": "python.aws-lambda.security.dangerous-spawn-process.dangerous-spawn-process",
-              "name": "python.aws-lambda.security.dangerous-spawn-process.dangerous-spawn-process",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-spawn-process.dangerous-spawn-process"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "yaml.argo.security.argo-workflow-parameter-command-injection.argo-workflow-parameter-command-injection",
+              "name": "yaml.argo.security.argo-workflow-parameter-command-injection.argo-workflow-parameter-command-injection",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.argo.security.argo-workflow-parameter-command-injection.argo-workflow-parameter-command-injection"
               },
-              "fullDescription": {
-                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request."
+              "full_description": {
+                "text": "Using input or workflow parameters in here-scripts can lead to command injection or code injection. Convert the parameters to env variables instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.argo.security.argo-workflow-parameter-command-injection.argo-workflow-parameter-command-injection",
               "help": {
-                "markdown": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.ssrf-requests.ssrf-requests)\n - [https://owasp.org/www-community/attacks/Server_Side_Request_Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n",
-                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using input or workflow parameters in here-scripts can lead to command injection or code injection. Convert the parameters to env variables instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using input or workflow parameters in here-scripts can lead to command injection or code injection. Convert the parameters to env variables instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.argo.security.argo-workflow-parameter-command-injection.argo-workflow-parameter-command-injection)\n - [https://github.com/argoproj/argo-workflows/issues/5061](https://github.com/argoproj/argo-workflows/issues/5061)\n - [https://github.com/argoproj/argo-workflows/issues/5114#issue-808865370](https://github.com/argoproj/argo-workflows/issues/5114#issue-808865370)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.injection.ssrf-requests.ssrf-requests",
-              "id": "python.flask.security.injection.ssrf-requests.ssrf-requests",
-              "name": "python.flask.security.injection.ssrf-requests.ssrf-requests",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A03:2021 – Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.injection.ssrf-requests.ssrf-requests"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-sonarqube-docs-api-key.detected-sonarqube-docs-api-key",
+              "name": "generic.secrets.security.detected-sonarqube-docs-api-key.detected-sonarqube-docs-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-sonarqube-docs-api-key.detected-sonarqube-docs-api-key"
               },
-              "fullDescription": {
-                "text": "Detected 'Fprintf' or similar writing to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users."
+              "full_description": {
+                "text": "SonarQube Docs API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-sonarqube-docs-api-key.detected-sonarqube-docs-api-key",
               "help": {
-                "markdown": "Detected 'Fprintf' or similar writing to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-fprintf-to-responsewriter.no-fprintf-to-responsewriter)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n",
-                "text": "Detected 'Fprintf' or similar writing to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "SonarQube Docs API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "SonarQube Docs API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-sonarqube-docs-api-key.detected-sonarqube-docs-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-fprintf-to-responsewriter.no-fprintf-to-responsewriter",
-              "id": "go.lang.security.audit.xss.no-fprintf-to-responsewriter.no-fprintf-to-responsewriter",
-              "name": "go.lang.security.audit.xss.no-fprintf-to-responsewriter.no-fprintf-to-responsewriter",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.xss.no-fprintf-to-responsewriter.no-fprintf-to-responsewriter"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.go-stdlib.disallow-old-tls-versions.disallow-old-tls-versions",
+              "name": "problem-based-packs.insecure-transport.go-stdlib.disallow-old-tls-versions.disallow-old-tls-versions",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.disallow-old-tls-versions.disallow-old-tls-versions"
               },
-              "fullDescription": {
-                "text": "User controllable data `$REQ` enters `$RES.render(...)` this can lead to the loading of other HTML/templating pages that they may not be authorized to render. An attacker may attempt to use directory traversal techniques e.g. `../folder/index` to access other HTML pages on the file system. Where possible, do not allow users to define what should be  loaded in $RES.render or use an allow list for the existing application."
+              "full_description": {
+                "text": "Detects creations of tls configuration objects with an insecure MinVersion of TLS. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.disallow-old-tls-versions.disallow-old-tls-versions",
               "help": {
-                "markdown": "User controllable data `$REQ` enters `$RES.render(...)` this can lead to the loading of other HTML/templating pages that they may not be authorized to render. An attacker may attempt to use directory traversal techniques e.g. `../folder/index` to access other HTML pages on the file system. Where possible, do not allow users to define what should be  loaded in $RES.render or use an allow list for the existing application.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.res-render-injection.res-render-injection)\n - [http://expressjs.com/en/4x/api.html#res.render](http://expressjs.com/en/4x/api.html#res.render)\n",
-                "text": "User controllable data `$REQ` enters `$RES.render(...)` this can lead to the loading of other HTML/templating pages that they may not be authorized to render. An attacker may attempt to use directory traversal techniques e.g. `../folder/index` to access other HTML pages on the file system. Where possible, do not allow users to define what should be  loaded in $RES.render or use an allow list for the existing application.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detects creations of tls configuration objects with an insecure MinVersion of TLS. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detects creations of tls configuration objects with an insecure MinVersion of TLS. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.disallow-old-tls-versions.disallow-old-tls-versions)\n - [https://stackoverflow.com/questions/26429751/java-http-clients-and-poodle](https://stackoverflow.com/questions/26429751/java-http-clients-and-poodle)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.res-render-injection.res-render-injection",
-              "id": "javascript.express.security.audit.res-render-injection.res-render-injection",
-              "name": "javascript.express.security.audit.res-render-injection.res-render-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-706: Use of Incorrectly-Resolved Name or Reference",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.res-render-injection.res-render-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.dotnet.security.razor-template-injection.razor-template-injection",
+              "name": "csharp.dotnet.security.razor-template-injection.razor-template-injection",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.dotnet.security.razor-template-injection.razor-template-injection"
               },
-              "fullDescription": {
-                "text": "This code includes user input in `link_to`. In Rails 2.x, the body of `link_to` is not escaped. This means that user input which reaches the body will be executed when the HTML is rendered. Even in other versions, values starting with `javascript:` or `data:` are not escaped. It is better to create and use a safer function which checks the body argument."
+              "full_description": {
+                "text": "User-controllable string passed to Razor.Parse. This leads directly to code execution in the context of the process."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.dotnet.security.razor-template-injection.razor-template-injection",
               "help": {
-                "markdown": "This code includes user input in `link_to`. In Rails 2.x, the body of `link_to` is not escaped. This means that user input which reaches the body will be executed when the HTML is rendered. Even in other versions, values starting with `javascript:` or `data:` are not escaped. It is better to create and use a safer function which checks the body argument.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-link-to.avoid-link-to)\n - [https://brakemanscanner.org/docs/warning_types/link_to/](https://brakemanscanner.org/docs/warning_types/link_to/)\n - [https://brakemanscanner.org/docs/warning_types/link_to_href/](https://brakemanscanner.org/docs/warning_types/link_to_href/)\n",
-                "text": "This code includes user input in `link_to`. In Rails 2.x, the body of `link_to` is not escaped. This means that user input which reaches the body will be executed when the HTML is rendered. Even in other versions, values starting with `javascript:` or `data:` are not escaped. It is better to create and use a safer function which checks the body argument.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User-controllable string passed to Razor.Parse. This leads directly to code execution in the context of the process.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User-controllable string passed to Razor.Parse. This leads directly to code execution in the context of the process.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.razor-template-injection.razor-template-injection)\n - [https://clement.notin.org/blog/2020/04/15/Server-Side-Template-Injection-(SSTI)-in-ASP.NET-Razor/](https://clement.notin.org/blog/2020/04/15/Server-Side-Template-Injection-(SSTI)-in-ASP.NET-Razor/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-link-to.avoid-link-to",
-              "id": "ruby.rails.security.audit.xss.avoid-link-to.avoid-link-to",
-              "name": "ruby.rails.security.audit.xss.avoid-link-to.avoid-link-to",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-link-to.avoid-link-to"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.xss.template-var-unescaped-with-safeseq.template-var-unescaped-with-safeseq",
+              "name": "python.django.security.audit.xss.template-var-unescaped-with-safeseq.template-var-unescaped-with-safeseq",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.template-var-unescaped-with-safeseq.template-var-unescaped-with-safeseq"
               },
-              "fullDescription": {
-                "text": "Detected an explicit unescape in a Mustache template, using triple braces '{{{...}}}' or ampersand '&'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location."
+              "full_description": {
+                "text": "Detected a template variable where autoescaping is explicitly disabled with '| safeseq' filter. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability. If you must do this, use `mark_safe` in your Python code."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.template-var-unescaped-with-safeseq.template-var-unescaped-with-safeseq",
               "help": {
-                "markdown": "Detected an explicit unescape in a Mustache template, using triple braces '{{{...}}}' or ampersand '&'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.explicit-unescape.template-explicit-unescape)\n - [https://github.com/janl/mustache.js/#variables](https://github.com/janl/mustache.js/#variables)\n - [https://ractive.js.org/v0.x/0.7/mustaches#variables](https://ractive.js.org/v0.x/0.7/mustaches#variables)\n",
-                "text": "Detected an explicit unescape in a Mustache template, using triple braces '{{{...}}}' or ampersand '&'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable where autoescaping is explicitly disabled with '| safeseq' filter. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability. If you must do this, use `mark_safe` in your Python code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable where autoescaping is explicitly disabled with '| safeseq' filter. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability. If you must do this, use `mark_safe` in your Python code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.template-var-unescaped-with-safeseq.template-var-unescaped-with-safeseq)\n - [https://docs.djangoproject.com/en/3.0/ref/templates/builtins/#safeseq](https://docs.djangoproject.com/en/3.0/ref/templates/builtins/#safeseq)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.mustache.explicit-unescape.template-explicit-unescape",
-              "id": "javascript.express.security.audit.xss.mustache.explicit-unescape.template-explicit-unescape",
-              "name": "javascript.express.security.audit.xss.mustache.explicit-unescape.template-explicit-unescape",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -18391,190 +19284,197 @@
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.mustache.explicit-unescape.template-explicit-unescape"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-request-object-ftp.insecure-request-object-ftp",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-request-object-ftp.insecure-request-object-ftp",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-request-object-ftp.insecure-request-object-ftp"
               },
-              "fullDescription": {
-                "text": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
+              "full_description": {
+                "text": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'ftp://'. This connection will not be encrypted. Consider using SFTP instead. urllib does not support SFTP natively, so consider using a library which supports SFTP."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-request-object-ftp.insecure-request-object-ftp",
               "help": {
-                "markdown": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.no-null-cipher.no-null-cipher)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "NullCipher was detected. This will not encrypt anything; the cipher text will be the same as the plain text. Use a valid, secure cipher: Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'ftp://'. This connection will not be encrypted. Consider using SFTP instead. urllib does not support SFTP natively, so consider using a library which supports SFTP.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'ftp://'. This connection will not be encrypted. Consider using SFTP instead. urllib does not support SFTP natively, so consider using a library which supports SFTP.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-request-object-ftp.insecure-request-object-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.Request](https://docs.python.org/3/library/urllib.request.html#urllib.request.Request)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.no-null-cipher.no-null-cipher",
-              "id": "kotlin.lang.security.no-null-cipher.no-null-cipher",
-              "name": "kotlin.lang.security.no-null-cipher.no-null-cipher",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.no-null-cipher.no-null-cipher"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.puppeteer.security.audit.puppeteer-goto-injection.puppeteer-goto-injection",
+              "name": "javascript.puppeteer.security.audit.puppeteer-goto-injection.puppeteer-goto-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.puppeteer.security.audit.puppeteer-goto-injection.puppeteer-goto-injection"
               },
-              "fullDescription": {
-                "text": "Found potential SQL injection due to unsafe SQL query construction via $X. Where possible, prefer parameterized queries."
+              "full_description": {
+                "text": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-goto-injection.puppeteer-goto-injection",
               "help": {
-                "markdown": "Found potential SQL injection due to unsafe SQL query construction via $X. Where possible, prefer parameterized queries.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-sql.check-sql)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n - [https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails3.1/app/models/product.rb](https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails3.1/app/models/product.rb)\n",
-                "text": "Found potential SQL injection due to unsafe SQL query construction via $X. Where possible, prefer parameterized queries.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-goto-injection.puppeteer-goto-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-sql.check-sql",
-              "id": "ruby.rails.security.brakeman.check-sql.check-sql",
-              "name": "ruby.rails.security.brakeman.check-sql.check-sql",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-sql.check-sql"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage",
+              "name": "javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage"
               },
-              "fullDescription": {
-                "text": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need."
+              "full_description": {
+                "text": "Detected usage of the `notevil` package, which is unmaintained and has vulnerabilities. Using any sort of `eval()` functionality can be very dangerous, but if you must, the `eval` package is an up to date alternative. Be sure that only trusted input reaches an `eval()` function."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage",
               "help": {
-                "markdown": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.code.user-exec.user-exec)\n - [https://owasp.org/www-community/attacks/Code_Injection](https://owasp.org/www-community/attacks/Code_Injection)\n",
-                "text": "Found user data in a call to 'exec'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected usage of the `notevil` package, which is unmaintained and has vulnerabilities. Using any sort of `eval()` functionality can be very dangerous, but if you must, the `eval` package is an up to date alternative. Be sure that only trusted input reaches an `eval()` function.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected usage of the `notevil` package, which is unmaintained and has vulnerabilities. Using any sort of `eval()` functionality can be very dangerous, but if you must, the `eval` package is an up to date alternative. Be sure that only trusted input reaches an `eval()` function.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage)\n - [https://github.com/mmckegg/notevil](https://github.com/mmckegg/notevil)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.code.user-exec.user-exec",
-              "id": "python.django.security.injection.code.user-exec.user-exec",
-              "name": "python.django.security.injection.code.user-exec.user-exec",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-1104: Use of Unmaintained Third Party Components",
+                  "LOW CONFIDENCE",
+                  "OWASP-A06:2021 - Vulnerable and Outdated Components",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.code.user-exec.user-exec"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "csharp.lang.security.ssrf.http-client.ssrf",
+              "name": "csharp.lang.security.ssrf.http-client.ssrf",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.ssrf.http-client.ssrf"
               },
-              "fullDescription": {
-                "text": "Amazon MWS Auth Token detected"
+              "full_description": {
+                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.ssrf.http-client.ssrf",
               "help": {
-                "markdown": "Amazon MWS Auth Token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-amazon-mws-auth-token.detected-amazon-mws-auth-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Amazon MWS Auth Token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.ssrf.http-client.ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-amazon-mws-auth-token.detected-amazon-mws-auth-token",
-              "id": "generic.secrets.security.detected-amazon-mws-auth-token.detected-amazon-mws-auth-token",
-              "name": "generic.secrets.security.detected-amazon-mws-auth-token.detected-amazon-mws-auth-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-amazon-mws-auth-token.detected-amazon-mws-auth-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.xss.avoid-raw.avoid-raw",
+              "name": "ruby.rails.security.audit.xss.avoid-raw.avoid-raw",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-raw.avoid-raw"
               },
-              "fullDescription": {
-                "text": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks."
+              "full_description": {
+                "text": "'raw()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. If you must do this, construct individual strings and mark them as safe for HTML rendering with `html_safe()`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-raw.avoid-raw",
               "help": {
-                "markdown": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.render-template-string.render-template-string)\n - [https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html](https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html)\n",
-                "text": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'raw()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. If you must do this, construct individual strings and mark them as safe for HTML rendering with `html_safe()`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'raw()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. If you must do this, construct individual strings and mark them as safe for HTML rendering with `html_safe()`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-raw.avoid-raw)\n - [https://api.rubyonrails.org/classes/ActionView/Helpers/OutputSafetyHelper.html#method-i-raw](https://api.rubyonrails.org/classes/ActionView/Helpers/OutputSafetyHelper.html#method-i-raw)\n - [https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/](https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.render-template-string.render-template-string",
-              "id": "python.flask.security.audit.render-template-string.render-template-string",
-              "name": "python.flask.security.audit.render-template-string.render-template-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.render-template-string.render-template-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.injection.tainted-sql-string.tainted-sql-string",
+              "name": "python.flask.security.injection.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.injection.tainted-sql-string.tainted-sql-string"
               },
-              "fullDescription": {
-                "text": "The object is passed strictly to jwt.encode(...) Make sure that sensitive information is not exposed through JWT token payload."
+              "full_description": {
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as SQLAlchemy which will protect your queries."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.injection.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "The object is passed strictly to jwt.encode(...) Make sure that sensitive information is not exposed through JWT token payload.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.jwt.security.audit.jwt-exposed-data.jwt-python-exposed-data)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "The object is passed strictly to jwt.encode(...) Make sure that sensitive information is not exposed through JWT token payload.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as SQLAlchemy which will protect your queries.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as SQLAlchemy which will protect your queries.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql](https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql)\n - [https://www.tutorialspoint.com/sqlalchemy/sqlalchemy_quick_guide.htm](https://www.tutorialspoint.com/sqlalchemy/sqlalchemy_quick_guide.htm)\n - [https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-more-specific-text-with-table-expression-literal-column-and-expression-column](https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-more-specific-text-with-table-expression-literal-column-and-expression-column)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.jwt.security.audit.jwt-exposed-data.jwt-python-exposed-data",
-              "id": "python.jwt.security.audit.jwt-exposed-data.jwt-python-exposed-data",
-              "name": "python.jwt.security.audit.jwt-exposed-data.jwt-python-exposed-data",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-704: Incorrect Type Conversion or Cast",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.jwt.security.audit.jwt-exposed-data.jwt-python-exposed-data"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.secrets.security.detected-twilio-api-key.detected-twilio-api-key",
+              "name": "generic.secrets.security.detected-twilio-api-key.detected-twilio-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-twilio-api-key.detected-twilio-api-key"
               },
-              "fullDescription": {
-                "text": "Facebook OAuth detected"
+              "full_description": {
+                "text": "Twilio API Key detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-twilio-api-key.detected-twilio-api-key",
               "help": {
-                "markdown": "Facebook OAuth detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-facebook-oauth.detected-facebook-oauth)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Facebook OAuth detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Twilio API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Twilio API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-twilio-api-key.detected-twilio-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-facebook-oauth.detected-facebook-oauth",
-              "id": "generic.secrets.security.detected-facebook-oauth.detected-facebook-oauth",
-              "name": "generic.secrets.security.detected-facebook-oauth.detected-facebook-oauth",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -18583,2235 +19483,2325 @@
                   "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-facebook-oauth.detected-facebook-oauth"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout",
+              "name": "yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout"
               },
-              "fullDescription": {
-                "text": "Private Key detected. This is a sensitive credential and should not be hardcoded here. Instead, store this in a separate, private file."
+              "full_description": {
+                "text": "This GitHub Actions workflow file uses `pull_request_target` and checks out code from the incoming pull request. When using `pull_request_target`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout",
               "help": {
-                "markdown": "Private Key detected. This is a sensitive credential and should not be hardcoded here. Instead, store this in a separate, private file.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-private-key.detected-private-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Private Key detected. This is a sensitive credential and should not be hardcoded here. Instead, store this in a separate, private file.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "This GitHub Actions workflow file uses `pull_request_target` and checks out code from the incoming pull request. When using `pull_request_target`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This GitHub Actions workflow file uses `pull_request_target` and checks out code from the incoming pull request. When using `pull_request_target`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout)\n - [https://securitylab.github.com/research/github-actions-preventing-pwn-requests/](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)\n - [https://github.com/justinsteven/advisories/blob/master/2021_github_actions_checkspelling_token_leak_via_advice_symlink.md](https://github.com/justinsteven/advisories/blob/master/2021_github_actions_checkspelling_token_leak_via_advice_symlink.md)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-private-key.detected-private-key",
-              "id": "generic.secrets.security.detected-private-key.detected-private-key",
-              "name": "generic.secrets.security.detected-private-key.detected-private-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-913: Improper Control of Dynamically-Managed Code Resources",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-private-key.detected-private-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.jsonwebtoken.security.jwt-none-alg.jwt-none-alg",
+              "name": "javascript.jsonwebtoken.security.jwt-none-alg.jwt-none-alg",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.jsonwebtoken.security.jwt-none-alg.jwt-none-alg"
               },
-              "fullDescription": {
-                "text": "Facebook Access Token detected"
+              "full_description": {
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.jsonwebtoken.security.jwt-none-alg.jwt-none-alg",
               "help": {
-                "markdown": "Facebook Access Token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-facebook-access-token.detected-facebook-access-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Facebook Access Token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jsonwebtoken.security.jwt-none-alg.jwt-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-facebook-access-token.detected-facebook-access-token",
-              "id": "generic.secrets.security.detected-facebook-access-token.detected-facebook-access-token",
-              "name": "generic.secrets.security.detected-facebook-access-token.detected-facebook-access-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-facebook-access-token.detected-facebook-access-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.el-injection.el-injection",
+              "name": "java.lang.security.audit.el-injection.el-injection",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.el-injection.el-injection"
               },
-              "fullDescription": {
-                "text": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use HttpClientBuilder instead."
+              "full_description": {
+                "text": "An expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.el-injection.el-injection",
               "help": {
-                "markdown": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use HttpClientBuilder instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "DefaultHttpClient is deprecated. Further, it does not support connections using TLS1.2, which makes using DefaultHttpClient a security hazard. Use HttpClientBuilder instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "An expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "An expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.el-injection.el-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
-              "id": "java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
-              "name": "java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.pymssql-sqli.pymssql-sqli",
+              "name": "python.aws-lambda.security.pymssql-sqli.pymssql-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.pymssql-sqli.pymssql-sqli"
               },
-              "fullDescription": {
-                "text": "Found a formatted template string passed to 'template.URL()'. 'template.URL()' does not escape contents, and this could result in XSS (cross-site scripting) and therefore confidential data being stolen. Sanitize data coming into this function or make sure that no user-controlled input is coming into the function."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.pymssql-sqli.pymssql-sqli",
               "help": {
-                "markdown": "Found a formatted template string passed to 'template.URL()'. 'template.URL()' does not escape contents, and this could result in XSS (cross-site scripting) and therefore confidential data being stolen. Sanitize data coming into this function or make sure that no user-controlled input is coming into the function.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-url.unescaped-data-in-url)\n - [https://golang.org/pkg/html/template/#URL](https://golang.org/pkg/html/template/#URL)\n",
-                "text": "Found a formatted template string passed to 'template.URL()'. 'template.URL()' does not escape contents, and this could result in XSS (cross-site scripting) and therefore confidential data being stolen. Sanitize data coming into this function or make sure that no user-controlled input is coming into the function.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.pymssql-sqli.pymssql-sqli)\n - [https://pypi.org/project/pymssql/](https://pypi.org/project/pymssql/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.unescaped-data-in-url.unescaped-data-in-url",
-              "id": "go.lang.security.audit.net.unescaped-data-in-url.unescaped-data-in-url",
-              "name": "go.lang.security.audit.net.unescaped-data-in-url.unescaped-data-in-url",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.unescaped-data-in-url.unescaped-data-in-url"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.pyramid.security.direct-use-of-response.pyramid-direct-use-of-response",
+              "name": "python.pyramid.security.direct-use-of-response.pyramid-direct-use-of-response",
+              "short_description": {
+                "text": "Semgrep Finding: python.pyramid.security.direct-use-of-response.pyramid-direct-use-of-response"
               },
-              "fullDescription": {
-                "text": "Flask response reflects unsanitized user input. This could lead to a cross-site scripting vulnerability (https://owasp.org/www-community/attacks/xss/) in which an attacker causes arbitrary code to be executed in the user's browser. To prevent, please sanitize the user input, e.g. by rendering the response in a Jinja2 template (see considerations in https://flask.palletsprojects.com/en/1.0.x/security/)."
+              "full_description": {
+                "text": "Detected data rendered directly to the end user via 'Response'. This bypasses Pyramid's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Pyramid's template engines to safely render HTML."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.pyramid.security.direct-use-of-response.pyramid-direct-use-of-response",
               "help": {
-                "markdown": "Flask response reflects unsanitized user input. This could lead to a cross-site scripting vulnerability (https://owasp.org/www-community/attacks/xss/) in which an attacker causes arbitrary code to be executed in the user's browser. To prevent, please sanitize the user input, e.g. by rendering the response in a Jinja2 template (see considerations in https://flask.palletsprojects.com/en/1.0.x/security/).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.unsanitized-input.response-contains-unsanitized-input)\n - [https://flask.palletsprojects.com/en/1.0.x/security/](https://flask.palletsprojects.com/en/1.0.x/security/)\n - [https://owasp.org/www-community/attacks/xss/](https://owasp.org/www-community/attacks/xss/)\n",
-                "text": "Flask response reflects unsanitized user input. This could lead to a cross-site scripting vulnerability (https://owasp.org/www-community/attacks/xss/) in which an attacker causes arbitrary code to be executed in the user's browser. To prevent, please sanitize the user input, e.g. by rendering the response in a Jinja2 template (see considerations in https://flask.palletsprojects.com/en/1.0.x/security/).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected data rendered directly to the end user via 'Response'. This bypasses Pyramid's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Pyramid's template engines to safely render HTML.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected data rendered directly to the end user via 'Response'. This bypasses Pyramid's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Pyramid's template engines to safely render HTML.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pyramid.security.direct-use-of-response.pyramid-direct-use-of-response)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.unsanitized-input.response-contains-unsanitized-input",
-              "id": "python.flask.security.unsanitized-input.response-contains-unsanitized-input",
-              "name": "python.flask.security.unsanitized-input.response-contains-unsanitized-input",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.unsanitized-input.response-contains-unsanitized-input"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-kinesis-stream-unencrypted.aws-kinesis-stream-unencrypted",
+              "name": "terraform.aws.security.aws-kinesis-stream-unencrypted.aws-kinesis-stream-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-kinesis-stream-unencrypted.aws-kinesis-stream-unencrypted"
               },
-              "fullDescription": {
-                "text": "Detected an unsecured transmission channel. 'URLopener.retrieve(...)' is being used with 'http://'. Use 'https://' instead to secure the channel."
+              "full_description": {
+                "text": "The AWS Kinesis stream does not encrypt data at rest. The data could be read if the Kinesis stream storage layer is compromised. Enable Kinesis stream server-side encryption."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-kinesis-stream-unencrypted.aws-kinesis-stream-unencrypted",
               "help": {
-                "markdown": "Detected an unsecured transmission channel. 'URLopener.retrieve(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve.insecure-urlopener-retrieve)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.retrieve](https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.retrieve)\n",
-                "text": "Detected an unsecured transmission channel. 'URLopener.retrieve(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS Kinesis stream does not encrypt data at rest. The data could be read if the Kinesis stream storage layer is compromised. Enable Kinesis stream server-side encryption.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS Kinesis stream does not encrypt data at rest. The data could be read if the Kinesis stream storage layer is compromised. Enable Kinesis stream server-side encryption.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-kinesis-stream-unencrypted.aws-kinesis-stream-unencrypted)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_stream#encryption_type](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_stream#encryption_type)\n - [https://docs.aws.amazon.com/streams/latest/dev/server-side-encryption.html](https://docs.aws.amazon.com/streams/latest/dev/server-side-encryption.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve.insecure-urlopener-retrieve",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve.insecure-urlopener-retrieve",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve.insecure-urlopener-retrieve",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-311: Missing Encryption of Sensitive Data",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-retrieve.insecure-urlopener-retrieve"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "csharp.lang.security.insecure-deserialization.soap-formatter.insecure-soapformatter-deserialization",
+              "name": "csharp.lang.security.insecure-deserialization.soap-formatter.insecure-soapformatter-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.soap-formatter.insecure-soapformatter-deserialization"
               },
-              "fullDescription": {
-                "text": "Property decoded from JWT token without verifying and cannot be trustworthy."
+              "full_description": {
+                "text": "The SoapFormatter type is dangerous and is not recommended for data processing. Applications should stop using SoapFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. SoapFormatter is insecure and can't be made secure"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.soap-formatter.insecure-soapformatter-deserialization",
               "help": {
-                "markdown": "Property decoded from JWT token without verifying and cannot be trustworthy.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.audit.react-jwt-decoded-property.react-jwt-decoded-property)\n - [https://pragmaticwebsecurity.com/articles/oauthoidc/localstorage-xss.html](https://pragmaticwebsecurity.com/articles/oauthoidc/localstorage-xss.html)\n",
-                "text": "Property decoded from JWT token without verifying and cannot be trustworthy.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The SoapFormatter type is dangerous and is not recommended for data processing. Applications should stop using SoapFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. SoapFormatter is insecure and can't be made secure\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The SoapFormatter type is dangerous and is not recommended for data processing. Applications should stop using SoapFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. SoapFormatter is insecure and can't be made secure\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.soap-formatter.insecure-soapformatter-deserialization)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.formatters.soap.soapformatter?view=netframework-4.8#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.formatters.soap.soapformatter?view=netframework-4.8#remarks)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.react.security.audit.react-jwt-decoded-property.react-jwt-decoded-property",
-              "id": "typescript.react.security.audit.react-jwt-decoded-property.react-jwt-decoded-property",
-              "name": "typescript.react.security.audit.react-jwt-decoded-property.react-jwt-decoded-property",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-922: Insecure Storage of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.react.security.audit.react-jwt-decoded-property.react-jwt-decoded-property"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "kotlin.lang.security.ecb-cipher.ecb-cipher",
+              "name": "kotlin.lang.security.ecb-cipher.ecb-cipher",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.ecb-cipher.ecb-cipher"
+              },
+              "full_description": {
+                "text": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY."
               },
-              "fullDescription": {
-                "text": "Downcasting or changing sign of an integer with `$CAST_METHOD` method"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.ecb-cipher.ecb-cipher",
               "help": {
-                "markdown": "Downcasting or changing sign of an integer with `$CAST_METHOD` method\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.string-to-int-signedness-cast.string-to-int-signedness-cast)\n - [https://github.com/golang/go/issues/30209](https://github.com/golang/go/issues/30209)\n",
-                "text": "Downcasting or changing sign of an integer with `$CAST_METHOD` method\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.ecb-cipher.ecb-cipher)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.string-to-int-signedness-cast.string-to-int-signedness-cast",
-              "id": "trailofbits.go.string-to-int-signedness-cast.string-to-int-signedness-cast",
-              "name": "trailofbits.go.string-to-int-signedness-cast.string-to-int-signedness-cast",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-681: Incorrect Conversion between Numeric Types",
-                  "HIGH CONFIDENCE",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.string-to-int-signedness-cast.string-to-int-signedness-cast"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-documentdb-auditing-disabled.aws-documentdb-auditing-disabled",
+              "name": "terraform.aws.security.aws-documentdb-auditing-disabled.aws-documentdb-auditing-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-documentdb-auditing-disabled.aws-documentdb-auditing-disabled"
               },
-              "fullDescription": {
-                "text": "Unencoded JSON in HTML context is vulnerable to cross-site scripting, because `</script>` is not properly encoded."
+              "full_description": {
+                "text": "Auditing is not enabled for DocumentDB. To ensure that you are able to accurately audit the usage of your DocumentDB cluster, you should enable auditing and export logs to CloudWatch."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-documentdb-auditing-disabled.aws-documentdb-auditing-disabled",
               "help": {
-                "markdown": "Unencoded JSON in HTML context is vulnerable to cross-site scripting, because `</script>` is not properly encoded.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.razor.security.html-raw-json.html-raw-json)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Unencoded JSON in HTML context is vulnerable to cross-site scripting, because `</script>` is not properly encoded.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Auditing is not enabled for DocumentDB. To ensure that you are able to accurately audit the usage of your DocumentDB cluster, you should enable auditing and export logs to CloudWatch.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Auditing is not enabled for DocumentDB. To ensure that you are able to accurately audit the usage of your DocumentDB cluster, you should enable auditing and export logs to CloudWatch.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-documentdb-auditing-disabled.aws-documentdb-auditing-disabled)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#enabled_cloudwatch_logs_exports](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#enabled_cloudwatch_logs_exports)\n - [https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/](https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.razor.security.html-raw-json.html-raw-json",
-              "id": "csharp.razor.security.html-raw-json.html-raw-json",
-              "name": "csharp.razor.security.html-raw-json.html-raw-json",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-778: Insufficient Logging",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A09:2021 - Security Logging and Monitoring Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.razor.security.html-raw-json.html-raw-json"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.ftp-request.ftp-request",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.ftp-request.ftp-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.ftp-request.ftp-request"
               },
-              "fullDescription": {
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              "full_description": {
+                "text": "Checks for outgoing connections to ftp servers. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.ftp-request.ftp-request",
               "help": {
-                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.java-jwt.security.jwt-hardcode.java-jwt-hardcoded-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n",
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for outgoing connections to ftp servers. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for outgoing connections to ftp servers. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.ftp-request.ftp-request)\n - [https://www.codejava.net/java-se/ftp/connect-and-login-to-a-ftp-server](https://www.codejava.net/java-se/ftp/connect-and-login-to-a-ftp-server)\n - [https://commons.apache.org/proper/commons-net/apidocs/org/apache/commons/net/ftp/FTPClient.html](https://commons.apache.org/proper/commons-net/apidocs/org/apache/commons/net/ftp/FTPClient.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.java-jwt.security.jwt-hardcode.java-jwt-hardcoded-secret",
-              "id": "java.java-jwt.security.jwt-hardcode.java-jwt-hardcoded-secret",
-              "name": "java.java-jwt.security.jwt-hardcode.java-jwt-hardcoded-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.java-jwt.security.jwt-hardcode.java-jwt-hardcoded-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.wkhtmltoimage.security.audit.wkhtmltoimage-injection.wkhtmltoimage-injection",
+              "name": "javascript.wkhtmltoimage.security.audit.wkhtmltoimage-injection.wkhtmltoimage-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.wkhtmltoimage.security.audit.wkhtmltoimage-injection.wkhtmltoimage-injection"
               },
-              "fullDescription": {
-                "text": "Blowfish is a block cipher developed by Bruce Schneier. It is known to be susceptible to attacks when using weak keys.  The author has recommended that users of Blowfish move to newer algorithms such as AES. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead."
+              "full_description": {
+                "text": "If unverified user data can reach the `wkhtmltoimage` it can result in Server-Side Request Forgery vulnerabilities"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.wkhtmltoimage.security.audit.wkhtmltoimage-injection.wkhtmltoimage-injection",
               "help": {
-                "markdown": "Blowfish is a block cipher developed by Bruce Schneier. It is known to be susceptible to attacks when using weak keys.  The author has recommended that users of Blowfish move to newer algorithms such as AES. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms-blowfish.insecure-cipher-algorithm-blowfish)\n - [https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#weak-ciphers](https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#weak-ciphers)\n - [https://tools.ietf.org/html/rfc5469](https://tools.ietf.org/html/rfc5469)\n",
-                "text": "Blowfish is a block cipher developed by Bruce Schneier. It is known to be susceptible to attacks when using weak keys.  The author has recommended that users of Blowfish move to newer algorithms such as AES. With the `cryptography` package it is recommended to use `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `wkhtmltoimage` it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `wkhtmltoimage` it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.wkhtmltoimage.security.audit.wkhtmltoimage-injection.wkhtmltoimage-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms-blowfish.insecure-cipher-algorithm-blowfish",
-              "id": "python.cryptography.security.insecure-cipher-algorithms-blowfish.insecure-cipher-algorithm-blowfish",
-              "name": "python.cryptography.security.insecure-cipher-algorithms-blowfish.insecure-cipher-algorithm-blowfish",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.cryptography.security.insecure-cipher-algorithms-blowfish.insecure-cipher-algorithm-blowfish"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.aws-lambda.security.tainted-deserialization.tainted-deserialization",
+              "name": "ruby.aws-lambda.security.tainted-deserialization.tainted-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.aws-lambda.security.tainted-deserialization.tainted-deserialization"
               },
-              "fullDescription": {
-                "text": "Detected an insufficient curve size for EC. NIST recommends a key size of 224 or higher. For example, use 'ec.SECP256R1'."
+              "full_description": {
+                "text": "Deserialization of a string tainted by `event` object found. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of `load` can cause remote code execution. Loading user input with MARSHAL, YAML or CSV can potentially be dangerous. If you need to deserialize untrusted data, you should use JSON as it is only capable of returning 'primitive' types such as strings, arrays, hashes, numbers and nil."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.aws-lambda.security.tainted-deserialization.tainted-deserialization",
               "help": {
-                "markdown": "Detected an insufficient curve size for EC. NIST recommends a key size of 224 or higher. For example, use 'ec.SECP256R1'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insufficient-ec-key-size.insufficient-ec-key-size)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n - [https://cryptography.io/en/latest/hazmat/primitives/asymmetric/ec/#elliptic-curves](https://cryptography.io/en/latest/hazmat/primitives/asymmetric/ec/#elliptic-curves)\n",
-                "text": "Detected an insufficient curve size for EC. NIST recommends a key size of 224 or higher. For example, use 'ec.SECP256R1'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Deserialization of a string tainted by `event` object found. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of `load` can cause remote code execution. Loading user input with MARSHAL, YAML or CSV can potentially be dangerous. If you need to deserialize untrusted data, you should use JSON as it is only capable of returning 'primitive' types such as strings, arrays, hashes, numbers and nil.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Deserialization of a string tainted by `event` object found. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of `load` can cause remote code execution. Loading user input with MARSHAL, YAML or CSV can potentially be dangerous. If you need to deserialize untrusted data, you should use JSON as it is only capable of returning 'primitive' types such as strings, arrays, hashes, numbers and nil.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.tainted-deserialization.tainted-deserialization)\n - [https://ruby-doc.org/core-3.1.2/doc/security_rdoc.html](https://ruby-doc.org/core-3.1.2/doc/security_rdoc.html)\n - [https://groups.google.com/g/rubyonrails-security/c/61bkgvnSGTQ/m/nehwjA8tQ8EJ](https://groups.google.com/g/rubyonrails-security/c/61bkgvnSGTQ/m/nehwjA8tQ8EJ)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_deserialize.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_deserialize.rb)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.cryptography.security.insufficient-ec-key-size.insufficient-ec-key-size",
-              "id": "python.cryptography.security.insufficient-ec-key-size.insufficient-ec-key-size",
-              "name": "python.cryptography.security.insufficient-ec-key-size.insufficient-ec-key-size",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.cryptography.security.insufficient-ec-key-size.insufficient-ec-key-size"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization",
+              "name": "javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization"
               },
-              "fullDescription": {
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. You can use the OWASP ESAPI encoder if you must render user data."
+              "full_description": {
+                "text": "`$STR.replace` method will only replace the first occurrence when used with a string argument ($CHAR). If this method is used for escaping of dangerous data then there is a possibility for a bypass. Try to use sanitization library instead or use a Regex with a global flag."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization",
               "help": {
-                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. You can use the OWASP ESAPI encoder if you must render user data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.injection.tainted-html-string.tainted-html-string)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)\n",
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. You can use the OWASP ESAPI encoder if you must render user data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "`$STR.replace` method will only replace the first occurrence when used with a string argument ($CHAR). If this method is used for escaping of dangerous data then there is a possibility for a bypass. Try to use sanitization library instead or use a Regex with a global flag.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "`$STR.replace` method will only replace the first occurrence when used with a string argument ($CHAR). If this method is used for escaping of dangerous data then there is a possibility for a bypass. Try to use sanitization library instead or use a Regex with a global flag.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.injection.tainted-html-string.tainted-html-string",
-              "id": "java.spring.security.injection.tainted-html-string.tainted-html-string",
-              "name": "java.spring.security.injection.tainted-html-string.tainted-html-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-116: Improper Encoding or Escaping of Output",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.injection.tainted-html-string.tainted-html-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.unrestricted-github-oidc-policy.unrestricted-github-oidc-policy",
+              "name": "terraform.aws.security.unrestricted-github-oidc-policy.unrestricted-github-oidc-policy",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.unrestricted-github-oidc-policy.unrestricted-github-oidc-policy"
               },
-              "fullDescription": {
-                "text": "Checks if HTML escaping is globally disabled for JSON output. This could lead to XSS."
+              "full_description": {
+                "text": "`$POLICY` is missing a `condition` block which scopes users of this policy to specific GitHub repositories. Without this, `$POLICY` is open to all users on GitHub. Add a `condition` block on the variable `token.actions.githubusercontent.com:sub` which scopes it to prevent this."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.unrestricted-github-oidc-policy.unrestricted-github-oidc-policy",
               "help": {
-                "markdown": "Checks if HTML escaping is globally disabled for JSON output. This could lead to XSS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.json-entity-escape.json-entity-escape)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Checks if HTML escaping is globally disabled for JSON output. This could lead to XSS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "`$POLICY` is missing a `condition` block which scopes users of this policy to specific GitHub repositories. Without this, `$POLICY` is open to all users on GitHub. Add a `condition` block on the variable `token.actions.githubusercontent.com:sub` which scopes it to prevent this.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "`$POLICY` is missing a `condition` block which scopes users of this policy to specific GitHub repositories. Without this, `$POLICY` is open to all users on GitHub. Add a `condition` block on the variable `token.actions.githubusercontent.com:sub` which scopes it to prevent this.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.unrestricted-github-oidc-policy.unrestricted-github-oidc-policy)\n - [https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services#configuring-the-role-and-trust-policy](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services#configuring-the-role-and-trust-policy)\n - [https://dagrz.com/writing/aws-security/hacking-github-aws-oidc/](https://dagrz.com/writing/aws-security/hacking-github-aws-oidc/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.json-entity-escape.json-entity-escape",
-              "id": "ruby.lang.security.json-entity-escape.json-entity-escape",
-              "name": "ruby.lang.security.json-entity-escape.json-entity-escape",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-284: Improper Access Control",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.json-entity-escape.json-entity-escape"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "javascript.browser.security.dom-based-xss.dom-based-xss",
+              "name": "javascript.browser.security.dom-based-xss.dom-based-xss",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.browser.security.dom-based-xss.dom-based-xss"
               },
-              "fullDescription": {
-                "text": "Visualforce Pages must have the cspHeader attribute set to true. This attribute is available in API version 55 or higher."
+              "full_description": {
+                "text": "Detected possible DOM-based XSS. This occurs because a portion of the URL is being used to construct an element added directly to the page. For example, a malicious actor could send someone a link like this: http://www.some.site/page.html?default=<script>alert(document.cookie)</script> which would add the script to the page. Consider allowlisting appropriate values or using an approach which does not involve the URL."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.browser.security.dom-based-xss.dom-based-xss",
               "help": {
-                "markdown": "Visualforce Pages must have the cspHeader attribute set to true. This attribute is available in API version 55 or higher.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.visualforce.security.ncino.xml.cspheaderattribute.csp-header-attribute)\n - [https://help.salesforce.com/s/articleView?id=sf.csp_trusted_sites.htm&type=5](https://help.salesforce.com/s/articleView?id=sf.csp_trusted_sites.htm&type=5)\n",
-                "text": "Visualforce Pages must have the cspHeader attribute set to true. This attribute is available in API version 55 or higher.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected possible DOM-based XSS. This occurs because a portion of the URL is being used to construct an element added directly to the page. For example, a malicious actor could send someone a link like this: http://www.some.site/page.html?default=<script>alert(document.cookie)</script> which would add the script to the page. Consider allowlisting appropriate values or using an approach which does not involve the URL.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected possible DOM-based XSS. This occurs because a portion of the URL is being used to construct an element added directly to the page. For example, a malicious actor could send someone a link like this: http://www.some.site/page.html?default=<script>alert(document.cookie)</script> which would add the script to the page. Consider allowlisting appropriate values or using an approach which does not involve the URL.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.dom-based-xss.dom-based-xss)\n - [https://owasp.org/www-community/attacks/DOM_Based_XSS](https://owasp.org/www-community/attacks/DOM_Based_XSS)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.visualforce.security.ncino.xml.cspheaderattribute.csp-header-attribute",
-              "id": "generic.visualforce.security.ncino.xml.cspheaderattribute.csp-header-attribute",
-              "name": "generic.visualforce.security.ncino.xml.cspheaderattribute.csp-header-attribute",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "HIGH CONFIDENCE",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.visualforce.security.ncino.xml.cspheaderattribute.csp-header-attribute"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.azure.security.keyvault.keyvault-ensure-key-expires.keyvault-ensure-key-expires",
+              "name": "terraform.azure.security.keyvault.keyvault-ensure-key-expires.keyvault-ensure-key-expires",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.keyvault.keyvault-ensure-key-expires.keyvault-ensure-key-expires"
               },
-              "fullDescription": {
-                "text": "Flask-caching doesn't cache query strings by default. You have to use `query_string=True`. Also you shouldn't cache verbs that can mutate state."
+              "full_description": {
+                "text": "Ensure that the expiration date is set on all keys"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-ensure-key-expires.keyvault-ensure-key-expires",
               "help": {
-                "markdown": "Flask-caching doesn't cache query strings by default. You have to use `query_string=True`. Also you shouldn't cache verbs that can mutate state.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.caching.query-string.flask-cache-query-string)\n",
-                "text": "Flask-caching doesn't cache query strings by default. You have to use `query_string=True`. Also you shouldn't cache verbs that can mutate state.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure that the expiration date is set on all keys\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure that the expiration date is set on all keys\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-ensure-key-expires.keyvault-ensure-key-expires)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key#expiration_date](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key#expiration_date)\n - [https://docs.microsoft.com/en-us/powershell/module/az.keyvault/update-azkeyvaultkey?view=azps-5.8.0#example-1--modify-a-key-to-enable-it--and-set-the-expiration-date-and-tags](https://docs.microsoft.com/en-us/powershell/module/az.keyvault/update-azkeyvaultkey?view=azps-5.8.0#example-1--modify-a-key-to-enable-it--and-set-the-expiration-date-and-tags)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.caching.query-string.flask-cache-query-string",
-              "id": "python.flask.caching.query-string.flask-cache-query-string",
-              "name": "python.flask.caching.query-string.flask-cache-query-string",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.caching.query-string.flask-cache-query-string"
+                "tags": [
+                  "CWE-262: Not Using Password Aging",
+                  "MEDIUM CONFIDENCE",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.lang.security.dangerous-exec.dangerous-exec",
+              "name": "ruby.lang.security.dangerous-exec.dangerous-exec",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.dangerous-exec.dangerous-exec"
               },
-              "fullDescription": {
-                "text": "The native Python `xml` library is vulnerable to XML External Entity (XXE) attacks.  These attacks can leak confidential data and \"XML bombs\" can cause denial of service. Do not use this library to parse untrusted input. Instead  the Python documentation recommends using `defusedxml`."
+              "full_description": {
+                "text": "Detected non-static command inside $EXEC. Audit the input to '$EXEC'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.dangerous-exec.dangerous-exec",
               "help": {
-                "markdown": "The native Python `xml` library is vulnerable to XML External Entity (XXE) attacks.  These attacks can leak confidential data and \"XML bombs\" can cause denial of service. Do not use this library to parse untrusted input. Instead  the Python documentation recommends using `defusedxml`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.use-defused-xml-parse.use-defused-xml-parse)\n - [https://docs.python.org/3/library/xml.html](https://docs.python.org/3/library/xml.html)\n - [https://github.com/tiran/defusedxml](https://github.com/tiran/defusedxml)\n - [https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing](https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing)\n",
-                "text": "The native Python `xml` library is vulnerable to XML External Entity (XXE) attacks.  These attacks can leak confidential data and \"XML bombs\" can cause denial of service. Do not use this library to parse untrusted input. Instead  the Python documentation recommends using `defusedxml`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected non-static command inside $EXEC. Audit the input to '$EXEC'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-static command inside $EXEC. Audit the input to '$EXEC'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.dangerous-exec.dangerous-exec)\n - [https://guides.rubyonrails.org/security.html#command-line-injection](https://guides.rubyonrails.org/security.html#command-line-injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.use-defused-xml-parse.use-defused-xml-parse",
-              "id": "python.lang.security.use-defused-xml-parse.use-defused-xml-parse",
-              "name": "python.lang.security.use-defused-xml-parse.use-defused-xml-parse",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.use-defused-xml-parse.use-defused-xml-parse"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.dangerous-spawn-process.dangerous-spawn-process",
+              "name": "python.lang.security.dangerous-spawn-process.dangerous-spawn-process",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.dangerous-spawn-process.dangerous-spawn-process"
               },
-              "fullDescription": {
-                "text": "User data from `$REQ` is being compiled into the template, which can lead to a Server Side Template Injection (SSTI) vulnerability."
+              "full_description": {
+                "text": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.dangerous-spawn-process.dangerous-spawn-process",
               "help": {
-                "markdown": "User data from `$REQ` is being compiled into the template, which can lead to a Server Side Template Injection (SSTI) vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-insecure-template-usage.express-insecure-template-usage)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)\n",
-                "text": "User data from `$REQ` is being compiled into the template, which can lead to a Server Side Template Injection (SSTI) vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-spawn-process.dangerous-spawn-process)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-insecure-template-usage.express-insecure-template-usage",
-              "id": "javascript.express.security.express-insecure-template-usage.express-insecure-template-usage",
-              "name": "javascript.express.security.express-insecure-template-usage.express-insecure-template-usage",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-insecure-template-usage.express-insecure-template-usage"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.deserialization.pickle.avoid-pickle",
+              "name": "python.lang.security.deserialization.pickle.avoid-pickle",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.deserialization.pickle.avoid-pickle"
               },
-              "fullDescription": {
-                "text": "Artifactory token detected"
+              "full_description": {
+                "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-pickle",
               "help": {
-                "markdown": "Artifactory token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-artifactory-password.detected-artifactory-password)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Artifactory token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-pickle)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-artifactory-password.detected-artifactory-password",
-              "id": "generic.secrets.security.detected-artifactory-password.detected-artifactory-password",
-              "name": "generic.secrets.security.detected-artifactory-password.detected-artifactory-password",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-artifactory-password.detected-artifactory-password"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.dangerous-syscall-exec.dangerous-syscall-exec",
+              "name": "go.lang.security.audit.dangerous-syscall-exec.dangerous-syscall-exec",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.dangerous-syscall-exec.dangerous-syscall-exec"
               },
-              "fullDescription": {
-                "text": "Dangerously accepting invalid TLS information"
+              "full_description": {
+                "text": "Detected non-static command inside Exec. Audit the input to 'syscall.Exec'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.dangerous-syscall-exec.dangerous-syscall-exec",
               "help": {
-                "markdown": "Dangerously accepting invalid TLS information\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/rust.lang.security.reqwest-accept-invalid.reqwest-accept-invalid)\n - [https://docs.rs/reqwest/latest/reqwest/struct.ClientBuilder.html#method.danger_accept_invalid_hostnames](https://docs.rs/reqwest/latest/reqwest/struct.ClientBuilder.html#method.danger_accept_invalid_hostnames)\n - [https://docs.rs/reqwest/latest/reqwest/struct.ClientBuilder.html#method.danger_accept_invalid_certs](https://docs.rs/reqwest/latest/reqwest/struct.ClientBuilder.html#method.danger_accept_invalid_certs)\n",
-                "text": "Dangerously accepting invalid TLS information\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected non-static command inside Exec. Audit the input to 'syscall.Exec'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected non-static command inside Exec. Audit the input to 'syscall.Exec'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.dangerous-syscall-exec.dangerous-syscall-exec)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/rust.lang.security.reqwest-accept-invalid.reqwest-accept-invalid",
-              "id": "rust.lang.security.reqwest-accept-invalid.reqwest-accept-invalid",
-              "name": "rust.lang.security.reqwest-accept-invalid.reqwest-accept-invalid",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-295: Improper Certificate Validation",
-                  "HIGH CONFIDENCE",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: rust.lang.security.reqwest-accept-invalid.reqwest-accept-invalid"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.monaco-editor.security.audit.monaco-hover-htmlsupport.monaco-hover-htmlsupport",
+              "name": "javascript.monaco-editor.security.audit.monaco-hover-htmlsupport.monaco-hover-htmlsupport",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.monaco-editor.security.audit.monaco-hover-htmlsupport.monaco-hover-htmlsupport"
               },
-              "fullDescription": {
-                "text": "The code must not contain any of Unicode Direction Control Characters"
+              "full_description": {
+                "text": "If user input reaches `HoverProvider` while `supportHml` is set to `true` it may introduce an XSS vulnerability. Do not produce HTML for hovers with dynamically generated input."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.monaco-editor.security.audit.monaco-hover-htmlsupport.monaco-hover-htmlsupport",
               "help": {
-                "markdown": "The code must not contain any of Unicode Direction Control Characters\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.no-bidi-characters.no-bidi-characters)\n - [https://entethalliance.org/specs/ethtrust-sl/v1/#req-1-unicode-bdo](https://entethalliance.org/specs/ethtrust-sl/v1/#req-1-unicode-bdo)\n",
-                "text": "The code must not contain any of Unicode Direction Control Characters\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If user input reaches `HoverProvider` while `supportHml` is set to `true` it may introduce an XSS vulnerability. Do not produce HTML for hovers with dynamically generated input.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If user input reaches `HoverProvider` while `supportHml` is set to `true` it may introduce an XSS vulnerability. Do not produce HTML for hovers with dynamically generated input.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.monaco-editor.security.audit.monaco-hover-htmlsupport.monaco-hover-htmlsupport)\n - [https://github.com/microsoft/monaco-editor/issues/801](https://github.com/microsoft/monaco-editor/issues/801)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.no-bidi-characters.no-bidi-characters",
-              "id": "solidity.security.no-bidi-characters.no-bidi-characters",
-              "name": "solidity.security.no-bidi-characters.no-bidi-characters",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-837: Improper Enforcement of a Single, Unique Action",
-                  "HIGH CONFIDENCE",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.no-bidi-characters.no-bidi-characters"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.lang.security.audit.dangerous-seq-run.dangerous-seq-run",
+              "name": "scala.lang.security.audit.dangerous-seq-run.dangerous-seq-run",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.dangerous-seq-run.dangerous-seq-run"
               },
-              "fullDescription": {
-                "text": "Initializing a security context for Dask (`distributed`) without \"require_encryption\" keyword argument may silently fail to provide security."
+              "full_description": {
+                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.dangerous-seq-run.dangerous-seq-run",
               "help": {
-                "markdown": "Initializing a security context for Dask (`distributed`) without \"require_encryption\" keyword argument may silently fail to provide security.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.distributed.security.require-encryption)\n - [https://distributed.dask.org/en/latest/tls.html?highlight=require_encryption#parameters](https://distributed.dask.org/en/latest/tls.html?highlight=require_encryption#parameters)\n",
-                "text": "Initializing a security context for Dask (`distributed`) without \"require_encryption\" keyword argument may silently fail to provide security.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.dangerous-seq-run.dangerous-seq-run)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.distributed.security.require-encryption",
-              "id": "python.distributed.security.require-encryption",
-              "name": "python.distributed.security.require-encryption",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.distributed.security.require-encryption"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.query-set-extra.avoid-query-set-extra",
+              "name": "python.django.security.audit.query-set-extra.avoid-query-set-extra",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.query-set-extra.avoid-query-set-extra"
               },
-              "fullDescription": {
-                "text": "By letting user input control `X-Frame-Options` header, there is a risk that software does not properly verify whether or not a browser should be allowed to render a page in an `iframe`."
+              "full_description": {
+                "text": "QuerySet.extra' does not provide safeguards against SQL injection and requires very careful use. SQL injection can lead to critical data being stolen by attackers. Instead of using '.extra', use the Django ORM and parameterized queries such as `People.objects.get(name='Bob')`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.query-set-extra.avoid-query-set-extra",
               "help": {
-                "markdown": "By letting user input control `X-Frame-Options` header, there is a risk that software does not properly verify whether or not a browser should be allowed to render a page in an `iframe`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.x-frame-options-misconfiguration.x-frame-options-misconfiguration)\n - [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)\n",
-                "text": "By letting user input control `X-Frame-Options` header, there is a risk that software does not properly verify whether or not a browser should be allowed to render a page in an `iframe`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "QuerySet.extra' does not provide safeguards against SQL injection and requires very careful use. SQL injection can lead to critical data being stolen by attackers. Instead of using '.extra', use the Django ORM and parameterized queries such as `People.objects.get(name='Bob')`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "QuerySet.extra' does not provide safeguards against SQL injection and requires very careful use. SQL injection can lead to critical data being stolen by attackers. Instead of using '.extra', use the Django ORM and parameterized queries such as `People.objects.get(name='Bob')`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.query-set-extra.avoid-query-set-extra)\n - [https://docs.djangoproject.com/en/3.0/ref/models/querysets/#django.db.models.query.QuerySet.extra](https://docs.djangoproject.com/en/3.0/ref/models/querysets/#django.db.models.query.QuerySet.extra)\n - [https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/](https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.x-frame-options-misconfiguration.x-frame-options-misconfiguration",
-              "id": "javascript.express.security.x-frame-options-misconfiguration.x-frame-options-misconfiguration",
-              "name": "javascript.express.security.x-frame-options-misconfiguration.x-frame-options-misconfiguration",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-451: User Interface (UI) Misrepresentation of Critical Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.x-frame-options-misconfiguration.x-frame-options-misconfiguration"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve-ftp.insecure-urlretrieve-ftp",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve-ftp.insecure-urlretrieve-ftp",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve-ftp.insecure-urlretrieve-ftp"
               },
-              "fullDescription": {
-                "text": "Found non static data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'."
+              "full_description": {
+                "text": "Detected 'urllib.urlretrieve()' using 'ftp://'. This request will not be encrypted. Use SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve-ftp.insecure-urlretrieve-ftp",
               "help": {
-                "markdown": "Found non static data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-globals-use.dangerous-globals-use)\n - [https://github.com/mpirnat/lets-be-bad-guys/blob/d92768fb3ade32956abd53bd6bb06e19d634a084/badguys/vulnerable/views.py#L181-L186](https://github.com/mpirnat/lets-be-bad-guys/blob/d92768fb3ade32956abd53bd6bb06e19d634a084/badguys/vulnerable/views.py#L181-L186)\n",
-                "text": "Found non static data as an index to 'globals()'. This is extremely dangerous because it allows an attacker to execute arbitrary code on the system. Refactor your code not to use 'globals()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected 'urllib.urlretrieve()' using 'ftp://'. This request will not be encrypted. Use SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected 'urllib.urlretrieve()' using 'ftp://'. This request will not be encrypted. Use SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve-ftp.insecure-urlretrieve-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.urlretrieve](https://docs.python.org/3/library/urllib.request.html#urllib.request.urlretrieve)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.dangerous-globals-use.dangerous-globals-use",
-              "id": "python.lang.security.dangerous-globals-use.dangerous-globals-use",
-              "name": "python.lang.security.dangerous-globals-use.dangerous-globals-use",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.dangerous-globals-use.dangerous-globals-use"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.injection.reflected-data-httpresponsebadrequest.reflected-data-httpresponsebadrequest",
+              "name": "python.django.security.injection.reflected-data-httpresponsebadrequest.reflected-data-httpresponsebadrequest",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.reflected-data-httpresponsebadrequest.reflected-data-httpresponsebadrequest"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `puppeteer` methods it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "Found user-controlled request data passed into a HttpResponseBadRequest. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.reflected-data-httpresponsebadrequest.reflected-data-httpresponsebadrequest",
               "help": {
-                "markdown": "If unverified user data can reach the `puppeteer` methods it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-puppeteer-injection.express-puppeteer-injection)\n - [https://pptr.dev/api/puppeteer.page](https://pptr.dev/api/puppeteer.page)\n",
-                "text": "If unverified user data can reach the `puppeteer` methods it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user-controlled request data passed into a HttpResponseBadRequest. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user-controlled request data passed into a HttpResponseBadRequest. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.reflected-data-httpresponsebadrequest.reflected-data-httpresponsebadrequest)\n - [https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss](https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-puppeteer-injection.express-puppeteer-injection",
-              "id": "javascript.express.security.express-puppeteer-injection.express-puppeteer-injection",
-              "name": "javascript.express.security.express-puppeteer-injection.express-puppeteer-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-puppeteer-injection.express-puppeteer-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.injection.tainted-url-host.tainted-url-host",
+              "name": "php.lang.security.injection.tainted-url-host.tainted-url-host",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.injection.tainted-url-host.tainted-url-host"
               },
-              "fullDescription": {
-                "text": "Detected DES cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead."
+              "full_description": {
+                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.injection.tainted-url-host.tainted-url-host",
               "help": {
-                "markdown": "Detected DES cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-des.insecure-cipher-algorithm-des)\n - [https://cwe.mitre.org/data/definitions/326.html](https://cwe.mitre.org/data/definitions/326.html)\n",
-                "text": "Detected DES cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.injection.tainted-url-host.tainted-url-host)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-des.insecure-cipher-algorithm-des",
-              "id": "python.pycryptodome.security.insecure-cipher-algorithm-des.insecure-cipher-algorithm-des",
-              "name": "python.pycryptodome.security.insecure-cipher-algorithm-des.insecure-cipher-algorithm-des",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insecure-cipher-algorithm-des.insecure-cipher-algorithm-des"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.secrets.security.detected-aws-account-id.detected-aws-account-id",
+              "name": "generic.secrets.security.detected-aws-account-id.detected-aws-account-id",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-aws-account-id.detected-aws-account-id"
               },
-              "fullDescription": {
-                "text": "S3 bucket with public read-write access detected."
+              "full_description": {
+                "text": "AWS Account ID detected. While not considered sensitive information, it is important to use them and share them carefully. For that reason it would be preferrable avoiding to hardcoded it here. Instead, read the value from an environment variable or keep the value in a separate, private file."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-aws-account-id.detected-aws-account-id",
               "help": {
-                "markdown": "S3 bucket with public read-write access detected.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.s3-public-rw-bucket.s3-public-rw-bucket)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#acl)\n - [https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl)\n",
-                "text": "S3 bucket with public read-write access detected.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "AWS Account ID detected. While not considered sensitive information, it is important to use them and share them carefully. For that reason it would be preferrable avoiding to hardcoded it here. Instead, read the value from an environment variable or keep the value in a separate, private file.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "AWS Account ID detected. While not considered sensitive information, it is important to use them and share them carefully. For that reason it would be preferrable avoiding to hardcoded it here. Instead, read the value from an environment variable or keep the value in a separate, private file.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-aws-account-id.detected-aws-account-id)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.s3-public-rw-bucket.s3-public-rw-bucket",
-              "id": "terraform.lang.security.s3-public-rw-bucket.s3-public-rw-bucket",
-              "name": "terraform.lang.security.s3-public-rw-bucket.s3-public-rw-bucket",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.s3-public-rw-bucket.s3-public-rw-bucket"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text",
+              "name": "python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text",
+              "short_description": {
+                "text": "Semgrep Finding: python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text"
               },
-              "fullDescription": {
-                "text": "$sceDelegateProvider allowlisting can introduce security issues if wildcards are used."
+              "full_description": {
+                "text": "sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as or_, and_, etc.) to construct SQL."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text",
               "help": {
-                "markdown": "$sceDelegateProvider allowlisting can introduce security issues if wildcards are used.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-resource-loading.detect-angular-resource-loading)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsJs](https://docs.angularjs.org/api/ng/service/$sce#trustAsJs)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "$sceDelegateProvider allowlisting can introduce security issues if wildcards are used.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as or_, and_, etc.) to construct SQL.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as or_, and_, etc.) to construct SQL.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text)\n - [https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql](https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-resource-loading.detect-angular-resource-loading",
-              "id": "javascript.angular.security.detect-angular-resource-loading.detect-angular-resource-loading",
-              "name": "javascript.angular.security.detect-angular-resource-loading.detect-angular-resource-loading",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-resource-loading.detect-angular-resource-loading"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.aws-lambda.security.psycopg-sqli.psycopg-sqli",
+              "name": "python.aws-lambda.security.psycopg-sqli.psycopg-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.psycopg-sqli.psycopg-sqli"
               },
-              "fullDescription": {
-                "text": "Detected the use of an insecure deserialization library in a Flask route. These libraries are prone to code execution vulnerabilities. Ensure user data does not enter this function. To fix this, try to avoid serializing whole objects. Consider instead using a serializer such as JSON."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.psycopg-sqli.psycopg-sqli",
               "help": {
-                "markdown": "Detected the use of an insecure deserialization library in a Flask route. These libraries are prone to code execution vulnerabilities. Ensure user data does not enter this function. To fix this, try to avoid serializing whole objects. Consider instead using a serializer such as JSON.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.insecure-deserialization.insecure-deserialization)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n",
-                "text": "Detected the use of an insecure deserialization library in a Flask route. These libraries are prone to code execution vulnerabilities. Ensure user data does not enter this function. To fix this, try to avoid serializing whole objects. Consider instead using a serializer such as JSON.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.psycopg-sqli.psycopg-sqli)\n - [https://www.psycopg.org/docs/cursor.html#cursor.execute](https://www.psycopg.org/docs/cursor.html#cursor.execute)\n - [https://www.psycopg.org/docs/cursor.html#cursor.executemany](https://www.psycopg.org/docs/cursor.html#cursor.executemany)\n - [https://www.psycopg.org/docs/cursor.html#cursor.mogrify](https://www.psycopg.org/docs/cursor.html#cursor.mogrify)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.insecure-deserialization.insecure-deserialization",
-              "id": "python.flask.security.insecure-deserialization.insecure-deserialization",
-              "name": "python.flask.security.insecure-deserialization.insecure-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.insecure-deserialization.insecure-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
+              "name": "python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1"
               },
-              "fullDescription": {
-                "text": "Outlook Team detected"
+              "full_description": {
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
               "help": {
-                "markdown": "Outlook Team detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-outlook-team.detected-outlook-team)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Outlook Team detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-outlook-team.detected-outlook-team",
-              "id": "generic.secrets.security.detected-outlook-team.detected-outlook-team",
-              "name": "generic.secrets.security.detected-outlook-team.detected-outlook-team",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-outlook-team.detected-outlook-team"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.dangerous-asyncio-shell.dangerous-asyncio-shell",
+              "name": "python.aws-lambda.security.dangerous-asyncio-shell.dangerous-asyncio-shell",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-asyncio-shell.dangerous-asyncio-shell"
               },
-              "fullDescription": {
-                "text": "TLS1.0 and TLS1.1 are deprecated and should not be used anymore. By default, NodeJS used TLSv1.2. So, TLS min version must not be downgrade to TLS1.0 or TLS1.1. Enforce TLS1.3 is highly recommended This rule checks TLS configuration only for PostgreSQL, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious."
+              "full_description": {
+                "text": "Detected asyncio subprocess function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-shell.dangerous-asyncio-shell",
               "help": {
-                "markdown": "TLS1.0 and TLS1.1 are deprecated and should not be used anymore. By default, NodeJS used TLSv1.2. So, TLS min version must not be downgrade to TLS1.0 or TLS1.1. Enforce TLS1.3 is highly recommended This rule checks TLS configuration only for PostgreSQL, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-weak-tls-version.sequelize-weak-tls-version)\n - [https://node-postgres.com/features/ssl](https://node-postgres.com/features/ssl)\n - [https://nodejs.org/api/tls.html#tls_class_tls_tlssocket](https://nodejs.org/api/tls.html#tls_class_tls_tlssocket)\n - [https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options](https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options)\n - [https://nodejs.org/api/tls.html#tls_tls_default_min_version](https://nodejs.org/api/tls.html#tls_tls_default_min_version)\n",
-                "text": "TLS1.0 and TLS1.1 are deprecated and should not be used anymore. By default, NodeJS used TLSv1.2. So, TLS min version must not be downgrade to TLS1.0 or TLS1.1. Enforce TLS1.3 is highly recommended This rule checks TLS configuration only for PostgreSQL, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected asyncio subprocess function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected asyncio subprocess function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-shell.dangerous-asyncio-shell)\n - [https://docs.python.org/3/library/asyncio-subprocess.html](https://docs.python.org/3/library/asyncio-subprocess.html)\n - [https://docs.python.org/3/library/shlex.html](https://docs.python.org/3/library/shlex.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-weak-tls-version.sequelize-weak-tls-version",
-              "id": "javascript.sequelize.security.audit.sequelize-weak-tls-version.sequelize-weak-tls-version",
-              "name": "javascript.sequelize.security.audit.sequelize-weak-tls-version.sequelize-weak-tls-version",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.sequelize.security.audit.sequelize-weak-tls-version.sequelize-weak-tls-version"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.cryptography.security.empty-aes-key.empty-aes-key",
+              "name": "python.cryptography.security.empty-aes-key.empty-aes-key",
+              "short_description": {
+                "text": "Semgrep Finding: python.cryptography.security.empty-aes-key.empty-aes-key"
               },
-              "fullDescription": {
-                "text": "Detected use of an insecure MD4 or MD5 hash function. These functions have known vulnerabilities and are considered deprecated. Consider using 'SHA256' or a similar function instead."
+              "full_description": {
+                "text": "Potential empty AES encryption key. Using an empty key in AES encryption can result in weak encryption and may allow attackers to easily decrypt sensitive data. Ensure that a strong, non-empty key is used for AES encryption."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.cryptography.security.empty-aes-key.empty-aes-key",
               "help": {
-                "markdown": "Detected use of an insecure MD4 or MD5 hash function. These functions have known vulnerabilities and are considered deprecated. Consider using 'SHA256' or a similar function instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.insecure-hash-function.insecure-hash-function)\n - [https://tools.ietf.org/html/rfc6151](https://tools.ietf.org/html/rfc6151)\n - [https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision](https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n",
-                "text": "Detected use of an insecure MD4 or MD5 hash function. These functions have known vulnerabilities and are considered deprecated. Consider using 'SHA256' or a similar function instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Potential empty AES encryption key. Using an empty key in AES encryption can result in weak encryption and may allow attackers to easily decrypt sensitive data. Ensure that a strong, non-empty key is used for AES encryption.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Potential empty AES encryption key. Using an empty key in AES encryption can result in weak encryption and may allow attackers to easily decrypt sensitive data. Ensure that a strong, non-empty key is used for AES encryption.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.empty-aes-key.empty-aes-key)\n - [https://cwe.mitre.org/data/definitions/327.html](https://cwe.mitre.org/data/definitions/327.html)\n - [https://cwe.mitre.org/data/definitions/310.html](https://cwe.mitre.org/data/definitions/310.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.insecure-hash-function.insecure-hash-function",
-              "id": "python.lang.security.insecure-hash-function.insecure-hash-function",
-              "name": "python.lang.security.insecure-hash-function.insecure-hash-function",
               "properties": {
                 "precision": "very-high",
                 "tags": [
+                  "CWE-310: Cryptographic Issues",
                   "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A6:2017 misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.insecure-hash-function.insecure-hash-function"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.java-jwt.security.jwt-none-alg.java-jwt-none-alg",
+              "name": "java.java-jwt.security.jwt-none-alg.java-jwt-none-alg",
+              "short_description": {
+                "text": "Semgrep Finding: java.java-jwt.security.jwt-none-alg.java-jwt-none-alg"
               },
-              "fullDescription": {
-                "text": "Cookie Secure flag is explicitly disabled. You should enforce this value to avoid accidentally presenting sensitive cookie values over plaintext HTTP connections."
+              "full_description": {
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.java-jwt.security.jwt-none-alg.java-jwt-none-alg",
               "help": {
-                "markdown": "Cookie Secure flag is explicitly disabled. You should enforce this value to avoid accidentally presenting sensitive cookie values over plaintext HTTP connections.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.web-config-insecure-cookie-settings.web-config-insecure-cookie-settings)\n - [https://docs.microsoft.com/en-us/aspnet/web-api/overview/advanced/http-cookies](https://docs.microsoft.com/en-us/aspnet/web-api/overview/advanced/http-cookies)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.web.security.formsauthentication.requiressl?redirectedfrom=MSDN&view=netframework-4.8#System_Web_Security_FormsAuthentication_RequireSSL](https://docs.microsoft.com/en-us/dotnet/api/system.web.security.formsauthentication.requiressl?redirectedfrom=MSDN&view=netframework-4.8#System_Web_Security_FormsAuthentication_RequireSSL)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.web.security.roles.cookierequiressl?redirectedfrom=MSDN&view=netframework-4.8#System_Web_Security_Roles_CookieRequireSSL](https://docs.microsoft.com/en-us/dotnet/api/system.web.security.roles.cookierequiressl?redirectedfrom=MSDN&view=netframework-4.8#System_Web_Security_Roles_CookieRequireSSL)\n",
-                "text": "Cookie Secure flag is explicitly disabled. You should enforce this value to avoid accidentally presenting sensitive cookie values over plaintext HTTP connections.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.java-jwt.security.jwt-none-alg.java-jwt-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.dotnet.security.web-config-insecure-cookie-settings.web-config-insecure-cookie-settings",
-              "id": "csharp.dotnet.security.web-config-insecure-cookie-settings.web-config-insecure-cookie-settings",
-              "name": "csharp.dotnet.security.web-config-insecure-cookie-settings.web-config-insecure-cookie-settings",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
-                  "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.dotnet.security.web-config-insecure-cookie-settings.web-config-insecure-cookie-settings"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.nginx.security.possible-h2c-smuggling.possible-nginx-h2c-smuggling",
+              "name": "generic.nginx.security.possible-h2c-smuggling.possible-nginx-h2c-smuggling",
+              "short_description": {
+                "text": "Semgrep Finding: generic.nginx.security.possible-h2c-smuggling.possible-nginx-h2c-smuggling"
               },
-              "fullDescription": {
-                "text": "Make sure that unverified user data can not reach `vm2`."
+              "full_description": {
+                "text": "Conditions for Nginx H2C smuggling identified. H2C smuggling allows upgrading HTTP/1.1 connections to lesser-known HTTP/2 over cleartext (h2c) connections which can allow a bypass of reverse proxy access controls, and lead to long-lived, unrestricted HTTP traffic directly to back-end servers. To mitigate: WebSocket support required: Allow only the value websocket for HTTP/1.1 upgrade headers (e.g., Upgrade: websocket). WebSocket support not required: Do not forward Upgrade headers."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.nginx.security.possible-h2c-smuggling.possible-nginx-h2c-smuggling",
               "help": {
-                "markdown": "Make sure that unverified user data can not reach `vm2`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-vm2-injection.express-vm2-injection)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)\n",
-                "text": "Make sure that unverified user data can not reach `vm2`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Conditions for Nginx H2C smuggling identified. H2C smuggling allows upgrading HTTP/1.1 connections to lesser-known HTTP/2 over cleartext (h2c) connections which can allow a bypass of reverse proxy access controls, and lead to long-lived, unrestricted HTTP traffic directly to back-end servers. To mitigate: WebSocket support required: Allow only the value websocket for HTTP/1.1 upgrade headers (e.g., Upgrade: websocket). WebSocket support not required: Do not forward Upgrade headers.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Conditions for Nginx H2C smuggling identified. H2C smuggling allows upgrading HTTP/1.1 connections to lesser-known HTTP/2 over cleartext (h2c) connections which can allow a bypass of reverse proxy access controls, and lead to long-lived, unrestricted HTTP traffic directly to back-end servers. To mitigate: WebSocket support required: Allow only the value websocket for HTTP/1.1 upgrade headers (e.g., Upgrade: websocket). WebSocket support not required: Do not forward Upgrade headers.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.possible-h2c-smuggling.possible-nginx-h2c-smuggling)\n - [https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c](https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-vm2-injection.express-vm2-injection",
-              "id": "javascript.express.security.express-vm2-injection.express-vm2-injection",
-              "name": "javascript.express.security.express-vm2-injection.express-vm2-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-vm2-injection.express-vm2-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.iam.no-iam-priv-esc-roles.no-iam-priv-esc-roles",
+              "name": "terraform.lang.security.iam.no-iam-priv-esc-roles.no-iam-priv-esc-roles",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-priv-esc-roles.no-iam-priv-esc-roles"
               },
-              "fullDescription": {
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as PBKDF2 or bcrypt. You can use `javax.crypto.SecretKeyFactory` with `SecretKeyFactory.getInstance(\"PBKDF2WithHmacSHA1\")` or, if using Spring, `org.springframework.security.crypto.bcrypt`."
+              "full_description": {
+                "text": "Ensure that groups of actions that include iam:PassRole and could result in privilege escalation are not all allowed for the same user. These actions could result in an attacker gaining full admin access of an AWS account. Try not to use these actions in conjuction."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-roles.no-iam-priv-esc-roles",
               "help": {
-                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as PBKDF2 or bcrypt. You can use `javax.crypto.SecretKeyFactory` with `SecretKeyFactory.getInstance(\"PBKDF2WithHmacSHA1\")` or, if using Spring, `org.springframework.security.crypto.bcrypt`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html](https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n - [https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SecretKeyFactory](https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SecretKeyFactory)\n - [https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.html](https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.html)\n",
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as PBKDF2 or bcrypt. You can use `javax.crypto.SecretKeyFactory` with `SecretKeyFactory.getInstance(\"PBKDF2WithHmacSHA1\")` or, if using Spring, `org.springframework.security.crypto.bcrypt`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure that groups of actions that include iam:PassRole and could result in privilege escalation are not all allowed for the same user. These actions could result in an attacker gaining full admin access of an AWS account. Try not to use these actions in conjuction.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure that groups of actions that include iam:PassRole and could result in privilege escalation are not all allowed for the same user. These actions could result in an attacker gaining full admin access of an AWS account. Try not to use these actions in conjuction.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-roles.no-iam-priv-esc-roles)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/](https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/)\n - [https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/](https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.md5-used-as-password.md5-used-as-password",
-              "id": "java.lang.security.audit.md5-used-as-password.md5-used-as-password",
-              "name": "java.lang.security.audit.md5-used-as-password.md5-used-as-password",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-269: Improper Privilege Management",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.md5-used-as-password.md5-used-as-password"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.secrets.security.detected-aws-appsync-graphql-key.detected-aws-appsync-graphql-key",
+              "name": "generic.secrets.security.detected-aws-appsync-graphql-key.detected-aws-appsync-graphql-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-aws-appsync-graphql-key.detected-aws-appsync-graphql-key"
               },
-              "fullDescription": {
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
+              "full_description": {
+                "text": "AWS AppSync GraphQL Key detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-aws-appsync-graphql-key.detected-aws-appsync-graphql-key",
               "help": {
-                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.jjwt.security.jwt-none-alg.jjwt-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "AWS AppSync GraphQL Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "AWS AppSync GraphQL Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-aws-appsync-graphql-key.detected-aws-appsync-graphql-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.jjwt.security.jwt-none-alg.jjwt-none-alg",
-              "id": "java.jjwt.security.jwt-none-alg.jjwt-none-alg",
-              "name": "java.jjwt.security.jwt-none-alg.jjwt-none-alg",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.jjwt.security.jwt-none-alg.jjwt-none-alg"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.open-redirect.open-redirect",
+              "name": "python.django.security.injection.open-redirect.open-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.open-redirect.open-redirect"
               },
-              "fullDescription": {
-                "text": "Found user controlled data inside InteractiveConsole/InteractiveInterpreter method. This is dangerous if external data can reach this function call because it allows a malicious actor to run arbitrary Python code."
+              "full_description": {
+                "text": "Data from request ($DATA) is passed to redirect(). This is an open redirect and could be exploited. Ensure you are redirecting to safe URLs by using django.utils.http.is_safe_url(). See https://cwe.mitre.org/data/definitions/601.html for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.open-redirect.open-redirect",
               "help": {
-                "markdown": "Found user controlled data inside InteractiveConsole/InteractiveInterpreter method. This is dangerous if external data can reach this function call because it allows a malicious actor to run arbitrary Python code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-code-run.dangerous-interactive-code-run)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n",
-                "text": "Found user controlled data inside InteractiveConsole/InteractiveInterpreter method. This is dangerous if external data can reach this function call because it allows a malicious actor to run arbitrary Python code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Data from request ($DATA) is passed to redirect(). This is an open redirect and could be exploited. Ensure you are redirecting to safe URLs by using django.utils.http.is_safe_url(). See https://cwe.mitre.org/data/definitions/601.html for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data from request ($DATA) is passed to redirect(). This is an open redirect and could be exploited. Ensure you are redirecting to safe URLs by using django.utils.http.is_safe_url(). See https://cwe.mitre.org/data/definitions/601.html for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.open-redirect.open-redirect)\n - [https://www.djm.org.uk/posts/djangos-little-protections-word-redirect-dangers/](https://www.djm.org.uk/posts/djangos-little-protections-word-redirect-dangers/)\n - [https://github.com/django/django/blob/d1b7bd030b1db111e1a3505b1fc029ab964382cc/django/utils/http.py#L231](https://github.com/django/django/blob/d1b7bd030b1db111e1a3505b1fc029ab964382cc/django/utils/http.py#L231)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.dangerous-code-run.dangerous-interactive-code-run",
-              "id": "python.lang.security.dangerous-code-run.dangerous-interactive-code-run",
-              "name": "python.lang.security.dangerous-code-run.dangerous-interactive-code-run",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.dangerous-code-run.dangerous-interactive-code-run"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key",
+              "name": "generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key"
               },
-              "fullDescription": {
-                "text": "Validating certificates based on subject name is bad practice. Use the X509Certificate2.Verify() method instead."
+              "full_description": {
+                "text": "Kolide API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key",
               "help": {
-                "markdown": "Validating certificates based on subject name is bad practice. Use the X509Certificate2.Verify() method instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.cryptography.x509-subject-name-validation.X509-subject-name-validation)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.identitymodel.tokens.issuernameregistry?view=netframework-4.8](https://docs.microsoft.com/en-us/dotnet/api/system.identitymodel.tokens.issuernameregistry?view=netframework-4.8)\n",
-                "text": "Validating certificates based on subject name is bad practice. Use the X509Certificate2.Verify() method instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Kolide API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Kolide API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.cryptography.x509-subject-name-validation.X509-subject-name-validation",
-              "id": "csharp.lang.security.cryptography.x509-subject-name-validation.X509-subject-name-validation",
-              "name": "csharp.lang.security.cryptography.x509-subject-name-validation.X509-subject-name-validation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-295: Improper Certificate Validation",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
                   "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.cryptography.x509-subject-name-validation.X509-subject-name-validation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.express-open-redirect.express-open-redirect",
+              "name": "javascript.express.security.audit.express-open-redirect.express-open-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-open-redirect.express-open-redirect"
               },
-              "fullDescription": {
-                "text": "CSRF protection is disabled for this configuration. This is a security risk. Make sure that it is safe or consider setting `csrf_protection` property to `true`."
+              "full_description": {
+                "text": "The application redirects to a URL specified by user-supplied input `$REQ` that is not validated. This could redirect users to malicious locations. Consider using an allow-list approach to validate URLs, or warn users they are being redirected to a third-party website."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-open-redirect.express-open-redirect",
               "help": {
-                "markdown": "CSRF protection is disabled for this configuration. This is a security risk. Make sure that it is safe or consider setting `csrf_protection` property to `true`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.symfony.security.audit.symfony-csrf-protection-disabled.symfony-csrf-protection-disabled)\n - [https://symfony.com/doc/current/security/csrf.html](https://symfony.com/doc/current/security/csrf.html)\n",
-                "text": "CSRF protection is disabled for this configuration. This is a security risk. Make sure that it is safe or consider setting `csrf_protection` property to `true`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The application redirects to a URL specified by user-supplied input `$REQ` that is not validated. This could redirect users to malicious locations. Consider using an allow-list approach to validate URLs, or warn users they are being redirected to a third-party website.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The application redirects to a URL specified by user-supplied input `$REQ` that is not validated. This could redirect users to malicious locations. Consider using an allow-list approach to validate URLs, or warn users they are being redirected to a third-party website.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-open-redirect.express-open-redirect)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.symfony.security.audit.symfony-csrf-protection-disabled.symfony-csrf-protection-disabled",
-              "id": "php.symfony.security.audit.symfony-csrf-protection-disabled.symfony-csrf-protection-disabled",
-              "name": "php.symfony.security.audit.symfony-csrf-protection-disabled.symfony-csrf-protection-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
-                  "LOW CONFIDENCE",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "HIGH CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.symfony.security.audit.symfony-csrf-protection-disabled.symfony-csrf-protection-disabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.spring.security.audit.spring-csrf-disabled.spring-csrf-disabled",
+              "name": "java.spring.security.audit.spring-csrf-disabled.spring-csrf-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.audit.spring-csrf-disabled.spring-csrf-disabled"
               },
-              "fullDescription": {
-                "text": "Found a Flask cookie with insecurely configured properties.  By default the secure, httponly and samesite ar configured insecurely. cookies should be handled securely by setting `secure=True`, `httponly=True`, and `samesite='Lax'` in response.set_cookie(...). If these parameters are not properly set, your cookies are not properly protected and are at risk of being stolen by an attacker. Include the `secure=True`, `httponly=True`, `samesite='Lax'` arguments or set these to be true in the Flask configuration."
+              "full_description": {
+                "text": "CSRF protection is disabled for this configuration. This is a security risk."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.audit.spring-csrf-disabled.spring-csrf-disabled",
               "help": {
-                "markdown": "Found a Flask cookie with insecurely configured properties.  By default the secure, httponly and samesite ar configured insecurely. cookies should be handled securely by setting `secure=True`, `httponly=True`, and `samesite='Lax'` in response.set_cookie(...). If these parameters are not properly set, your cookies are not properly protected and are at risk of being stolen by an attacker. Include the `secure=True`, `httponly=True`, `samesite='Lax'` arguments or set these to be true in the Flask configuration.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.secure-set-cookie.secure-set-cookie)\n - [https://flask.palletsprojects.com/en/3.0.x/api/#flask.Response.set_cookie](https://flask.palletsprojects.com/en/3.0.x/api/#flask.Response.set_cookie)\n - [https://flask.palletsprojects.com/en/3.0.x/security/#set-cookie-options](https://flask.palletsprojects.com/en/3.0.x/security/#set-cookie-options)\n",
-                "text": "Found a Flask cookie with insecurely configured properties.  By default the secure, httponly and samesite ar configured insecurely. cookies should be handled securely by setting `secure=True`, `httponly=True`, and `samesite='Lax'` in response.set_cookie(...). If these parameters are not properly set, your cookies are not properly protected and are at risk of being stolen by an attacker. Include the `secure=True`, `httponly=True`, `samesite='Lax'` arguments or set these to be true in the Flask configuration.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "CSRF protection is disabled for this configuration. This is a security risk.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "CSRF protection is disabled for this configuration. This is a security risk.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spring-csrf-disabled.spring-csrf-disabled)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.secure-set-cookie.secure-set-cookie",
-              "id": "python.flask.security.audit.secure-set-cookie.secure-set-cookie",
-              "name": "python.flask.security.audit.secure-set-cookie.secure-set-cookie",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.secure-set-cookie.secure-set-cookie"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "name": "python.aws-lambda.security.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.tainted-sql-string.tainted-sql-string"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities"
+              "full_description": {
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.node-expat.security.audit.expat-xxe.expat-xxe)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n",
-                "text": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.node-expat.security.audit.expat-xxe.expat-xxe",
-              "id": "javascript.node-expat.security.audit.expat-xxe.expat-xxe",
-              "name": "javascript.node-expat.security.audit.expat-xxe.expat-xxe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "LOW CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.node-expat.security.audit.expat-xxe.expat-xxe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.jwt.security.audit.jwt-exposed-data.ruby-jwt-exposed-data",
+              "name": "ruby.jwt.security.audit.jwt-exposed-data.ruby-jwt-exposed-data",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.jwt.security.audit.jwt-exposed-data.ruby-jwt-exposed-data"
               },
-              "fullDescription": {
-                "text": "The application accepts potentially user-controlled input `$PROP` which can control the location of the current window context. This can lead two types of vulnerabilities open-redirection and Cross-Site-Scripting (XSS) with JavaScript URIs. It is recommended to validate user-controllable input before allowing it to control the redirection."
+              "full_description": {
+                "text": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.jwt.security.audit.jwt-exposed-data.ruby-jwt-exposed-data",
               "help": {
-                "markdown": "The application accepts potentially user-controlled input `$PROP` which can control the location of the current window context. This can lead two types of vulnerabilities open-redirection and Cross-Site-Scripting (XSS) with JavaScript URIs. It is recommended to validate user-controllable input before allowing it to control the redirection.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.open-redirect.js-open-redirect)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)\n",
-                "text": "The application accepts potentially user-controlled input `$PROP` which can control the location of the current window context. This can lead two types of vulnerabilities open-redirection and Cross-Site-Scripting (XSS) with JavaScript URIs. It is recommended to validate user-controllable input before allowing it to control the redirection.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.jwt.security.audit.jwt-exposed-data.ruby-jwt-exposed-data)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.browser.security.open-redirect.js-open-redirect",
-              "id": "javascript.browser.security.open-redirect.js-open-redirect",
-              "name": "javascript.browser.security.open-redirect.js-open-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.browser.security.open-redirect.js-open-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "csharp.lang.security.ssrf.web-request.ssrf",
+              "name": "csharp.lang.security.ssrf.web-request.ssrf",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.ssrf.web-request.ssrf"
               },
-              "fullDescription": {
-                "text": "Calling mb_ereg_replace with user input in the options can lead to arbitrary code execution. The eval modifier (`e`) evaluates the replacement argument as code."
+              "full_description": {
+                "text": "The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. Many different options exist to fix this issue depending the use case (Application can send request only to identified and trusted applications, Application can send requests to ANY external IP address or domain name)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.ssrf.web-request.ssrf",
               "help": {
-                "markdown": "Calling mb_ereg_replace with user input in the options can lead to arbitrary code execution. The eval modifier (`e`) evaluates the replacement argument as code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.mb-ereg-replace-eval.mb-ereg-replace-eval)\n - [https://www.php.net/manual/en/function.mb-ereg-replace.php](https://www.php.net/manual/en/function.mb-ereg-replace.php)\n - [https://www.php.net/manual/en/function.mb-regex-set-options.php](https://www.php.net/manual/en/function.mb-regex-set-options.php)\n",
-                "text": "Calling mb_ereg_replace with user input in the options can lead to arbitrary code execution. The eval modifier (`e`) evaluates the replacement argument as code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. Many different options exist to fix this issue depending the use case (Application can send request only to identified and trusted applications, Application can send requests to ANY external IP address or domain name).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. Many different options exist to fix this issue depending the use case (Application can send request only to identified and trusted applications, Application can send requests to ANY external IP address or domain name).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.ssrf.web-request.ssrf)\n - [https://cwe.mitre.org/data/definitions/918.html](https://cwe.mitre.org/data/definitions/918.html)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.mb-ereg-replace-eval.mb-ereg-replace-eval",
-              "id": "php.lang.security.mb-ereg-replace-eval.mb-ereg-replace-eval",
-              "name": "php.lang.security.mb-ereg-replace-eval.mb-ereg-replace-eval",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.mb-ereg-replace-eval.mb-ereg-replace-eval"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-iam-admin-policy.aws-iam-admin-policy",
+              "name": "terraform.aws.security.aws-iam-admin-policy.aws-iam-admin-policy",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-iam-admin-policy.aws-iam-admin-policy"
               },
-              "fullDescription": {
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications."
+              "full_description": {
+                "text": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-iam-admin-policy.aws-iam-admin-policy",
               "help": {
-                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-sha1.use-of-sha1)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-iam-admin-policy.aws-iam-admin-policy)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-sha1.use-of-sha1",
-              "id": "java.lang.security.audit.crypto.use-of-sha1.use-of-sha1",
-              "name": "java.lang.security.audit.crypto.use-of-sha1.use-of-sha1",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-328: Use of Weak Hash",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-sha1.use-of-sha1"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request",
+              "name": "problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request"
               },
-              "fullDescription": {
-                "text": "Found the use of an hardcoded passphrase for RSA. The passphrase can be easily discovered, and therefore should not be stored in source-code. It is recommended to remove the passphrase from source-code, and use system environment variables or a restricted configuration file."
+              "full_description": {
+                "text": "Checks for attempts to connect to an insecure telnet server using the package telnet. This is bad because it can lead to man in the middle attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request",
               "help": {
-                "markdown": "Found the use of an hardcoded passphrase for RSA. The passphrase can be easily discovered, and therefore should not be stored in source-code. It is recommended to remove the passphrase from source-code, and use system environment variables or a restricted configuration file.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.hardcoded-secret-rsa-passphrase.hardcoded-secret-rsa-passphrase)\n - [https://cwe.mitre.org/data/definitions/522.html](https://cwe.mitre.org/data/definitions/522.html)\n",
-                "text": "Found the use of an hardcoded passphrase for RSA. The passphrase can be easily discovered, and therefore should not be stored in source-code. It is recommended to remove the passphrase from source-code, and use system environment variables or a restricted configuration file.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for attempts to connect to an insecure telnet server using the package telnet. This is bad because it can lead to man in the middle attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for attempts to connect to an insecure telnet server using the package telnet. This is bad because it can lead to man in the middle attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request)\n - [https://godoc.org/github.com/reiver/go-telnet](https://godoc.org/github.com/reiver/go-telnet)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.hardcoded-secret-rsa-passphrase.hardcoded-secret-rsa-passphrase",
-              "id": "ruby.lang.security.hardcoded-secret-rsa-passphrase.hardcoded-secret-rsa-passphrase",
-              "name": "ruby.lang.security.hardcoded-secret-rsa-passphrase.hardcoded-secret-rsa-passphrase",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.hardcoded-secret-rsa-passphrase.hardcoded-secret-rsa-passphrase"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.laravel.security.laravel-sql-injection.laravel-sql-injection",
+              "name": "php.laravel.security.laravel-sql-injection.laravel-sql-injection",
+              "short_description": {
+                "text": "Semgrep Finding: php.laravel.security.laravel-sql-injection.laravel-sql-injection"
               },
-              "fullDescription": {
-                "text": "The following function call $SER.$FUNC accepts user controlled data which can result in Remote Code Execution (RCE) through Object Deserialization. It is recommended to use secure data processing alternatives such as JSON.parse() and Buffer.from()."
+              "full_description": {
+                "text": "Detected a SQL query based on user input. This could lead to SQL injection, which could potentially result in sensitive data being exfiltrated by attackers. Instead, use parameterized queries and prepared statements."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/php.laravel.security.laravel-sql-injection.laravel-sql-injection",
               "help": {
-                "markdown": "The following function call $SER.$FUNC accepts user controlled data which can result in Remote Code Execution (RCE) through Object Deserialization. It is recommended to use secure data processing alternatives such as JSON.parse() and Buffer.from().\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-third-party-object-deserialization.express-third-party-object-deserialization)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html)\n",
-                "text": "The following function call $SER.$FUNC accepts user controlled data which can result in Remote Code Execution (RCE) through Object Deserialization. It is recommended to use secure data processing alternatives such as JSON.parse() and Buffer.from().\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a SQL query based on user input. This could lead to SQL injection, which could potentially result in sensitive data being exfiltrated by attackers. Instead, use parameterized queries and prepared statements.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a SQL query based on user input. This could lead to SQL injection, which could potentially result in sensitive data being exfiltrated by attackers. Instead, use parameterized queries and prepared statements.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.laravel.security.laravel-sql-injection.laravel-sql-injection)\n - [https://laravel.com/docs/8.x/queries](https://laravel.com/docs/8.x/queries)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-third-party-object-deserialization.express-third-party-object-deserialization",
-              "id": "javascript.express.security.audit.express-third-party-object-deserialization.express-third-party-object-deserialization",
-              "name": "javascript.express.security.audit.express-third-party-object-deserialization.express-third-party-object-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-third-party-object-deserialization.express-third-party-object-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.weak-ssl-context.weak-ssl-context",
+              "name": "java.lang.security.audit.weak-ssl-context.weak-ssl-context",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.weak-ssl-context.weak-ssl-context"
               },
-              "fullDescription": {
-                "text": "Some Microsoft services that interact with storage accounts operate from networks that can't be granted access through network rules. To help this type of service work as intended, allow the set of trusted Microsoft services to bypass the network rules"
+              "full_description": {
+                "text": "An insecure SSL context was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use SSLContext.getInstance(\"TLSv1.2\") for the best security."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.weak-ssl-context.weak-ssl-context",
               "help": {
-                "markdown": "Some Microsoft services that interact with storage accounts operate from networks that can't be granted access through network rules. To help this type of service work as intended, allow the set of trusted Microsoft services to bypass the network rules\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.storage.storage-allow-microsoft-service-bypass.storage-allow-microsoft-service-bypass)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#bypass](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#bypass)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#bypass](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_network_rules#bypass)\n - [https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security#trusted-microsoft-services](https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security#trusted-microsoft-services)\n",
-                "text": "Some Microsoft services that interact with storage accounts operate from networks that can't be granted access through network rules. To help this type of service work as intended, allow the set of trusted Microsoft services to bypass the network rules\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "An insecure SSL context was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use SSLContext.getInstance(\"TLSv1.2\") for the best security.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "An insecure SSL context was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use SSLContext.getInstance(\"TLSv1.2\") for the best security.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.weak-ssl-context.weak-ssl-context)\n - [https://tools.ietf.org/html/rfc7568](https://tools.ietf.org/html/rfc7568)\n - [https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html](https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.storage.storage-allow-microsoft-service-bypass.storage-allow-microsoft-service-bypass",
-              "id": "terraform.azure.security.storage.storage-allow-microsoft-service-bypass.storage-allow-microsoft-service-bypass",
-              "name": "terraform.azure.security.storage.storage-allow-microsoft-service-bypass.storage-allow-microsoft-service-bypass",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.storage.storage-allow-microsoft-service-bypass.storage-allow-microsoft-service-bypass"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.github-actions.security.workflow-run-target-code-checkout.workflow-run-target-code-checkout",
+              "name": "yaml.github-actions.security.workflow-run-target-code-checkout.workflow-run-target-code-checkout",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.github-actions.security.workflow-run-target-code-checkout.workflow-run-target-code-checkout"
               },
-              "fullDescription": {
-                "text": "Detected RC4 cipher algorithm which is insecure. The algorithm has many known vulnerabilities. Use AES instead."
+              "full_description": {
+                "text": "This GitHub Actions workflow file uses `workflow_run` and checks out code from the incoming pull request. When using `workflow_run`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/yaml.github-actions.security.workflow-run-target-code-checkout.workflow-run-target-code-checkout",
               "help": {
-                "markdown": "Detected RC4 cipher algorithm which is insecure. The algorithm has many known vulnerabilities. Use AES instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-rc4)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected RC4 cipher algorithm which is insecure. The algorithm has many known vulnerabilities. Use AES instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "This GitHub Actions workflow file uses `workflow_run` and checks out code from the incoming pull request. When using `workflow_run`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This GitHub Actions workflow file uses `workflow_run` and checks out code from the incoming pull request. When using `workflow_run`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.workflow-run-target-code-checkout.workflow-run-target-code-checkout)\n - [https://securitylab.github.com/research/github-actions-preventing-pwn-requests/](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)\n - [https://github.com/justinsteven/advisories/blob/master/2021_github_actions_checkspelling_token_leak_via_advice_symlink.md](https://github.com/justinsteven/advisories/blob/master/2021_github_actions_checkspelling_token_leak_via_advice_symlink.md)\n - [https://www.legitsecurity.com/blog/github-privilege-escalation-vulnerability](https://www.legitsecurity.com/blog/github-privilege-escalation-vulnerability)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-rc4",
-              "id": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-rc4",
-              "name": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-rc4",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-913: Improper Control of Dynamically-Managed Code Resources",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2017 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.use_of_weak_crypto.use-of-rc4"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-ecr-repository-wildcard-principal.aws-ecr-repository-wildcard-principal",
+              "name": "terraform.aws.security.aws-ecr-repository-wildcard-principal.aws-ecr-repository-wildcard-principal",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-ecr-repository-wildcard-principal.aws-ecr-repository-wildcard-principal"
               },
-              "fullDescription": {
-                "text": "transferFrom() can steal allowance of other accounts"
+              "full_description": {
+                "text": "Detected wildcard access granted in your ECR repository policy principal. This grants access to all users, including anonymous users (public access). Instead, limit principals, actions and resources to what you need according to least privilege."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-ecr-repository-wildcard-principal.aws-ecr-repository-wildcard-principal",
               "help": {
-                "markdown": "transferFrom() can steal allowance of other accounts\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.redacted-cartel-custom-approval-bug.redacted-cartel-custom-approval-bug)\n - [https://medium.com/immunefi/redacted-cartel-custom-approval-logic-bugfix-review-9b2d039ca2c5](https://medium.com/immunefi/redacted-cartel-custom-approval-logic-bugfix-review-9b2d039ca2c5)\n - [https://etherscan.io/address/0x186E55C0BebD2f69348d94C4A27556d93C5Bd36C](https://etherscan.io/address/0x186E55C0BebD2f69348d94C4A27556d93C5Bd36C)\n",
-                "text": "transferFrom() can steal allowance of other accounts\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected wildcard access granted in your ECR repository policy principal. This grants access to all users, including anonymous users (public access). Instead, limit principals, actions and resources to what you need according to least privilege.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected wildcard access granted in your ECR repository policy principal. This grants access to all users, including anonymous users (public access). Instead, limit principals, actions and resources to what you need according to least privilege.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ecr-repository-wildcard-principal.aws-ecr-repository-wildcard-principal)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy)\n - [https://docs.aws.amazon.com/lambda/latest/operatorguide/wildcard-permissions-iam.html](https://docs.aws.amazon.com/lambda/latest/operatorguide/wildcard-permissions-iam.html)\n - [https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/monitor-amazon-ecr-repositories-for-wildcard-permissions-using-aws-cloudformation-and-aws-config.html](https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/monitor-amazon-ecr-repositories-for-wildcard-permissions-using-aws-cloudformation-and-aws-config.html)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.redacted-cartel-custom-approval-bug.redacted-cartel-custom-approval-bug",
-              "id": "solidity.security.redacted-cartel-custom-approval-bug.redacted-cartel-custom-approval-bug",
-              "name": "solidity.security.redacted-cartel-custom-approval-bug.redacted-cartel-custom-approval-bug",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-688: Function Call With Incorrect Variable or Reference as Argument",
-                  "HIGH CONFIDENCE",
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.redacted-cartel-custom-approval-bug.redacted-cartel-custom-approval-bug"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.requests.security.disabled-cert-validation.disabled-cert-validation",
+              "name": "python.requests.security.disabled-cert-validation.disabled-cert-validation",
+              "short_description": {
+                "text": "Semgrep Finding: python.requests.security.disabled-cert-validation.disabled-cert-validation"
               },
-              "fullDescription": {
-                "text": "Xml Parser is used inside Request Event. Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities"
+              "full_description": {
+                "text": "Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation",
               "help": {
-                "markdown": "Xml Parser is used inside Request Event. Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-xml2json-xxe-event.express-xml2json-xxe-event)\n - [https://www.npmjs.com/package/xml2json](https://www.npmjs.com/package/xml2json)\n",
-                "text": "Xml Parser is used inside Request Event. Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation)\n - [https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib](https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-xml2json-xxe-event.express-xml2json-xxe-event",
-              "id": "javascript.express.security.audit.express-xml2json-xxe-event.express-xml2json-xxe-event",
-              "name": "javascript.express.security.audit.express-xml2json-xxe-event.express-xml2json-xxe-event",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-295: Improper Certificate Validation",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-xml2json-xxe-event.express-xml2json-xxe-event"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.injection.tainted-sql-string.tainted-sql-string",
+              "name": "python.django.security.injection.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.tainted-sql-string.tainted-sql-string"
               },
-              "fullDescription": {
-                "text": "setMultipleAllowances() is missing onlyOwner modifier"
+              "full_description": {
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using the Django object-relational mappers (ORM) instead of raw SQL queries."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "setMultipleAllowances() is missing onlyOwner modifier\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.rigoblock-missing-access-control.rigoblock-missing-access-control)\n - [https://twitter.com/danielvf/status/1494317265835147272](https://twitter.com/danielvf/status/1494317265835147272)\n - [https://etherscan.io/address/0x876b9ebd725d1fa0b879fcee12560a6453b51dc8](https://etherscan.io/address/0x876b9ebd725d1fa0b879fcee12560a6453b51dc8)\n - [https://play.secdim.com/game/dapp/challenge/rigoownsol](https://play.secdim.com/game/dapp/challenge/rigoownsol)\n",
-                "text": "setMultipleAllowances() is missing onlyOwner modifier\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using the Django object-relational mappers (ORM) instead of raw SQL queries.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using the Django object-relational mappers (ORM) instead of raw SQL queries.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection](https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.rigoblock-missing-access-control.rigoblock-missing-access-control",
-              "id": "solidity.security.rigoblock-missing-access-control.rigoblock-missing-access-control",
-              "name": "solidity.security.rigoblock-missing-access-control.rigoblock-missing-access-control",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
-                  "HIGH CONFIDENCE",
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.rigoblock-missing-access-control.rigoblock-missing-access-control"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-expires",
+              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-expires",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-expires"
               },
-              "fullDescription": {
-                "text": "Use $FORM.cleaned_data[] instead of request.POST[] after form.is_valid() has been executed to only access sanitized data"
+              "full_description": {
+                "text": "Default session middleware settings: `expires` not set. Use it to set expiration date for persistent cookies."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-expires",
               "help": {
-                "markdown": "Use $FORM.cleaned_data[] instead of request.POST[] after form.is_valid() has been executed to only access sanitized data\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid)\n - [https://docs.djangoproject.com/en/4.2/ref/forms/api/#accessing-clean-data](https://docs.djangoproject.com/en/4.2/ref/forms/api/#accessing-clean-data)\n",
-                "text": "Use $FORM.cleaned_data[] instead of request.POST[] after form.is_valid() has been executed to only access sanitized data\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Default session middleware settings: `expires` not set. Use it to set expiration date for persistent cookies.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Default session middleware settings: `expires` not set. Use it to set expiration date for persistent cookies.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-expires)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid",
-              "id": "python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid",
-              "name": "python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-20: Improper Input Validation",
+                  "CWE-522: Insufficiently Protected Credentials",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.go.iterate-over-empty-map.iterate-over-empty-map",
+              "name": "trailofbits.go.iterate-over-empty-map.iterate-over-empty-map",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.iterate-over-empty-map.iterate-over-empty-map"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "Iteration over a possibly empty map `$C`. This is likely a bug or redundant code"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.iterate-over-empty-map.iterate-over-empty-map",
               "help": {
-                "markdown": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-setcontent-injection.playwright-setcontent-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Iteration over a possibly empty map `$C`. This is likely a bug or redundant code\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Iteration over a possibly empty map `$C`. This is likely a bug or redundant code\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.iterate-over-empty-map.iterate-over-empty-map)\n - [https://blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/](https://blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-setcontent-injection.playwright-setcontent-injection",
-              "id": "javascript.playwright.security.audit.playwright-setcontent-injection.playwright-setcontent-injection",
-              "name": "javascript.playwright.security.audit.playwright-setcontent-injection.playwright-setcontent-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-665: Improper Initialization",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-setcontent-injection.playwright-setcontent-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.aws-cdk.security.audit.awscdk-bucket-encryption.awscdk-bucket-encryption",
+              "name": "typescript.aws-cdk.security.audit.awscdk-bucket-encryption.awscdk-bucket-encryption",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.aws-cdk.security.audit.awscdk-bucket-encryption.awscdk-bucket-encryption"
               },
-              "fullDescription": {
-                "text": "The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs."
+              "full_description": {
+                "text": "Add \"encryption: $Y.BucketEncryption.KMS_MANAGED\" or \"encryption: $Y.BucketEncryption.S3_MANAGED\" to the bucket props for Bucket construct $X"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-bucket-encryption.awscdk-bucket-encryption",
               "help": {
-                "markdown": "The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.symfony.security.audit.symfony-non-literal-redirect.symfony-non-literal-redirect)\n - [https://symfony.com/doc/current/controller.html#redirecting](https://symfony.com/doc/current/controller.html#redirecting)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)\n",
-                "text": "The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Add \"encryption: $Y.BucketEncryption.KMS_MANAGED\" or \"encryption: $Y.BucketEncryption.S3_MANAGED\" to the bucket props for Bucket construct $X\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Add \"encryption: $Y.BucketEncryption.KMS_MANAGED\" or \"encryption: $Y.BucketEncryption.S3_MANAGED\" to the bucket props for Bucket construct $X\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-bucket-encryption.awscdk-bucket-encryption)\n - [https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html](https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.symfony.security.audit.symfony-non-literal-redirect.symfony-non-literal-redirect",
-              "id": "php.symfony.security.audit.symfony-non-literal-redirect.symfony-non-literal-redirect",
-              "name": "php.symfony.security.audit.symfony-non-literal-redirect.symfony-non-literal-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-311: Missing Encryption of Sensitive Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.symfony.security.audit.symfony-non-literal-redirect.symfony-non-literal-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-stripe-restricted-api-key.detected-stripe-restricted-api-key",
+              "name": "generic.secrets.security.detected-stripe-restricted-api-key.detected-stripe-restricted-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-stripe-restricted-api-key.detected-stripe-restricted-api-key"
               },
-              "fullDescription": {
-                "text": "Pod is sharing the host process ID namespace. When paired with ptrace this can be used to escalate privileges outside of the container. Remove the 'hostPID' key to disable this functionality."
+              "full_description": {
+                "text": "Stripe Restricted API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-stripe-restricted-api-key.detected-stripe-restricted-api-key",
               "help": {
-                "markdown": "Pod is sharing the host process ID namespace. When paired with ptrace this can be used to escalate privileges outside of the container. Remove the 'hostPID' key to disable this functionality.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.hostpid-pod.hostpid-pod)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces)\n",
-                "text": "Pod is sharing the host process ID namespace. When paired with ptrace this can be used to escalate privileges outside of the container. Remove the 'hostPID' key to disable this functionality.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Stripe Restricted API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Stripe Restricted API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-stripe-restricted-api-key.detected-stripe-restricted-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.hostpid-pod.hostpid-pod",
-              "id": "yaml.kubernetes.security.hostpid-pod.hostpid-pod",
-              "name": "yaml.kubernetes.security.hostpid-pod.hostpid-pod",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-269: Improper Privilege Management",
-                  "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.hostpid-pod.hostpid-pod"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.go.missing-runlock-on-rwmutex.missing-runlock-on-rwmutex",
+              "name": "trailofbits.go.missing-runlock-on-rwmutex.missing-runlock-on-rwmutex",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.missing-runlock-on-rwmutex.missing-runlock-on-rwmutex"
               },
-              "fullDescription": {
-                "text": "Call to 'read()' without error checking is susceptible to file descriptor exhaustion. Consider using the 'getrandom()' function."
+              "full_description": {
+                "text": "Missing `RUnlock` on an `RWMutex` (`$T` variable) lock before returning from a function"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.missing-runlock-on-rwmutex.missing-runlock-on-rwmutex",
               "help": {
-                "markdown": "Call to 'read()' without error checking is susceptible to file descriptor exhaustion. Consider using the 'getrandom()' function.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/c.lang.security.random-fd-exhaustion.random-fd-exhaustion)\n - [https://lwn.net/Articles/606141/](https://lwn.net/Articles/606141/)\n",
-                "text": "Call to 'read()' without error checking is susceptible to file descriptor exhaustion. Consider using the 'getrandom()' function.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Missing `RUnlock` on an `RWMutex` (`$T` variable) lock before returning from a function\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Missing `RUnlock` on an `RWMutex` (`$T` variable) lock before returning from a function\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.missing-runlock-on-rwmutex.missing-runlock-on-rwmutex)\n - [https://pkg.go.dev/sync#RWMutex](https://pkg.go.dev/sync#RWMutex)\n - [https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/](https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/c.lang.security.random-fd-exhaustion.random-fd-exhaustion",
-              "id": "c.lang.security.random-fd-exhaustion.random-fd-exhaustion",
-              "name": "c.lang.security.random-fd-exhaustion.random-fd-exhaustion",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-774: Allocation of File Descriptors or Handles Without Limits or Throttling",
+                  "CWE-667: Improper Locking",
                   "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: c.lang.security.random-fd-exhaustion.random-fd-exhaustion"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.dotnet.security.mvc-missing-antiforgery.mvc-missing-antiforgery",
+              "name": "csharp.dotnet.security.mvc-missing-antiforgery.mvc-missing-antiforgery",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.dotnet.security.mvc-missing-antiforgery.mvc-missing-antiforgery"
               },
-              "fullDescription": {
-                "text": "Ensure that IAM policies with permissions on other users don't allow for privilege escalation. This can lead to an attacker gaining full administrator access of AWS accounts. Instead, specify which user the permission should be used on or do not use the listed actions. $RESOURCE"
+              "full_description": {
+                "text": "$METHOD is a state-changing MVC method that does not validate the antiforgery token or do strict content-type checking. State-changing controller methods should either enforce antiforgery tokens or do strict content-type checking to prevent simple HTTP request types from bypassing CORS preflight controls."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.dotnet.security.mvc-missing-antiforgery.mvc-missing-antiforgery",
               "help": {
-                "markdown": "Ensure that IAM policies with permissions on other users don't allow for privilege escalation. This can lead to an attacker gaining full administrator access of AWS accounts. Instead, specify which user the permission should be used on or do not use the listed actions. $RESOURCE\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-other-users.no-iam-priv-esc-other-users)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/](https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/)\n - [https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMPrivilegeEscalation.py](https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMPrivilegeEscalation.py)\n",
-                "text": "Ensure that IAM policies with permissions on other users don't allow for privilege escalation. This can lead to an attacker gaining full administrator access of AWS accounts. Instead, specify which user the permission should be used on or do not use the listed actions. $RESOURCE\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "$METHOD is a state-changing MVC method that does not validate the antiforgery token or do strict content-type checking. State-changing controller methods should either enforce antiforgery tokens or do strict content-type checking to prevent simple HTTP request types from bypassing CORS preflight controls.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "$METHOD is a state-changing MVC method that does not validate the antiforgery token or do strict content-type checking. State-changing controller methods should either enforce antiforgery tokens or do strict content-type checking to prevent simple HTTP request types from bypassing CORS preflight controls.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.mvc-missing-antiforgery.mvc-missing-antiforgery)\n - [https://cheatsheetseries.owasp.org/cheatsheets/DotNet_Security_Cheat_Sheet.html#cross-site-request-forgery](https://cheatsheetseries.owasp.org/cheatsheets/DotNet_Security_Cheat_Sheet.html#cross-site-request-forgery)\n - [https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-other-users.no-iam-priv-esc-other-users",
-              "id": "terraform.lang.security.iam.no-iam-priv-esc-other-users.no-iam-priv-esc-other-users",
-              "name": "terraform.lang.security.iam.no-iam-priv-esc-other-users.no-iam-priv-esc-other-users",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-269: Improper Privilege Management",
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-priv-esc-other-users.no-iam-priv-esc-other-users"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.cryptography.security.insecure-cipher-mode-ecb.insecure-cipher-mode-ecb",
+              "name": "python.cryptography.security.insecure-cipher-mode-ecb.insecure-cipher-mode-ecb",
+              "short_description": {
+                "text": "Semgrep Finding: python.cryptography.security.insecure-cipher-mode-ecb.insecure-cipher-mode-ecb"
               },
-              "fullDescription": {
-                "text": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks."
+              "full_description": {
+                "text": "ECB (Electronic Code Book) is the simplest mode of operation for block ciphers.  Each block of data is encrypted in the same way.  This means identical plaintext blocks will always result in identical ciphertext blocks, which can leave significant patterns in the output. Use a different, cryptographically strong mode instead, such as GCM."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.cryptography.security.insecure-cipher-mode-ecb.insecure-cipher-mode-ecb",
               "help": {
-                "markdown": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.path-traversal-open.path-traversal-open)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n",
-                "text": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "ECB (Electronic Code Book) is the simplest mode of operation for block ciphers.  Each block of data is encrypted in the same way.  This means identical plaintext blocks will always result in identical ciphertext blocks, which can leave significant patterns in the output. Use a different, cryptographically strong mode instead, such as GCM.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "ECB (Electronic Code Book) is the simplest mode of operation for block ciphers.  Each block of data is encrypted in the same way.  This means identical plaintext blocks will always result in identical ciphertext blocks, which can leave significant patterns in the output. Use a different, cryptographically strong mode instead, such as GCM.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-cipher-mode-ecb.insecure-cipher-mode-ecb)\n - [https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#insecure-modes](https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#insecure-modes)\n - [https://crypto.stackexchange.com/questions/20941/why-shouldnt-i-use-ecb-encryption](https://crypto.stackexchange.com/questions/20941/why-shouldnt-i-use-ecb-encryption)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.injection.path-traversal-open.path-traversal-open",
-              "id": "python.flask.security.injection.path-traversal-open.path-traversal-open",
-              "name": "python.flask.security.injection.path-traversal-open.path-traversal-open",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.injection.path-traversal-open.path-traversal-open"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-multiprocess1",
+              "name": "python.lang.compatibility.python37.python37-compatibility-multiprocess1",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-multiprocess1"
               },
-              "fullDescription": {
-                "text": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'ftp://'. Information sent over this connection will be unencrypted. Consider using SFTP instead. urllib does not support SFTP, so consider a library which supports SFTP."
+              "full_description": {
+                "text": "multiprocessing.Process.close() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use join()."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-multiprocess1",
               "help": {
-                "markdown": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'ftp://'. Information sent over this connection will be unencrypted. Consider using SFTP instead. urllib does not support SFTP, so consider a library which supports SFTP.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open-ftp.insecure-openerdirector-open-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.OpenerDirector.open](https://docs.python.org/3/library/urllib.request.html#urllib.request.OpenerDirector.open)\n",
-                "text": "Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'ftp://'. Information sent over this connection will be unencrypted. Consider using SFTP instead. urllib does not support SFTP, so consider a library which supports SFTP.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "multiprocessing.Process.close() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use join().\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "multiprocessing.Process.close() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use join().\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-multiprocess1)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open-ftp.insecure-openerdirector-open-ftp",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open-ftp.insecure-openerdirector-open-ftp",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open-ftp.insecure-openerdirector-open-ftp",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-openerdirector-open-ftp.insecure-openerdirector-open-ftp"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.pycryptodome.security.insecure-cipher-algorithm-rc2.insecure-cipher-algorithm-rc2",
+              "name": "python.pycryptodome.security.insecure-cipher-algorithm-rc2.insecure-cipher-algorithm-rc2",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insecure-cipher-algorithm-rc2.insecure-cipher-algorithm-rc2"
               },
-              "fullDescription": {
-                "text": "Telnet does not encrypt communications. Use SSH instead."
+              "full_description": {
+                "text": "Detected RC2 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-rc2.insecure-cipher-algorithm-rc2",
               "help": {
-                "markdown": "Telnet does not encrypt communications. Use SSH instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.telnetlib.telnetlib)\n - [https://docs.python.org/3/library/telnetlib.html](https://docs.python.org/3/library/telnetlib.html)\n",
-                "text": "Telnet does not encrypt communications. Use SSH instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected RC2 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected RC2 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-rc2.insecure-cipher-algorithm-rc2)\n - [https://cwe.mitre.org/data/definitions/326.html](https://cwe.mitre.org/data/definitions/326.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.telnetlib.telnetlib",
-              "id": "python.lang.security.audit.telnetlib.telnetlib",
-              "name": "python.lang.security.audit.telnetlib.telnetlib",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.telnetlib.telnetlib"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.lang.security.audit.dispatch-ssrf.dispatch-ssrf",
+              "name": "scala.lang.security.audit.dispatch-ssrf.dispatch-ssrf",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.dispatch-ssrf.dispatch-ssrf"
               },
-              "fullDescription": {
-                "text": "Detected an element with disabled HTML escaping. If external data can reach this, this is a cross-site scripting (XSS) vulnerability. Ensure no external data can reach here, or remove 'escape=false' from this element."
+              "full_description": {
+                "text": "A parameter being passed directly into `url` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.dispatch-ssrf.dispatch-ssrf",
               "help": {
-                "markdown": "Detected an element with disabled HTML escaping. If external data can reach this, this is a cross-site scripting (XSS) vulnerability. Ensure no external data can reach here, or remove 'escape=false' from this element.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xss.jsf.autoescape-disabled.autoescape-disabled)\n - [https://stackoverflow.com/a/7442668](https://stackoverflow.com/a/7442668)\n",
-                "text": "Detected an element with disabled HTML escaping. If external data can reach this, this is a cross-site scripting (XSS) vulnerability. Ensure no external data can reach here, or remove 'escape=false' from this element.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A parameter being passed directly into `url` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A parameter being passed directly into `url` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.dispatch-ssrf.dispatch-ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n - [https://dispatchhttp.org/Dispatch.html](https://dispatchhttp.org/Dispatch.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.xss.jsf.autoescape-disabled.autoescape-disabled",
-              "id": "java.lang.security.audit.xss.jsf.autoescape-disabled.autoescape-disabled",
-              "name": "java.lang.security.audit.xss.jsf.autoescape-disabled.autoescape-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.xss.jsf.autoescape-disabled.autoescape-disabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-hockeyapp.detected-hockeyapp",
+              "name": "generic.secrets.security.detected-hockeyapp.detected-hockeyapp",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-hockeyapp.detected-hockeyapp"
               },
-              "fullDescription": {
-                "text": "Checks for requests sent via Apache HTTP Components to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
+              "full_description": {
+                "text": "HockeyApp detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-hockeyapp.detected-hockeyapp",
               "help": {
-                "markdown": "Checks for requests sent via Apache HTTP Components to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.http-components-request.http-components-request)\n - [https://hc.apache.org/httpcomponents-client-ga/quickstart.html](https://hc.apache.org/httpcomponents-client-ga/quickstart.html)\n",
-                "text": "Checks for requests sent via Apache HTTP Components to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "HockeyApp detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "HockeyApp detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-hockeyapp.detected-hockeyapp)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.http-components-request.http-components-request",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.http-components-request.http-components-request",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.http-components-request.http-components-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.http-components-request.http-components-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.kubernetes.security.run-as-non-root.run-as-non-root",
+              "name": "yaml.kubernetes.security.run-as-non-root.run-as-non-root",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.run-as-non-root.run-as-non-root"
               },
-              "fullDescription": {
-                "text": "The function `openssl_decrypt` returns either a string of the decrypted data on success or `false` on failure. If the failure case is not handled, this could lead to undefined behavior in your application. Please handle the case where `openssl_decrypt` returns `false`."
+              "full_description": {
+                "text": "When running containers in Kubernetes, it's important to ensure that they  are properly secured to prevent privilege escalation attacks.  One potential vulnerability is when a container is allowed to run  applications as the root user, which could allow an attacker to gain  access to sensitive resources. To mitigate this risk, it's recommended to  add a `securityContext` to the container, with the parameter `runAsNonRoot`  set to `true`. This will ensure that the container runs as a non-root user,  limiting the damage that could be caused by any potential attacks. By  adding a `securityContext` to the container in your Kubernetes pod, you can  help to ensure that your containerized applications are more secure and  less vulnerable to privilege escalation attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.run-as-non-root.run-as-non-root",
               "help": {
-                "markdown": "The function `openssl_decrypt` returns either a string of the decrypted data on success or `false` on failure. If the failure case is not handled, this could lead to undefined behavior in your application. Please handle the case where `openssl_decrypt` returns `false`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.audit.openssl-decrypt-validate.openssl-decrypt-validate)\n - [https://www.php.net/manual/en/function.openssl-decrypt.php](https://www.php.net/manual/en/function.openssl-decrypt.php)\n",
-                "text": "The function `openssl_decrypt` returns either a string of the decrypted data on success or `false` on failure. If the failure case is not handled, this could lead to undefined behavior in your application. Please handle the case where `openssl_decrypt` returns `false`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "When running containers in Kubernetes, it's important to ensure that they  are properly secured to prevent privilege escalation attacks.  One potential vulnerability is when a container is allowed to run  applications as the root user, which could allow an attacker to gain  access to sensitive resources. To mitigate this risk, it's recommended to  add a `securityContext` to the container, with the parameter `runAsNonRoot`  set to `true`. This will ensure that the container runs as a non-root user,  limiting the damage that could be caused by any potential attacks. By  adding a `securityContext` to the container in your Kubernetes pod, you can  help to ensure that your containerized applications are more secure and  less vulnerable to privilege escalation attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "When running containers in Kubernetes, it's important to ensure that they  are properly secured to prevent privilege escalation attacks.  One potential vulnerability is when a container is allowed to run  applications as the root user, which could allow an attacker to gain  access to sensitive resources. To mitigate this risk, it's recommended to  add a `securityContext` to the container, with the parameter `runAsNonRoot`  set to `true`. This will ensure that the container runs as a non-root user,  limiting the damage that could be caused by any potential attacks. By  adding a `securityContext` to the container in your Kubernetes pod, you can  help to ensure that your containerized applications are more secure and  less vulnerable to privilege escalation attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.run-as-non-root.run-as-non-root)\n - [https://kubernetes.io/blog/2016/08/security-best-practices-kubernetes-deployment/](https://kubernetes.io/blog/2016/08/security-best-practices-kubernetes-deployment/)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/](https://kubernetes.io/docs/concepts/policy/pod-security-policy/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-2-set-a-user](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-2-set-a-user)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.audit.openssl-decrypt-validate.openssl-decrypt-validate",
-              "id": "php.lang.security.audit.openssl-decrypt-validate.openssl-decrypt-validate",
-              "name": "php.lang.security.audit.openssl-decrypt-validate.openssl-decrypt-validate",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-252: Unchecked Return Value",
+                  "CWE-250: Execution with Unnecessary Privileges",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.audit.openssl-decrypt-validate.openssl-decrypt-validate"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-slack-token.detected-slack-token",
+              "name": "generic.secrets.security.detected-slack-token.detected-slack-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-slack-token.detected-slack-token"
               },
-              "fullDescription": {
-                "text": "Checks for requests sent via HttpClient to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
+              "full_description": {
+                "text": "Slack Token detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-slack-token.detected-slack-token",
               "help": {
-                "markdown": "Checks for requests sent via HttpClient to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpclient-http-request.httpclient-http-request)\n - [https://openjdk.java.net/groups/net/httpclient/intro.html](https://openjdk.java.net/groups/net/httpclient/intro.html)\n",
-                "text": "Checks for requests sent via HttpClient to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Slack Token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Slack Token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-slack-token.detected-slack-token)\n - [https://github.com/davidburkitt/python-secret-scanner/blob/335a1f6dab8de59cf39063e57aea39a58951e939/patterns.txt#L58](https://github.com/davidburkitt/python-secret-scanner/blob/335a1f6dab8de59cf39063e57aea39a58951e939/patterns.txt#L58)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpclient-http-request.httpclient-http-request",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.httpclient-http-request.httpclient-http-request",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.httpclient-http-request.httpclient-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.httpclient-http-request.httpclient-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.aws-lambda.security.mysql-sqli.mysql-sqli",
+              "name": "javascript.aws-lambda.security.mysql-sqli.mysql-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.mysql-sqli.mysql-sqli"
               },
-              "fullDescription": {
-                "text": "Detected an insecure transmission channel. 'URLopener.open(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.mysql-sqli.mysql-sqli",
               "help": {
-                "markdown": "Detected an insecure transmission channel. 'URLopener.open(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open-ftp.insecure-urlopener-open-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.open](https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.open)\n",
-                "text": "Detected an insecure transmission channel. 'URLopener.open(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.mysql-sqli.mysql-sqli)\n - [https://www.npmjs.com/package/mysql2](https://www.npmjs.com/package/mysql2)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open-ftp.insecure-urlopener-open-ftp",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open-ftp.insecure-urlopener-open-ftp",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open-ftp.insecure-urlopener-open-ftp",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open-ftp.insecure-urlopener-open-ftp"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration",
+              "name": "javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration"
               },
-              "fullDescription": {
-                "text": "Functions reliant on pickle can result in arbitrary code execution.  Consider loading from `state_dict`, using fickling, or switching to a safer serialization method like ONNX"
+              "full_description": {
+                "text": "The target origin of the window.postMessage() API is set to \"*\". This could allow for information disclosure due to the possibility of any origin allowed to receive the message."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration",
               "help": {
-                "markdown": "Functions reliant on pickle can result in arbitrary code execution.  Consider loading from `state_dict`, using fickling, or switching to a safer serialization method like ONNX\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.pickles-in-pytorch.pickles-in-pytorch)\n - [https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/](https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/)\n",
-                "text": "Functions reliant on pickle can result in arbitrary code execution.  Consider loading from `state_dict`, using fickling, or switching to a safer serialization method like ONNX\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The target origin of the window.postMessage() API is set to \"*\". This could allow for information disclosure due to the possibility of any origin allowed to receive the message.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The target origin of the window.postMessage() API is set to \"*\". This could allow for information disclosure due to the possibility of any origin allowed to receive the message.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.python.pickles-in-pytorch.pickles-in-pytorch",
-              "id": "trailofbits.python.pickles-in-pytorch.pickles-in-pytorch",
-              "name": "trailofbits.python.pickles-in-pytorch.pickles-in-pytorch",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
+                  "CWE-345: Insufficient Verification of Data Authenticity",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.python.pickles-in-pytorch.pickles-in-pytorch"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.divide-by-zero.divide-by-zero",
+              "name": "ruby.lang.security.divide-by-zero.divide-by-zero",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.divide-by-zero.divide-by-zero"
               },
-              "fullDescription": {
-                "text": "The following request $REQUEST.$METHOD() was found to be crafted from user-input `$REQ` which can lead to Server-Side Request Forgery (SSRF) vulnerabilities. It is recommended where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommeneded to follow OWASP best practices to prevent abuse. "
+              "full_description": {
+                "text": "Detected a possible ZeroDivisionError."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.divide-by-zero.divide-by-zero",
               "help": {
-                "markdown": "The following request $REQUEST.$METHOD() was found to be crafted from user-input `$REQ` which can lead to Server-Side Request Forgery (SSRF) vulnerabilities. It is recommended where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommeneded to follow OWASP best practices to prevent abuse. \n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-ssrf.express-ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n",
-                "text": "The following request $REQUEST.$METHOD() was found to be crafted from user-input `$REQ` which can lead to Server-Side Request Forgery (SSRF) vulnerabilities. It is recommended where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommeneded to follow OWASP best practices to prevent abuse. \n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a possible ZeroDivisionError.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a possible ZeroDivisionError.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.divide-by-zero.divide-by-zero)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_divide_by_zero.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_divide_by_zero.rb)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-ssrf.express-ssrf",
-              "id": "javascript.express.security.audit.express-ssrf.express-ssrf",
-              "name": "javascript.express.security.audit.express-ssrf.express-ssrf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-369: Divide By Zero",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-ssrf.express-ssrf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.proxy-storage-collision.proxy-storage-collision",
+              "name": "solidity.security.proxy-storage-collision.proxy-storage-collision",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.proxy-storage-collision.proxy-storage-collision"
               },
-              "fullDescription": {
-                "text": "Detected Blowfish cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead."
+              "full_description": {
+                "text": "Proxy declares a state var that may override a storage slot of the implementation"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/solidity.security.proxy-storage-collision.proxy-storage-collision",
               "help": {
-                "markdown": "Detected Blowfish cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-blowfish.insecure-cipher-algorithm-blowfish)\n - [https://stackoverflow.com/questions/1135186/whats-wrong-with-xor-encryption](https://stackoverflow.com/questions/1135186/whats-wrong-with-xor-encryption)\n",
-                "text": "Detected Blowfish cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Proxy declares a state var that may override a storage slot of the implementation\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Proxy declares a state var that may override a storage slot of the implementation\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.proxy-storage-collision.proxy-storage-collision)\n - [https://blog.audius.co/article/audius-governance-takeover-post-mortem-7-23-22](https://blog.audius.co/article/audius-governance-takeover-post-mortem-7-23-22)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-blowfish.insecure-cipher-algorithm-blowfish",
-              "id": "python.pycryptodome.security.insecure-cipher-algorithm-blowfish.insecure-cipher-algorithm-blowfish",
-              "name": "python.pycryptodome.security.insecure-cipher-algorithm-blowfish.insecure-cipher-algorithm-blowfish",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-787: Out-of-bounds Write",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insecure-cipher-algorithm-blowfish.insecure-cipher-algorithm-blowfish"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.insecure-transport.ftplib.use-ftp-tls.use-ftp-tls",
+              "name": "python.lang.security.audit.insecure-transport.ftplib.use-ftp-tls.use-ftp-tls",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.ftplib.use-ftp-tls.use-ftp-tls"
               },
-              "fullDescription": {
-                "text": "Avoid using 'scanf()'. This function, when used improperly, does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' instead for reading input."
+              "full_description": {
+                "text": "The 'FTP' class sends information unencrypted. Consider using the 'FTP_TLS' class instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.ftplib.use-ftp-tls.use-ftp-tls",
               "help": {
-                "markdown": "Avoid using 'scanf()'. This function, when used improperly, does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' instead for reading input.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/c.lang.security.insecure-use-scanf-fn.insecure-use-scanf-fn)\n - [http://sekrit.de/webdocs/c/beginners-guide-away-from-scanf.html](http://sekrit.de/webdocs/c/beginners-guide-away-from-scanf.html)\n",
-                "text": "Avoid using 'scanf()'. This function, when used improperly, does not consider buffer boundaries and can lead to buffer overflows. Use 'fgets()' instead for reading input.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The 'FTP' class sends information unencrypted. Consider using the 'FTP_TLS' class instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The 'FTP' class sends information unencrypted. Consider using the 'FTP_TLS' class instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.ftplib.use-ftp-tls.use-ftp-tls)\n - [https://docs.python.org/3/library/ftplib.html#ftplib.FTP_TLS](https://docs.python.org/3/library/ftplib.html#ftplib.FTP_TLS)\n"
               },
-              "helpUri": "https://semgrep.dev/r/c.lang.security.insecure-use-scanf-fn.insecure-use-scanf-fn",
-              "id": "c.lang.security.insecure-use-scanf-fn.insecure-use-scanf-fn",
-              "name": "c.lang.security.insecure-use-scanf-fn.insecure-use-scanf-fn",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-676: Use of Potentially Dangerous Function",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: c.lang.security.insecure-use-scanf-fn.insecure-use-scanf-fn"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.java-reverse-shell.java-reverse-shell",
+              "name": "java.lang.security.audit.java-reverse-shell.java-reverse-shell",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.java-reverse-shell.java-reverse-shell"
               },
-              "fullDescription": {
-                "text": "Detected potential code injection using ScriptEngine. Ensure user-controlled data cannot enter '.eval()', otherwise, this is a code injection vulnerability."
+              "full_description": {
+                "text": "Semgrep found potential reverse shell behavior"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.java-reverse-shell.java-reverse-shell",
               "help": {
-                "markdown": "Detected potential code injection using ScriptEngine. Ensure user-controlled data cannot enter '.eval()', otherwise, this is a code injection vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.script-engine-injection.script-engine-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected potential code injection using ScriptEngine. Ensure user-controlled data cannot enter '.eval()', otherwise, this is a code injection vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Semgrep found potential reverse shell behavior\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Semgrep found potential reverse shell behavior\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.java-reverse-shell.java-reverse-shell)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.script-engine-injection.script-engine-injection",
-              "id": "java.lang.security.audit.script-engine-injection.script-engine-injection",
-              "name": "java.lang.security.audit.script-engine-injection.script-engine-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.script-engine-injection.script-engine-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-ebs-snapshot-encrypted-with-cmk.aws-ebs-snapshot-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-ebs-snapshot-encrypted-with-cmk.aws-ebs-snapshot-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-ebs-snapshot-encrypted-with-cmk.aws-ebs-snapshot-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "Detected a request with potential user-input going into a OutputStream or Writer object. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as JavaServer Faces (JSFs) which automatically escapes HTML views."
+              "full_description": {
+                "text": "Ensure EBS Snapshot is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-ebs-snapshot-encrypted-with-cmk.aws-ebs-snapshot-encrypted-with-cmk",
               "help": {
-                "markdown": "Detected a request with potential user-input going into a OutputStream or Writer object. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as JavaServer Faces (JSFs) which automatically escapes HTML views.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xss.no-direct-response-writer.no-direct-response-writer)\n - [https://www3.ntu.edu.sg/home/ehchua/programming/java/JavaServerFaces.html](https://www3.ntu.edu.sg/home/ehchua/programming/java/JavaServerFaces.html)\n",
-                "text": "Detected a request with potential user-input going into a OutputStream or Writer object. This bypasses any view or template environments, including HTML escaping, which may expose this application to cross-site scripting (XSS) vulnerabilities. Consider using a view technology such as JavaServer Faces (JSFs) which automatically escapes HTML views.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure EBS Snapshot is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure EBS Snapshot is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ebs-snapshot-encrypted-with-cmk.aws-ebs-snapshot-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.xss.no-direct-response-writer.no-direct-response-writer",
-              "id": "java.lang.security.audit.xss.no-direct-response-writer.no-direct-response-writer",
-              "name": "java.lang.security.audit.xss.no-direct-response-writer.no-direct-response-writer",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.xss.no-direct-response-writer.no-direct-response-writer"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.audit.app-run-security-config.avoid_using_app_run_directly",
+              "name": "python.flask.security.audit.app-run-security-config.avoid_using_app_run_directly",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.app-run-security-config.avoid_using_app_run_directly"
               },
-              "fullDescription": {
-                "text": "Default session middleware settings: `httpOnly` not set. It ensures the cookie is sent only over HTTP(S), not client JavaScript, helping to protect against cross-site scripting attacks."
+              "full_description": {
+                "text": "top-level app.run(...) is ignored by flask. Consider putting app.run(...) behind a guard, like inside a function"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.app-run-security-config.avoid_using_app_run_directly",
               "help": {
-                "markdown": "Default session middleware settings: `httpOnly` not set. It ensures the cookie is sent only over HTTP(S), not client JavaScript, helping to protect against cross-site scripting attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-httponly)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Default session middleware settings: `httpOnly` not set. It ensures the cookie is sent only over HTTP(S), not client JavaScript, helping to protect against cross-site scripting attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "top-level app.run(...) is ignored by flask. Consider putting app.run(...) behind a guard, like inside a function\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "top-level app.run(...) is ignored by flask. Consider putting app.run(...) behind a guard, like inside a function\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.app-run-security-config.avoid_using_app_run_directly)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-httponly",
-              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-httponly",
-              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-httponly",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
+                  "CWE-668: Exposure of Resource to Wrong Sphere",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-httponly"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute",
+              "name": "python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute"
               },
-              "fullDescription": {
-                "text": "Detected non-static command inside exec.Cmd. Audit the input to 'exec.Cmd'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              "full_description": {
+                "text": "User-controlled data from a request is passed to 'execute()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute",
               "help": {
-                "markdown": "Detected non-static command inside exec.Cmd. Audit the input to 'exec.Cmd'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.dangerous-exec-cmd.dangerous-exec-cmd)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected non-static command inside exec.Cmd. Audit the input to 'exec.Cmd'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User-controlled data from a request is passed to 'execute()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User-controlled data from a request is passed to 'execute()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute)\n - [https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection](https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.dangerous-exec-cmd.dangerous-exec-cmd",
-              "id": "go.lang.security.audit.dangerous-exec-cmd.dangerous-exec-cmd",
-              "name": "go.lang.security.audit.dangerous-exec-cmd.dangerous-exec-cmd",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.dangerous-exec-cmd.dangerous-exec-cmd"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.ad.jwt-tokenvalidationparameters-no-expiry-validation.jwt-tokenvalidationparameters-no-expiry-validation",
+              "name": "csharp.lang.security.ad.jwt-tokenvalidationparameters-no-expiry-validation.jwt-tokenvalidationparameters-no-expiry-validation",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.ad.jwt-tokenvalidationparameters-no-expiry-validation.jwt-tokenvalidationparameters-no-expiry-validation"
               },
-              "fullDescription": {
-                "text": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload."
+              "full_description": {
+                "text": "The TokenValidationParameters.$LIFETIME is set to $FALSE, this means the JWT tokens lifetime is not validated. This can lead to an JWT token being used after it has expired, which has security implications. It is recommended to validate the JWT lifetime to ensure only valid tokens are used."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.ad.jwt-tokenvalidationparameters-no-expiry-validation.jwt-tokenvalidationparameters-no-expiry-validation",
               "help": {
-                "markdown": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jsonwebtoken.security.audit.jwt-exposed-data.jwt-exposed-data)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The TokenValidationParameters.$LIFETIME is set to $FALSE, this means the JWT tokens lifetime is not validated. This can lead to an JWT token being used after it has expired, which has security implications. It is recommended to validate the JWT lifetime to ensure only valid tokens are used.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The TokenValidationParameters.$LIFETIME is set to $FALSE, this means the JWT tokens lifetime is not validated. This can lead to an JWT token being used after it has expired, which has security implications. It is recommended to validate the JWT lifetime to ensure only valid tokens are used.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.ad.jwt-tokenvalidationparameters-no-expiry-validation.jwt-tokenvalidationparameters-no-expiry-validation)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/)\n - [https://cwe.mitre.org/data/definitions/613.html](https://cwe.mitre.org/data/definitions/613.html)\n - [https://docs.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.tokens.tokenvalidationparameters?view=azure-dotnet](https://docs.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.tokens.tokenvalidationparameters?view=azure-dotnet)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.jsonwebtoken.security.audit.jwt-exposed-data.jwt-exposed-data",
-              "id": "javascript.jsonwebtoken.security.audit.jwt-exposed-data.jwt-exposed-data",
-              "name": "javascript.jsonwebtoken.security.audit.jwt-exposed-data.jwt-exposed-data",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "LOW CONFIDENCE",
+                  "CWE-613: Insufficient Session Expiration",
+                  "HIGH CONFIDENCE",
                   "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.jsonwebtoken.security.audit.jwt-exposed-data.jwt-exposed-data"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.kubernetes.security.allow-privilege-escalation.allow-privilege-escalation",
+              "name": "yaml.kubernetes.security.allow-privilege-escalation.allow-privilege-escalation",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.allow-privilege-escalation.allow-privilege-escalation"
               },
-              "fullDescription": {
-                "text": "Using a .NET remoting service can lead to RCE, even if you try to configure TypeFilterLevel. Recommended to switch from .NET Remoting to WCF https://docs.microsoft.com/en-us/dotnet/framework/wcf/migrating-from-net-remoting-to-wcf"
+              "full_description": {
+                "text": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding the `allowPrivilegeEscalation` parameter to your the `securityContext`, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation.allow-privilege-escalation",
               "help": {
-                "markdown": "Using a .NET remoting service can lead to RCE, even if you try to configure TypeFilterLevel. Recommended to switch from .NET Remoting to WCF https://docs.microsoft.com/en-us/dotnet/framework/wcf/migrating-from-net-remoting-to-wcf\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.insecure-typefilterlevel-full.insecure-typefilterlevel-full)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.formatters.typefilterlevel?view=net-6.0](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.formatters.typefilterlevel?view=net-6.0)\n - [https://www.synacktiv.com/en/publications/izi-izi-pwn2own-ics-miami.html](https://www.synacktiv.com/en/publications/izi-izi-pwn2own-ics-miami.html)\n",
-                "text": "Using a .NET remoting service can lead to RCE, even if you try to configure TypeFilterLevel. Recommended to switch from .NET Remoting to WCF https://docs.microsoft.com/en-us/dotnet/framework/wcf/migrating-from-net-remoting-to-wcf\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding the `allowPrivilegeEscalation` parameter to your the `securityContext`, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding the `allowPrivilegeEscalation` parameter to your the `securityContext`, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation.allow-privilege-escalation)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n - [https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.insecure-typefilterlevel-full.insecure-typefilterlevel-full",
-              "id": "csharp.lang.security.insecure-deserialization.insecure-typefilterlevel-full.insecure-typefilterlevel-full",
-              "name": "csharp.lang.security.insecure-deserialization.insecure-typefilterlevel-full.insecure-typefilterlevel-full",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.insecure-typefilterlevel-full.insecure-typefilterlevel-full"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.crypto.gcm-nonce-reuse.gcm-nonce-reuse",
+              "name": "java.lang.security.audit.crypto.gcm-nonce-reuse.gcm-nonce-reuse",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.gcm-nonce-reuse.gcm-nonce-reuse"
               },
-              "fullDescription": {
-                "text": "Do not call 'extract()' on user-controllable data. If you must, then you must also provide the EXTR_SKIP flag to prevent overwriting existing variables."
+              "full_description": {
+                "text": "GCM IV/nonce is reused: encryption can be totally useless"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.gcm-nonce-reuse.gcm-nonce-reuse",
               "help": {
-                "markdown": "Do not call 'extract()' on user-controllable data. If you must, then you must also provide the EXTR_SKIP flag to prevent overwriting existing variables.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.deserialization.extract-user-data)\n - [https://www.php.net/manual/en/function.extract.php#refsect1-function.extract-notes](https://www.php.net/manual/en/function.extract.php#refsect1-function.extract-notes)\n",
-                "text": "Do not call 'extract()' on user-controllable data. If you must, then you must also provide the EXTR_SKIP flag to prevent overwriting existing variables.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "GCM IV/nonce is reused: encryption can be totally useless\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "GCM IV/nonce is reused: encryption can be totally useless\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.gcm-nonce-reuse.gcm-nonce-reuse)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.deserialization.extract-user-data",
-              "id": "php.lang.security.deserialization.extract-user-data",
-              "name": "php.lang.security.deserialization.extract-user-data",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-323: Reusing a Nonce, Key Pair in Encryption",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.deserialization.extract-user-data"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.brakeman.check-unsafe-reflection.check-unsafe-reflection",
+              "name": "ruby.rails.security.brakeman.check-unsafe-reflection.check-unsafe-reflection",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-unsafe-reflection.check-unsafe-reflection"
               },
-              "fullDescription": {
-                "text": "Detected ARC4 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead."
+              "full_description": {
+                "text": "Found user-controllable input to Ruby reflection functionality. This allows a remote user to influence runtime behavior, up to and including arbitrary remote code execution. Do not provide user-controllable input to reflection functionality. Do not call symbol conversion on user-controllable input."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-unsafe-reflection.check-unsafe-reflection",
               "help": {
-                "markdown": "Detected ARC4 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-rc4.insecure-cipher-algorithm-rc4)\n - [https://cwe.mitre.org/data/definitions/326.html](https://cwe.mitre.org/data/definitions/326.html)\n",
-                "text": "Detected ARC4 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user-controllable input to Ruby reflection functionality. This allows a remote user to influence runtime behavior, up to and including arbitrary remote code execution. Do not provide user-controllable input to reflection functionality. Do not call symbol conversion on user-controllable input.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user-controllable input to Ruby reflection functionality. This allows a remote user to influence runtime behavior, up to and including arbitrary remote code execution. Do not provide user-controllable input to reflection functionality. Do not call symbol conversion on user-controllable input.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-unsafe-reflection.check-unsafe-reflection)\n - [https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails2/app/controllers/application_controller.rb](https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails2/app/controllers/application_controller.rb)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-rc4.insecure-cipher-algorithm-rc4",
-              "id": "python.pycryptodome.security.insecure-cipher-algorithm-rc4.insecure-cipher-algorithm-rc4",
-              "name": "python.pycryptodome.security.insecure-cipher-algorithm-rc4.insecure-cipher-algorithm-rc4",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insecure-cipher-algorithm-rc4.insecure-cipher-algorithm-rc4"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-path",
+              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-path",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-path"
               },
-              "fullDescription": {
-                "text": "Parameter \"from\" is checked at incorrect position in \"_allowances\" mapping"
+              "full_description": {
+                "text": "Default session middleware settings: `path` not set. It indicates the path of the cookie; use it to compare against the request path. If this and domain match, then send the cookie in the request."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-path",
               "help": {
-                "markdown": "Parameter \"from\" is checked at incorrect position in \"_allowances\" mapping\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.tecra-coin-burnfrom-bug.tecra-coin-burnfrom-bug)\n - [https://twitter.com/Mauricio_0218/status/1490082073096462340](https://twitter.com/Mauricio_0218/status/1490082073096462340)\n - [https://etherscan.io/address/0xe38b72d6595fd3885d1d2f770aa23e94757f91a1](https://etherscan.io/address/0xe38b72d6595fd3885d1d2f770aa23e94757f91a1)\n",
-                "text": "Parameter \"from\" is checked at incorrect position in \"_allowances\" mapping\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Default session middleware settings: `path` not set. It indicates the path of the cookie; use it to compare against the request path. If this and domain match, then send the cookie in the request.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Default session middleware settings: `path` not set. It indicates the path of the cookie; use it to compare against the request path. If this and domain match, then send the cookie in the request.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-path)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.tecra-coin-burnfrom-bug.tecra-coin-burnfrom-bug",
-              "id": "solidity.security.tecra-coin-burnfrom-bug.tecra-coin-burnfrom-bug",
-              "name": "solidity.security.tecra-coin-burnfrom-bug.tecra-coin-burnfrom-bug",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-688: Function Call With Incorrect Variable or Reference as Argument",
+                  "CWE-522: Insufficiently Protected Credentials",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.tecra-coin-burnfrom-bug.tecra-coin-burnfrom-bug"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.spawn-shell-true.spawn-shell-true",
+              "name": "javascript.lang.security.audit.spawn-shell-true.spawn-shell-true",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.spawn-shell-true.spawn-shell-true"
               },
-              "fullDescription": {
-                "text": "Hardcoded password is used as a default argument to '$FUNC'. This could be dangerous if a real password is not supplied."
+              "full_description": {
+                "text": "Found '$SPAWN' with '{shell: $SHELL}'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use '{shell: false}' instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.spawn-shell-true.spawn-shell-true",
               "help": {
-                "markdown": "Hardcoded password is used as a default argument to '$FUNC'. This could be dangerous if a real password is not supplied.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Hardcoded password is used as a default argument to '$FUNC'. This could be dangerous if a real password is not supplied.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found '$SPAWN' with '{shell: $SHELL}'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use '{shell: false}' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found '$SPAWN' with '{shell: $SHELL}'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use '{shell: false}' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.spawn-shell-true.spawn-shell-true)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument",
-              "id": "python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument",
-              "name": "python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.tainted-xpath-from-http-request.tainted-xpath-from-http-request",
+              "name": "java.lang.security.audit.tainted-xpath-from-http-request.tainted-xpath-from-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.tainted-xpath-from-http-request.tainted-xpath-from-http-request"
               },
-              "fullDescription": {
-                "text": "An HTTP redirect was found to be crafted from user-input `$REQUEST`. This can lead to open redirect vulnerabilities, potentially allowing attackers to redirect users to malicious web sites. It is recommend where possible to not allow user-input to craft the redirect URL. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to restrict the URL to domains in an allowlist."
+              "full_description": {
+                "text": "Detected input from a HTTPServletRequest going into a XPath evaluate or compile command. This could lead to xpath injection if variables passed into the evaluate or compile commands are not properly sanitized. Xpath injection could lead to unauthorized access to sensitive information in XML documents. Instead, thoroughly sanitize user input or use parameterized xpath queries if you can."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.tainted-xpath-from-http-request.tainted-xpath-from-http-request",
               "help": {
-                "markdown": "An HTTP redirect was found to be crafted from user-input `$REQUEST`. This can lead to open redirect vulnerabilities, potentially allowing attackers to redirect users to malicious web sites. It is recommend where possible to not allow user-input to craft the redirect URL. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to restrict the URL to domains in an allowlist.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.injection.open-redirect.open-redirect)\n - [https://knowledge-base.secureflag.com/vulnerabilities/unvalidated_redirects___forwards/open_redirect_go_lang.html](https://knowledge-base.secureflag.com/vulnerabilities/unvalidated_redirects___forwards/open_redirect_go_lang.html)\n",
-                "text": "An HTTP redirect was found to be crafted from user-input `$REQUEST`. This can lead to open redirect vulnerabilities, potentially allowing attackers to redirect users to malicious web sites. It is recommend where possible to not allow user-input to craft the redirect URL. When user-input is necessary to craft the request, it is recommended to follow OWASP best practices to restrict the URL to domains in an allowlist.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected input from a HTTPServletRequest going into a XPath evaluate or compile command. This could lead to xpath injection if variables passed into the evaluate or compile commands are not properly sanitized. Xpath injection could lead to unauthorized access to sensitive information in XML documents. Instead, thoroughly sanitize user input or use parameterized xpath queries if you can.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected input from a HTTPServletRequest going into a XPath evaluate or compile command. This could lead to xpath injection if variables passed into the evaluate or compile commands are not properly sanitized. Xpath injection could lead to unauthorized access to sensitive information in XML documents. Instead, thoroughly sanitize user input or use parameterized xpath queries if you can.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.tainted-xpath-from-http-request.tainted-xpath-from-http-request)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.injection.open-redirect.open-redirect",
-              "id": "go.lang.security.injection.open-redirect.open-redirect",
-              "name": "go.lang.security.injection.open-redirect.open-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
-                  "HIGH CONFIDENCE",
+                  "CWE-643: Improper Neutralization of Data within XPath Expressions ('XPath Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.injection.open-redirect.open-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.xss.import-text-template.import-text-template",
+              "name": "go.lang.security.audit.xss.import-text-template.import-text-template",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.xss.import-text-template.import-text-template"
               },
-              "fullDescription": {
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              "full_description": {
+                "text": "When working with web applications that involve rendering user-generated  content, it's important to properly escape any HTML content to prevent  Cross-Site Scripting (XSS) attacks. In Go, the `text/template` package does  not automatically escape HTML content, which can leave your application  vulnerable to these types of attacks. To mitigate this risk, it's  recommended to use the `html/template` package instead, which provides  built-in functionality for HTML escaping. By using `html/template` to render  your HTML content, you can help to ensure that your web application is more  secure and less susceptible to XSS vulnerabilities."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.xss.import-text-template.import-text-template",
               "help": {
-                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.jpa-sqli.jpa-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "When working with web applications that involve rendering user-generated  content, it's important to properly escape any HTML content to prevent  Cross-Site Scripting (XSS) attacks. In Go, the `text/template` package does  not automatically escape HTML content, which can leave your application  vulnerable to these types of attacks. To mitigate this risk, it's  recommended to use the `html/template` package instead, which provides  built-in functionality for HTML escaping. By using `html/template` to render  your HTML content, you can help to ensure that your web application is more  secure and less susceptible to XSS vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "When working with web applications that involve rendering user-generated  content, it's important to properly escape any HTML content to prevent  Cross-Site Scripting (XSS) attacks. In Go, the `text/template` package does  not automatically escape HTML content, which can leave your application  vulnerable to these types of attacks. To mitigate this risk, it's  recommended to use the `html/template` package instead, which provides  built-in functionality for HTML escaping. By using `html/template` to render  your HTML content, you can help to ensure that your web application is more  secure and less susceptible to XSS vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.import-text-template.import-text-template)\n - [https://www.veracode.com/blog/secure-development/use-golang-these-mistakes-could-compromise-your-apps-security](https://www.veracode.com/blog/secure-development/use-golang-these-mistakes-could-compromise-your-apps-security)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.sqli.jpa-sqli.jpa-sqli",
-              "id": "java.lang.security.audit.sqli.jpa-sqli.jpa-sqli",
-              "name": "java.lang.security.audit.sqli.jpa-sqli.jpa-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.sqli.jpa-sqli.jpa-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.thenify.security.audit.multiargs-code-execution.multiargs-code-execution",
+              "name": "javascript.thenify.security.audit.multiargs-code-execution.multiargs-code-execution",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.thenify.security.audit.multiargs-code-execution.multiargs-code-execution"
               },
-              "fullDescription": {
-                "text": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk."
+              "full_description": {
+                "text": "Potential arbitrary code execution, piped to eval"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.thenify.security.audit.multiargs-code-execution.multiargs-code-execution",
               "help": {
-                "markdown": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-exposed-chrome-devtools.puppeteer-exposed-chrome-devtools)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Potential arbitrary code execution, piped to eval\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Potential arbitrary code execution, piped to eval\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.thenify.security.audit.multiargs-code-execution.multiargs-code-execution)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-exposed-chrome-devtools.puppeteer-exposed-chrome-devtools",
-              "id": "javascript.puppeteer.security.audit.puppeteer-exposed-chrome-devtools.puppeteer-exposed-chrome-devtools",
-              "name": "javascript.puppeteer.security.audit.puppeteer-exposed-chrome-devtools.puppeteer-exposed-chrome-devtools",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -20820,409 +21810,482 @@
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.puppeteer.security.audit.puppeteer-exposed-chrome-devtools.puppeteer-exposed-chrome-devtools"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.unprotected-mass-assign.mass-assignment-vuln",
+              "name": "ruby.lang.security.unprotected-mass-assign.mass-assignment-vuln",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.unprotected-mass-assign.mass-assignment-vuln"
               },
-              "fullDescription": {
-                "text": "Hardcoded variable `ENV` detected. Set this by using FLASK_ENV environment variable"
+              "full_description": {
+                "text": "Checks for calls to without_protection during mass assignment (which allows record creation from hash values). This can lead to users bypassing permissions protections. For Rails 4 and higher, mass protection is on by default. Fix: Don't use :without_protection => true. Instead, configure attr_accessible to control attribute access."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.unprotected-mass-assign.mass-assignment-vuln",
               "help": {
-                "markdown": "Hardcoded variable `ENV` detected. Set this by using FLASK_ENV environment variable\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_ENV)\n - [https://bento.dev/checks/flask/avoid-hardcoded-config/](https://bento.dev/checks/flask/avoid-hardcoded-config/)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features)\n",
-                "text": "Hardcoded variable `ENV` detected. Set this by using FLASK_ENV environment variable\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for calls to without_protection during mass assignment (which allows record creation from hash values). This can lead to users bypassing permissions protections. For Rails 4 and higher, mass protection is on by default. Fix: Don't use :without_protection => true. Instead, configure attr_accessible to control attribute access.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for calls to without_protection during mass assignment (which allows record creation from hash values). This can lead to users bypassing permissions protections. For Rails 4 and higher, mass protection is on by default. Fix: Don't use :without_protection => true. Instead, configure attr_accessible to control attribute access.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.unprotected-mass-assign.mass-assignment-vuln)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_without_protection.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_without_protection.rb)\n - [https://www.acunetix.com/vulnerabilities/web/rails-mass-assignment/](https://www.acunetix.com/vulnerabilities/web/rails-mass-assignment/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_ENV",
-              "id": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_ENV",
-              "name": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_ENV",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-489: Active Debug Code",
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_ENV"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.aws-cdk.security.awscdk-codebuild-project-public.awscdk-codebuild-project-public",
+              "name": "typescript.aws-cdk.security.awscdk-codebuild-project-public.awscdk-codebuild-project-public",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.aws-cdk.security.awscdk-codebuild-project-public.awscdk-codebuild-project-public"
               },
-              "fullDescription": {
-                "text": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs."
+              "full_description": {
+                "text": "CodeBuild Project $X is set to have a public URL. This will make the build results, logs, artifacts publically accessible, including builds prior to the project being public. Ensure this is acceptable for the project."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/typescript.aws-cdk.security.awscdk-codebuild-project-public.awscdk-codebuild-project-public",
               "help": {
-                "markdown": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.http-request.http-request)\n - [https://nodejs.org/api/http.html#http_http_request_options_callback](https://nodejs.org/api/http.html#http_http_request_options_callback)\n",
-                "text": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "CodeBuild Project $X is set to have a public URL. This will make the build results, logs, artifacts publically accessible, including builds prior to the project being public. Ensure this is acceptable for the project.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "CodeBuild Project $X is set to have a public URL. This will make the build results, logs, artifacts publically accessible, including builds prior to the project being public. Ensure this is acceptable for the project.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.aws-cdk.security.awscdk-codebuild-project-public.awscdk-codebuild-project-public)\n - [https://docs.aws.amazon.com/codebuild/latest/userguide/public-builds.html](https://docs.aws.amazon.com/codebuild/latest/userguide/public-builds.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.http-request.http-request",
-              "id": "problem-based-packs.insecure-transport.js-node.http-request.http-request",
-              "name": "problem-based-packs.insecure-transport.js-node.http-request.http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-306: Missing Authentication for Critical Function",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.http-request.http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.use-of-default-aes.use-of-default-aes",
+              "name": "java.lang.security.audit.crypto.use-of-default-aes.use-of-default-aes",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-default-aes.use-of-default-aes"
               },
-              "fullDescription": {
-                "text": "Detected Flask app with debug=True. Do not deploy to production with this flag enabled as it will leak sensitive information. Instead, consider using Flask configuration variables or setting 'debug' using system environment variables."
+              "full_description": {
+                "text": "Use of AES with no settings detected. By default, java.crypto.Cipher uses ECB mode. ECB doesn't  provide message confidentiality and is not semantically secure so should not be used. Instead, use a strong, secure cipher: java.crypto.Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-default-aes.use-of-default-aes",
               "help": {
-                "markdown": "Detected Flask app with debug=True. Do not deploy to production with this flag enabled as it will leak sensitive information. Instead, consider using Flask configuration variables or setting 'debug' using system environment variables.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.debug-enabled.debug-enabled)\n - [https://labs.detectify.com/2015/10/02/how-patreon-got-hacked-publicly-exposed-werkzeug-debugger/](https://labs.detectify.com/2015/10/02/how-patreon-got-hacked-publicly-exposed-werkzeug-debugger/)\n",
-                "text": "Detected Flask app with debug=True. Do not deploy to production with this flag enabled as it will leak sensitive information. Instead, consider using Flask configuration variables or setting 'debug' using system environment variables.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Use of AES with no settings detected. By default, java.crypto.Cipher uses ECB mode. ECB doesn't  provide message confidentiality and is not semantically secure so should not be used. Instead, use a strong, secure cipher: java.crypto.Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use of AES with no settings detected. By default, java.crypto.Cipher uses ECB mode. ECB doesn't  provide message confidentiality and is not semantically secure so should not be used. Instead, use a strong, secure cipher: java.crypto.Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-default-aes.use-of-default-aes)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n - [https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html](https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.debug-enabled.debug-enabled",
-              "id": "python.flask.security.audit.debug-enabled.debug-enabled",
-              "name": "python.flask.security.audit.debug-enabled.debug-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-489: Active Debug Code",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "HIGH CONFIDENCE",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.debug-enabled.debug-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.play.security.webservice-ssrf.webservice-ssrf",
+              "name": "scala.play.security.webservice-ssrf.webservice-ssrf",
+              "short_description": {
+                "text": "Semgrep Finding: scala.play.security.webservice-ssrf.webservice-ssrf"
               },
-              "fullDescription": {
-                "text": "Service '$SERVICE' is explicitly disabling SELinux separation. This runs the service as an unconfined type. Remove 'label:disable' to prevent this."
+              "full_description": {
+                "text": "A parameter being passed directly into `WSClient` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/scala.play.security.webservice-ssrf.webservice-ssrf",
               "help": {
-                "markdown": "Service '$SERVICE' is explicitly disabling SELinux separation. This runs the service as an unconfined type. Remove 'label:disable' to prevent this.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.selinux-separation-disabled.selinux-separation-disabled)\n - [https://www.projectatomic.io/blog/2016/03/dwalsh_selinux_containers/](https://www.projectatomic.io/blog/2016/03/dwalsh_selinux_containers/)\n - [https://docs.docker.com/engine/reference/run/#security-configuration](https://docs.docker.com/engine/reference/run/#security-configuration)\n",
-                "text": "Service '$SERVICE' is explicitly disabling SELinux separation. This runs the service as an unconfined type. Remove 'label:disable' to prevent this.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A parameter being passed directly into `WSClient` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A parameter being passed directly into `WSClient` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.play.security.webservice-ssrf.webservice-ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n - [https://www.playframework.com/documentation/2.8.x/ScalaWS](https://www.playframework.com/documentation/2.8.x/ScalaWS)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.docker-compose.security.selinux-separation-disabled.selinux-separation-disabled",
-              "id": "yaml.docker-compose.security.selinux-separation-disabled.selinux-separation-disabled",
-              "name": "yaml.docker-compose.security.selinux-separation-disabled.selinux-separation-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.docker-compose.security.selinux-separation-disabled.selinux-separation-disabled"
               }
             },
             {
-              "defaultConfiguration": {
+              "id": "go.aws-lambda.security.database-sqli.database-sqli",
+              "name": "go.aws-lambda.security.database-sqli.database-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: go.aws-lambda.security.database-sqli.database-sqli"
+              },
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls."
+              },
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "Using CBC with PKCS5Padding is susceptible to padding oracle attacks. A malicious actor could discern the difference between plaintext with valid or invalid padding. Further, CBC mode does not include any integrity checks. Use 'AES/GCM/NoPadding' instead."
+              "help_uri": "https://semgrep.dev/r/go.aws-lambda.security.database-sqli.database-sqli",
+              "help": {
+                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.aws-lambda.security.database-sqli.database-sqli)\n - [https://pkg.go.dev/database/sql#DB.Query](https://pkg.go.dev/database/sql#DB.Query)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
+              }
+            },
+            {
+              "id": "python.cryptography.security.insecure-cipher-algorithms-arc4.insecure-cipher-algorithm-arc4",
+              "name": "python.cryptography.security.insecure-cipher-algorithms-arc4.insecure-cipher-algorithm-arc4",
+              "short_description": {
+                "text": "Semgrep Finding: python.cryptography.security.insecure-cipher-algorithms-arc4.insecure-cipher-algorithm-arc4"
+              },
+              "full_description": {
+                "text": "ARC4 (Alleged RC4) is a stream cipher with serious weaknesses in its initial stream output.  Its use is strongly discouraged. ARC4 does not use mode constructions. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use the `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms-arc4.insecure-cipher-algorithm-arc4",
               "help": {
-                "markdown": "Using CBC with PKCS5Padding is susceptible to padding oracle attacks. A malicious actor could discern the difference between plaintext with valid or invalid padding. Further, CBC mode does not include any integrity checks. Use 'AES/GCM/NoPadding' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle)\n - [https://capec.mitre.org/data/definitions/463.html](https://capec.mitre.org/data/definitions/463.html)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#cipher-modes](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#cipher-modes)\n - [https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY](https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY)\n",
-                "text": "Using CBC with PKCS5Padding is susceptible to padding oracle attacks. A malicious actor could discern the difference between plaintext with valid or invalid padding. Further, CBC mode does not include any integrity checks. Use 'AES/GCM/NoPadding' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "ARC4 (Alleged RC4) is a stream cipher with serious weaknesses in its initial stream output.  Its use is strongly discouraged. ARC4 does not use mode constructions. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use the `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "ARC4 (Alleged RC4) is a stream cipher with serious weaknesses in its initial stream output.  Its use is strongly discouraged. ARC4 does not use mode constructions. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use the `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms-arc4.insecure-cipher-algorithm-arc4)\n - [https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#weak-ciphers](https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#weak-ciphers)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle",
-              "id": "java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle",
-              "name": "java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert",
+              "name": "javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert"
               },
-              "fullDescription": {
-                "text": "Found an insecure gRPC connection using 'grpc.WithInsecure()'. This creates a connection without encryption to a gRPC server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Instead, establish a secure connection with an SSL certificate using the 'grpc.WithTransportCredentials()' function. You can create a create credentials using a 'tls.Config{}' struct with 'credentials.NewTLS()'. The final fix looks like this: 'grpc.WithTransportCredentials(credentials.NewTLS(<config>))'."
+              "full_description": {
+                "text": "Detected usage of noassert in Buffer API, which allows the offset the be beyond the end of the buffer. This could result in writing or reading beyond the end of the buffer."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert",
               "help": {
-                "markdown": "Found an insecure gRPC connection using 'grpc.WithInsecure()'. This creates a connection without encryption to a gRPC server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Instead, establish a secure connection with an SSL certificate using the 'grpc.WithTransportCredentials()' function. You can create a create credentials using a 'tls.Config{}' struct with 'credentials.NewTLS()'. The final fix looks like this: 'grpc.WithTransportCredentials(credentials.NewTLS(<config>))'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.grpc.security.grpc-client-insecure-connection.grpc-client-insecure-connection)\n - [https://blog.gopheracademy.com/advent-2019/go-grps-and-tls/#connection-without-encryption](https://blog.gopheracademy.com/advent-2019/go-grps-and-tls/#connection-without-encryption)\n",
-                "text": "Found an insecure gRPC connection using 'grpc.WithInsecure()'. This creates a connection without encryption to a gRPC server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Instead, establish a secure connection with an SSL certificate using the 'grpc.WithTransportCredentials()' function. You can create a create credentials using a 'tls.Config{}' struct with 'credentials.NewTLS()'. The final fix looks like this: 'grpc.WithTransportCredentials(credentials.NewTLS(<config>))'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected usage of noassert in Buffer API, which allows the offset the be beyond the end of the buffer. This could result in writing or reading beyond the end of the buffer.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected usage of noassert in Buffer API, which allows the offset the be beyond the end of the buffer. This could result in writing or reading beyond the end of the buffer.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert)\n - [https://cwe.mitre.org/data/definitions/119.html](https://cwe.mitre.org/data/definitions/119.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.grpc.security.grpc-client-insecure-connection.grpc-client-insecure-connection",
-              "id": "go.grpc.security.grpc-client-insecure-connection.grpc-client-insecure-connection",
-              "name": "go.grpc.security.grpc-client-insecure-connection.grpc-client-insecure-connection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-300: Channel Accessible by Non-Endpoint",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
+                  "LOW CONFIDENCE",
                   "security"
                 ]
+              }
+            },
+            {
+              "id": "dockerfile.security.missing-user-entrypoint.missing-user-entrypoint",
+              "name": "dockerfile.security.missing-user-entrypoint.missing-user-entrypoint",
+              "short_description": {
+                "text": "Semgrep Finding: dockerfile.security.missing-user-entrypoint.missing-user-entrypoint"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.grpc.security.grpc-client-insecure-connection.grpc-client-insecure-connection"
+              "full_description": {
+                "text": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/dockerfile.security.missing-user-entrypoint.missing-user-entrypoint",
+              "help": {
+                "text": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/dockerfile.security.missing-user-entrypoint.missing-user-entrypoint)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-269: Improper Privilege Management",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.injection.raw-html-format.raw-html-format",
+              "name": "javascript.express.security.injection.raw-html-format.raw-html-format",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.injection.raw-html-format.raw-html-format"
               },
-              "fullDescription": {
-                "text": "It looks like you're using an implementation of XSSRequestWrapper from dzone. (https://www.javacodegeeks.com/2012/07/anti-cross-site-scripting-xss-filter.html) The XSS filtering in this code is not secure and can be bypassed by malicious actors. It is recommended to use a stack that automatically escapes in your view or templates instead of filtering yourself."
+              "full_description": {
+                "text": "User data flows into the host portion of this manually-constructed HTML. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. Consider using a sanitization library such as DOMPurify to sanitize the HTML within."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.injection.raw-html-format.raw-html-format",
               "help": {
-                "markdown": "It looks like you're using an implementation of XSSRequestWrapper from dzone. (https://www.javacodegeeks.com/2012/07/anti-cross-site-scripting-xss-filter.html) The XSS filtering in this code is not secure and can be bypassed by malicious actors. It is recommended to use a stack that automatically escapes in your view or templates instead of filtering yourself.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xssrequestwrapper-is-insecure.xssrequestwrapper-is-insecure)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "It looks like you're using an implementation of XSSRequestWrapper from dzone. (https://www.javacodegeeks.com/2012/07/anti-cross-site-scripting-xss-filter.html) The XSS filtering in this code is not secure and can be bypassed by malicious actors. It is recommended to use a stack that automatically escapes in your view or templates instead of filtering yourself.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data flows into the host portion of this manually-constructed HTML. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. Consider using a sanitization library such as DOMPurify to sanitize the HTML within.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data flows into the host portion of this manually-constructed HTML. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. Consider using a sanitization library such as DOMPurify to sanitize the HTML within.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.injection.raw-html-format.raw-html-format)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.xssrequestwrapper-is-insecure.xssrequestwrapper-is-insecure",
-              "id": "java.lang.security.audit.xssrequestwrapper-is-insecure.xssrequestwrapper-is-insecure",
-              "name": "java.lang.security.audit.xssrequestwrapper-is-insecure.xssrequestwrapper-is-insecure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.xssrequestwrapper-is-insecure.xssrequestwrapper-is-insecure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "python.aws-lambda.security.dangerous-system-call.dangerous-system-call",
+              "name": "python.aws-lambda.security.dangerous-system-call.dangerous-system-call",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-system-call.dangerous-system-call"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a util.format / console.log function. If an attacker injects a format specifier in the string, it will forge the log message. Try to use constant values for the format string."
+              "full_description": {
+                "text": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-system-call.dangerous-system-call",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a util.format / console.log function. If an attacker injects a format specifier in the string, it will forge the log message. Try to use constant values for the format string.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring)\n - [https://cwe.mitre.org/data/definitions/134.html](https://cwe.mitre.org/data/definitions/134.html)\n",
-                "text": "Detected string concatenation with a non-literal variable in a util.format / console.log function. If an attacker injects a format specifier in the string, it will forge the log message. Try to use constant values for the format string.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-system-call.dangerous-system-call)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring",
-              "id": "javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring",
-              "name": "javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-134: Use of Externally-Controlled Format String",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.sequelize.security.audit.sequelize-tls-disabled-cert-validation.sequelize-tls-disabled-cert-validation",
+              "name": "javascript.sequelize.security.audit.sequelize-tls-disabled-cert-validation.sequelize-tls-disabled-cert-validation",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.sequelize.security.audit.sequelize-tls-disabled-cert-validation.sequelize-tls-disabled-cert-validation"
               },
-              "fullDescription": {
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `golang.org/x/crypto/bcrypt` package."
+              "full_description": {
+                "text": "Set \"rejectUnauthorized\" to false is a convenient way to resolve certificate error. But this method is unsafe because it disables the server certificate verification, making the Node app open to MITM attack. \"rejectUnauthorized\" option must be alway set to True (default value). With self -signed certificate or custom CA, use \"ca\" option to define Root Certificate. This rule checks TLS configuration only for Postgresql, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-tls-disabled-cert-validation.sequelize-tls-disabled-cert-validation",
               "help": {
-                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `golang.org/x/crypto/bcrypt` package.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html](https://tools.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-01.html)\n - [https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n - [https://pkg.go.dev/golang.org/x/crypto/bcrypt](https://pkg.go.dev/golang.org/x/crypto/bcrypt)\n",
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use the `golang.org/x/crypto/bcrypt` package.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Set \"rejectUnauthorized\" to false is a convenient way to resolve certificate error. But this method is unsafe because it disables the server certificate verification, making the Node app open to MITM attack. \"rejectUnauthorized\" option must be alway set to True (default value). With self -signed certificate or custom CA, use \"ca\" option to define Root Certificate. This rule checks TLS configuration only for Postgresql, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Set \"rejectUnauthorized\" to false is a convenient way to resolve certificate error. But this method is unsafe because it disables the server certificate verification, making the Node app open to MITM attack. \"rejectUnauthorized\" option must be alway set to True (default value). With self -signed certificate or custom CA, use \"ca\" option to define Root Certificate. This rule checks TLS configuration only for Postgresql, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-tls-disabled-cert-validation.sequelize-tls-disabled-cert-validation)\n - [https://node-postgres.com/features/ssl](https://node-postgres.com/features/ssl)\n - [https://nodejs.org/api/tls.html#tls_class_tls_tlssocket](https://nodejs.org/api/tls.html#tls_class_tls_tlssocket)\n - [https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options](https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.md5-used-as-password.md5-used-as-password",
-              "id": "go.lang.security.audit.md5-used-as-password.md5-used-as-password",
-              "name": "go.lang.security.audit.md5-used-as-password.md5-used-as-password",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.md5-used-as-password.md5-used-as-password"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.express-data-exfiltration.express-data-exfiltration",
+              "name": "javascript.express.security.express-data-exfiltration.express-data-exfiltration",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-data-exfiltration.express-data-exfiltration"
               },
-              "fullDescription": {
-                "text": "CodeClimate detected"
+              "full_description": {
+                "text": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-data-exfiltration.express-data-exfiltration",
               "help": {
-                "markdown": "CodeClimate detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-codeclimate.detected-codeclimate)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "CodeClimate detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-data-exfiltration.express-data-exfiltration)\n - [https://en.wikipedia.org/wiki/Mass_assignment_vulnerability](https://en.wikipedia.org/wiki/Mass_assignment_vulnerability)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-codeclimate.detected-codeclimate",
-              "id": "generic.secrets.security.detected-codeclimate.detected-codeclimate",
-              "name": "generic.secrets.security.detected-codeclimate.detected-codeclimate",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-codeclimate.detected-codeclimate"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.aws-lambda.security.pg-sqli.pg-sqli",
+              "name": "ruby.aws-lambda.security.pg-sqli.pg-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.aws-lambda.security.pg-sqli.pg-sqli"
               },
-              "fullDescription": {
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.aws-lambda.security.pg-sqli.pg-sqli",
               "help": {
-                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-provider-static-credentials.aws-provider-static-credentials)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n",
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.pg-sqli.pg-sqli)\n - [https://www.rubydoc.info/gems/pg/PG/Connection](https://www.rubydoc.info/gems/pg/PG/Connection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-provider-static-credentials.aws-provider-static-credentials",
-              "id": "terraform.aws.security.aws-provider-static-credentials.aws-provider-static-credentials",
-              "name": "terraform.aws.security.aws-provider-static-credentials.aws-provider-static-credentials",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-provider-static-credentials.aws-provider-static-credentials"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.docker-compose.security.exposing-docker-socket-volume.exposing-docker-socket-volume",
+              "name": "yaml.docker-compose.security.exposing-docker-socket-volume.exposing-docker-socket-volume",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.docker-compose.security.exposing-docker-socket-volume.exposing-docker-socket-volume"
               },
-              "fullDescription": {
-                "text": "Data is being piped into `bash` from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the pipe, resulting in a system compromise. Avoid piping untrusted data into `bash` or any other shell if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity."
+              "full_description": {
+                "text": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from volumes to prevent this."
               },
-              "help": {
-                "markdown": "Data is being piped into `bash` from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the pipe, resulting in a system compromise. Avoid piping untrusted data into `bash` or any other shell if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/bash.curl.security.curl-pipe-bash.curl-pipe-bash)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Data is being piped into `bash` from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the pipe, resulting in a system compromise. Avoid piping untrusted data into `bash` or any other shell if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/yaml.docker-compose.security.exposing-docker-socket-volume.exposing-docker-socket-volume",
+              "help": {
+                "text": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from volumes to prevent this.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from volumes to prevent this.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.exposing-docker-socket-volume.exposing-docker-socket-volume)\n - [https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference](https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-1-do-not-expose-the-docker-daemon-socket-even-to-the-containers](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-1-do-not-expose-the-docker-daemon-socket-even-to-the-containers)\n"
               },
-              "helpUri": "https://semgrep.dev/r/bash.curl.security.curl-pipe-bash.curl-pipe-bash",
-              "id": "bash.curl.security.curl-pipe-bash.curl-pipe-bash",
-              "name": "bash.curl.security.curl-pipe-bash.curl-pipe-bash",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "CWE-250: Execution with Unnecessary Privileges",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: bash.curl.security.curl-pipe-bash.curl-pipe-bash"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.azure.security.storage.storage-queue-services-logging.storage-queue-services-logging",
+              "name": "terraform.azure.security.storage.storage-queue-services-logging.storage-queue-services-logging",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.storage.storage-queue-services-logging.storage-queue-services-logging"
               },
-              "fullDescription": {
-                "text": "The AWS Workspace root volume is unencrypted. The AWS KMS encryption key protects root volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              "full_description": {
+                "text": "Storage Analytics logs detailed information about successful and failed requests to a storage service. This information can be used to monitor individual requests and to diagnose issues with a storage service. Requests are logged on a best-effort basis."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.storage.storage-queue-services-logging.storage-queue-services-logging",
               "help": {
-                "markdown": "The AWS Workspace root volume is unencrypted. The AWS KMS encryption key protects root volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-workspaces-root-volume-unencrypted.aws-workspaces-root-volume-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS Workspace root volume is unencrypted. The AWS KMS encryption key protects root volume. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Storage Analytics logs detailed information about successful and failed requests to a storage service. This information can be used to monitor individual requests and to diagnose issues with a storage service. Requests are logged on a best-effort basis.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Storage Analytics logs detailed information about successful and failed requests to a storage service. This information can be used to monitor individual requests and to diagnose issues with a storage service. Requests are logged on a best-effort basis.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.storage.storage-queue-services-logging.storage-queue-services-logging)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#logging](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#logging)\n - [https://docs.microsoft.com/en-us/azure/storage/common/storage-analytics-logging?tabs=dotnet](https://docs.microsoft.com/en-us/azure/storage/common/storage-analytics-logging?tabs=dotnet)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-workspaces-root-volume-unencrypted.aws-workspaces-root-volume-unencrypted",
-              "id": "terraform.aws.security.aws-workspaces-root-volume-unencrypted.aws-workspaces-root-volume-unencrypted",
-              "name": "terraform.aws.security.aws-workspaces-root-volume-unencrypted.aws-workspaces-root-volume-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-778: Insufficient Logging",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A09:2021 - Security Logging and Monitoring Failures",
+                  "OWASP-A10:2017 - Insufficient Logging & Monitoring",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-workspaces-root-volume-unencrypted.aws-workspaces-root-volume-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.crypto.weak-rsa.use-of-weak-rsa-key",
+              "name": "java.lang.security.audit.crypto.weak-rsa.use-of-weak-rsa-key",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.weak-rsa.use-of-weak-rsa-key"
               },
-              "fullDescription": {
-                "text": "Authentication detected over HTTP. HTTP does not provide any encryption or protection for these authentication credentials. This may expose these credentials to unauthorized parties. Use 'https://' instead."
+              "full_description": {
+                "text": "RSA keys should be at least 2048 bits based on NIST recommendation."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.weak-rsa.use-of-weak-rsa-key",
               "help": {
-                "markdown": "Authentication detected over HTTP. HTTP does not provide any encryption or protection for these authentication credentials. This may expose these credentials to unauthorized parties. Use 'https://' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.requests.security.no-auth-over-http.no-auth-over-http)\n - [https://semgrep.dev/blog/2020/bento-check-no-auth-over-http/](https://semgrep.dev/blog/2020/bento-check-no-auth-over-http/)\n - [https://bento.dev/checks/requests/no-auth-over-http/](https://bento.dev/checks/requests/no-auth-over-http/)\n",
-                "text": "Authentication detected over HTTP. HTTP does not provide any encryption or protection for these authentication credentials. This may expose these credentials to unauthorized parties. Use 'https://' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "RSA keys should be at least 2048 bits based on NIST recommendation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "RSA keys should be at least 2048 bits based on NIST recommendation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.weak-rsa.use-of-weak-rsa-key)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.requests.security.no-auth-over-http.no-auth-over-http",
-              "id": "python.requests.security.no-auth-over-http.no-auth-over-http",
-              "name": "python.requests.security.no-auth-over-http.no-auth-over-http",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-523: Unprotected Transport of Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "HIGH CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.requests.security.no-auth-over-http.no-auth-over-http"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.crypto.tls.tls-with-insecure-cipher",
+              "name": "go.lang.security.audit.crypto.tls.tls-with-insecure-cipher",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.tls.tls-with-insecure-cipher"
               },
-              "fullDescription": {
-                "text": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY."
+              "full_description": {
+                "text": "Detected an insecure CipherSuite via the 'tls' module. This suite is considered weak. Use the function 'tls.CipherSuites()' to get a list of good cipher suites. See https://golang.org/pkg/crypto/tls/#InsecureCipherSuites for why and what other cipher suites to use."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.tls.tls-with-insecure-cipher",
               "help": {
-                "markdown": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.ecb-cipher.ecb-cipher)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an insecure CipherSuite via the 'tls' module. This suite is considered weak. Use the function 'tls.CipherSuites()' to get a list of good cipher suites. See https://golang.org/pkg/crypto/tls/#InsecureCipherSuites for why and what other cipher suites to use.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an insecure CipherSuite via the 'tls' module. This suite is considered weak. Use the function 'tls.CipherSuites()' to get a list of good cipher suites. See https://golang.org/pkg/crypto/tls/#InsecureCipherSuites for why and what other cipher suites to use.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.tls.tls-with-insecure-cipher)\n - [https://golang.org/pkg/crypto/tls/#InsecureCipherSuites](https://golang.org/pkg/crypto/tls/#InsecureCipherSuites)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.ecb-cipher.ecb-cipher",
-              "id": "java.lang.security.audit.crypto.ecb-cipher.ecb-cipher",
-              "name": "java.lang.security.audit.crypto.ecb-cipher.ecb-cipher",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -21232,866 +22295,908 @@
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.ecb-cipher.ecb-cipher"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.crypto.desede-is-deprecated.desede-is-deprecated",
+              "name": "java.lang.security.audit.crypto.desede-is-deprecated.desede-is-deprecated",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.desede-is-deprecated.desede-is-deprecated"
               },
-              "fullDescription": {
-                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Set 'verify' to `true` before using the token."
+              "full_description": {
+                "text": "Triple DES (3DES or DESede) is considered deprecated. AES is the recommended cipher. Upgrade to use AES."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.desede-is-deprecated.desede-is-deprecated",
               "help": {
-                "markdown": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Set 'verify' to `true` before using the token.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jwt-simple.security.jwt-simple-noverify.jwt-simple-noverify)\n - [https://www.npmjs.com/package/jwt-simple](https://www.npmjs.com/package/jwt-simple)\n - [https://cwe.mitre.org/data/definitions/287](https://cwe.mitre.org/data/definitions/287)\n - [https://cwe.mitre.org/data/definitions/345](https://cwe.mitre.org/data/definitions/345)\n - [https://cwe.mitre.org/data/definitions/347](https://cwe.mitre.org/data/definitions/347)\n",
-                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Set 'verify' to `true` before using the token.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Triple DES (3DES or DESede) is considered deprecated. AES is the recommended cipher. Upgrade to use AES.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Triple DES (3DES or DESede) is considered deprecated. AES is the recommended cipher. Upgrade to use AES.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.desede-is-deprecated.desede-is-deprecated)\n - [https://csrc.nist.gov/News/2017/Update-to-Current-Use-and-Deprecation-of-TDEA](https://csrc.nist.gov/News/2017/Update-to-Current-Use-and-Deprecation-of-TDEA)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.jwt-simple.security.jwt-simple-noverify.jwt-simple-noverify",
-              "id": "javascript.jwt-simple.security.jwt-simple-noverify.jwt-simple-noverify",
-              "name": "javascript.jwt-simple.security.jwt-simple-noverify.jwt-simple-noverify",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-287: Improper Authentication",
-                  "CWE-345: Insufficient Verification of Data Authenticity",
-                  "CWE-347: Improper Verification of Cryptographic Signature",
+                  "CWE-326: Inadequate Encryption Strength",
                   "HIGH CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.jwt-simple.security.jwt-simple-noverify.jwt-simple-noverify"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.net.cookie-missing-secure.cookie-missing-secure",
+              "name": "go.lang.security.audit.net.cookie-missing-secure.cookie-missing-secure",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.cookie-missing-secure.cookie-missing-secure"
               },
-              "fullDescription": {
-                "text": "Ensure Timestream database is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.cookie-missing-secure.cookie-missing-secure",
               "help": {
-                "markdown": "Ensure Timestream database is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-timestream-database-encrypted-with-cmk.aws-timestream-database-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure Timestream database is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.cookie-missing-secure.cookie-missing-secure)\n - [https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/util/cookie.go](https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/util/cookie.go)\n - [https://golang.org/src/net/http/cookie.go](https://golang.org/src/net/http/cookie.go)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-timestream-database-encrypted-with-cmk.aws-timestream-database-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-timestream-database-encrypted-with-cmk.aws-timestream-database-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-timestream-database-encrypted-with-cmk.aws-timestream-database-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-timestream-database-encrypted-with-cmk.aws-timestream-database-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "problem-based-packs.insecure-transport.ruby-stdlib.net-http-request.net-http-request",
+              "name": "problem-based-packs.insecure-transport.ruby-stdlib.net-http-request.net-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.ruby-stdlib.net-http-request.net-http-request"
               },
-              "fullDescription": {
-                "text": "SSH Password detected"
+              "full_description": {
+                "text": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-http-request.net-http-request",
               "help": {
-                "markdown": "SSH Password detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-ssh-password.detected-ssh-password)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "SSH Password detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-http-request.net-http-request)\n - [https://ruby-doc.org/stdlib-2.6.5/libdoc/net/http/rdoc/Net/](https://ruby-doc.org/stdlib-2.6.5/libdoc/net/http/rdoc/Net/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-ssh-password.detected-ssh-password",
-              "id": "generic.secrets.security.detected-ssh-password.detected-ssh-password",
-              "name": "generic.secrets.security.detected-ssh-password.detected-ssh-password",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-ssh-password.detected-ssh-password"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.database.string-formatted-query.string-formatted-query",
+              "name": "go.lang.security.audit.database.string-formatted-query.string-formatted-query",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.database.string-formatted-query.string-formatted-query"
               },
-              "fullDescription": {
-                "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+              "full_description": {
+                "text": "String-formatted SQL query detected. This could lead to SQL injection if the string is not sanitized properly. Audit this call to ensure the SQL is not manipulable by external data."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.database.string-formatted-query.string-formatted-query",
               "help": {
-                "markdown": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.secure-cookies.django-secure-set-cookie)\n - [https://docs.djangoproject.com/en/3.0/ref/request-response/#django.http.HttpResponse.set_cookie](https://docs.djangoproject.com/en/3.0/ref/request-response/#django.http.HttpResponse.set_cookie)\n - [https://semgrep.dev/blog/2020/bento-check-keeping-cookies-safe-in-flask/](https://semgrep.dev/blog/2020/bento-check-keeping-cookies-safe-in-flask/)\n - [https://bento.dev/checks/flask/secure-set-cookie/](https://bento.dev/checks/flask/secure-set-cookie/)\n",
-                "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "String-formatted SQL query detected. This could lead to SQL injection if the string is not sanitized properly. Audit this call to ensure the SQL is not manipulable by external data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "String-formatted SQL query detected. This could lead to SQL injection if the string is not sanitized properly. Audit this call to ensure the SQL is not manipulable by external data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.database.string-formatted-query.string-formatted-query)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.secure-cookies.django-secure-set-cookie",
-              "id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
-              "name": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.secure-cookies.django-secure-set-cookie"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.logging.listeneval.listen-eval",
+              "name": "python.lang.security.audit.logging.listeneval.listen-eval",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.logging.listeneval.listen-eval"
               },
-              "fullDescription": {
-                "text": "Ensure EFS filesystem is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Because portions of the logging configuration are passed through eval(), use of this function may open its users to a security risk. While the function only binds to a socket on localhost, and so does not accept connections from remote machines, there are scenarios where untrusted code could be run under the account of the process which calls listen(). To avoid this happening, use the `verify()` argument to `listen()` to prevent unrecognized configurations."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.logging.listeneval.listen-eval",
               "help": {
-                "markdown": "Ensure EFS filesystem is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-efs-filesystem-encrypted-with-cmk.aws-efs-filesystem-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure EFS filesystem is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Because portions of the logging configuration are passed through eval(), use of this function may open its users to a security risk. While the function only binds to a socket on localhost, and so does not accept connections from remote machines, there are scenarios where untrusted code could be run under the account of the process which calls listen(). To avoid this happening, use the `verify()` argument to `listen()` to prevent unrecognized configurations.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Because portions of the logging configuration are passed through eval(), use of this function may open its users to a security risk. While the function only binds to a socket on localhost, and so does not accept connections from remote machines, there are scenarios where untrusted code could be run under the account of the process which calls listen(). To avoid this happening, use the `verify()` argument to `listen()` to prevent unrecognized configurations.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.logging.listeneval.listen-eval)\n - [https://docs.python.org/3/library/logging.config.html?highlight=security#logging.config.listen](https://docs.python.org/3/library/logging.config.html?highlight=security#logging.config.listen)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-efs-filesystem-encrypted-with-cmk.aws-efs-filesystem-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-efs-filesystem-encrypted-with-cmk.aws-efs-filesystem-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-efs-filesystem-encrypted-with-cmk.aws-efs-filesystem-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-efs-filesystem-encrypted-with-cmk.aws-efs-filesystem-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.formatted-sql-string.formatted-sql-string",
+              "name": "java.lang.security.audit.formatted-sql-string.formatted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.formatted-sql-string.formatted-sql-string"
               },
-              "fullDescription": {
-                "text": "Detected input from a HTTPServletRequest going into a 'ProcessBuilder' or 'exec' command. This could lead to command injection if variables passed into the exec commands are not properly sanitized. Instead, avoid using these OS commands with user-supplied input, or, if you must use these commands, use a whitelist of specific values."
+              "full_description": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.formatted-sql-string.formatted-sql-string",
               "help": {
-                "markdown": "Detected input from a HTTPServletRequest going into a 'ProcessBuilder' or 'exec' command. This could lead to command injection if variables passed into the exec commands are not properly sanitized. Instead, avoid using these OS commands with user-supplied input, or, if you must use these commands, use a whitelist of specific values.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.tainted-cmd-from-http-request.tainted-cmd-from-http-request)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected input from a HTTPServletRequest going into a 'ProcessBuilder' or 'exec' command. This could lead to command injection if variables passed into the exec commands are not properly sanitized. Instead, avoid using these OS commands with user-supplied input, or, if you must use these commands, use a whitelist of specific values.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.formatted-sql-string.formatted-sql-string)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n - [https://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html#create_ps](https://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html#create_ps)\n - [https://software-security.sans.org/developer-how-to/fix-sql-injection-in-java-using-prepared-callable-statement](https://software-security.sans.org/developer-how-to/fix-sql-injection-in-java-using-prepared-callable-statement)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.tainted-cmd-from-http-request.tainted-cmd-from-http-request",
-              "id": "java.lang.security.audit.tainted-cmd-from-http-request.tainted-cmd-from-http-request",
-              "name": "java.lang.security.audit.tainted-cmd-from-http-request.tainted-cmd-from-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.tainted-cmd-from-http-request.tainted-cmd-from-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.insecure-deserialization.los-formatter.insecure-losformatter-deserialization",
+              "name": "csharp.lang.security.insecure-deserialization.los-formatter.insecure-losformatter-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.los-formatter.insecure-losformatter-deserialization"
               },
-              "fullDescription": {
-                "text": "Use of eval with user-controllable input detected. This can lead  to attackers running arbitrary code. Ensure external data does not  reach here, otherwise this is a security vulnerability. Consider  other ways to do this without eval."
+              "full_description": {
+                "text": "The LosFormatter type is dangerous and is not recommended for data processing. Applications should stop using LosFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. LosFormatter is insecure and can't be made secure"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.los-formatter.insecure-losformatter-deserialization",
               "help": {
-                "markdown": "Use of eval with user-controllable input detected. This can lead  to attackers running arbitrary code. Ensure external data does not  reach here, otherwise this is a security vulnerability. Consider  other ways to do this without eval.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.no-eval.ruby-eval)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Use of eval with user-controllable input detected. This can lead  to attackers running arbitrary code. Ensure external data does not  reach here, otherwise this is a security vulnerability. Consider  other ways to do this without eval.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The LosFormatter type is dangerous and is not recommended for data processing. Applications should stop using LosFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. LosFormatter is insecure and can't be made secure\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The LosFormatter type is dangerous and is not recommended for data processing. Applications should stop using LosFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. LosFormatter is insecure and can't be made secure\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.los-formatter.insecure-losformatter-deserialization)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.web.ui.losformatter?view=netframework-4.8](https://docs.microsoft.com/en-us/dotnet/api/system.web.ui.losformatter?view=netframework-4.8)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.no-eval.ruby-eval",
-              "id": "ruby.lang.security.no-eval.ruby-eval",
-              "name": "ruby.lang.security.no-eval.ruby-eval",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.no-eval.ruby-eval"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-backup-vault-unencrypted.aws-backup-vault-unencrypted",
+              "name": "terraform.aws.security.aws-backup-vault-unencrypted.aws-backup-vault-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-backup-vault-unencrypted.aws-backup-vault-unencrypted"
               },
-              "fullDescription": {
-                "text": "A parameter being passed directly into `fromURL` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              "full_description": {
+                "text": "The AWS Backup vault is unencrypted. The AWS KMS encryption key protects backups in the Backup vault. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-backup-vault-unencrypted.aws-backup-vault-unencrypted",
               "help": {
-                "markdown": "A parameter being passed directly into `fromURL` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.io-source-ssrf.io-source-ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n - [https://www.scala-lang.org/api/current/scala/io/Source$.html#fromURL(url:java.net.URL)(implicitcodec:scala.io.Codec):scala.io.BufferedSource](https://www.scala-lang.org/api/current/scala/io/Source$.html#fromURL(url:java.net.URL)(implicitcodec:scala.io.Codec):scala.io.BufferedSource)\n",
-                "text": "A parameter being passed directly into `fromURL` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS Backup vault is unencrypted. The AWS KMS encryption key protects backups in the Backup vault. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS Backup vault is unencrypted. The AWS KMS encryption key protects backups in the Backup vault. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-backup-vault-unencrypted.aws-backup-vault-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.io-source-ssrf.io-source-ssrf",
-              "id": "scala.lang.security.audit.io-source-ssrf.io-source-ssrf",
-              "name": "scala.lang.security.audit.io-source-ssrf.io-source-ssrf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.io-source-ssrf.io-source-ssrf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-db-instance-no-logging.aws-db-instance-no-logging",
+              "name": "terraform.aws.security.aws-db-instance-no-logging.aws-db-instance-no-logging",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-db-instance-no-logging.aws-db-instance-no-logging"
               },
-              "fullDescription": {
-                "text": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`."
+              "full_description": {
+                "text": "Database instance has no logging. Missing logs can cause missing important event information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-db-instance-no-logging.aws-db-instance-no-logging",
               "help": {
-                "markdown": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.wildcard-assume-role.wildcard-assume-role)\n - [https://rhinosecuritylabs.com/aws/assume-worst-aws-assume-role-enumeration/](https://rhinosecuritylabs.com/aws/assume-worst-aws-assume-role-enumeration/)\n",
-                "text": "Detected wildcard access granted to sts:AssumeRole. This means anyone with your AWS account ID and the name of the role can assume the role. Instead, limit to a specific identity in your account, like this: `arn:aws:iam::<account_id>:root`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Database instance has no logging. Missing logs can cause missing important event information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Database instance has no logging. Missing logs can cause missing important event information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-db-instance-no-logging.aws-db-instance-no-logging)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.wildcard-assume-role.wildcard-assume-role",
-              "id": "terraform.aws.security.wildcard-assume-role.wildcard-assume-role",
-              "name": "terraform.aws.security.wildcard-assume-role.wildcard-assume-role",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-250: Execution with Unnecessary Privileges",
+                  "CWE-311: Missing Encryption of Sensitive Data",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.wildcard-assume-role.wildcard-assume-role"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.aws-lambda.security.dynamodb-request-object.dynamodb-request-object",
+              "name": "javascript.aws-lambda.security.dynamodb-request-object.dynamodb-request-object",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.dynamodb-request-object.dynamodb-request-object"
               },
-              "fullDescription": {
-                "text": "Usage of RSA without OAEP (Optimal Asymmetric Encryption Padding) may weaken encryption. This could lead to sensitive data exposure. Instead, use RSA with `OAEPWithMD5AndMGF1Padding` instead."
+              "full_description": {
+                "text": "Detected DynamoDB query params that are tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.dynamodb-request-object.dynamodb-request-object",
               "help": {
-                "markdown": "Usage of RSA without OAEP (Optimal Asymmetric Encryption Padding) may weaken encryption. This could lead to sensitive data exposure. Instead, use RSA with `OAEPWithMD5AndMGF1Padding` instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.rsa-padding-set.rsa-padding-set)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Usage of RSA without OAEP (Optimal Asymmetric Encryption Padding) may weaken encryption. This could lead to sensitive data exposure. Instead, use RSA with `OAEPWithMD5AndMGF1Padding` instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected DynamoDB query params that are tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected DynamoDB query params that are tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.dynamodb-request-object.dynamodb-request-object)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.rsa-padding-set.rsa-padding-set",
-              "id": "scala.lang.security.audit.rsa-padding-set.rsa-padding-set",
-              "name": "scala.lang.security.audit.rsa-padding-set.rsa-padding-set",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-780: Use of RSA Algorithm without OAEP",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-943: Improper Neutralization of Special Elements in Data Query Logic",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.rsa-padding-set.rsa-padding-set"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.spring.security.injection.tainted-url-host.tainted-url-host",
+              "name": "java.spring.security.injection.tainted-url-host.tainted-url-host",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.injection.tainted-url-host.tainted-url-host"
               },
-              "fullDescription": {
-                "text": "The use of $sce.trustAs can be dangerous if unsanitized user input flows through this API."
+              "full_description": {
+                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host, or ensure that the user data can only affect the path or parameters."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.injection.tainted-url-host.tainted-url-host",
               "help": {
-                "markdown": "The use of $sce.trustAs can be dangerous if unsanitized user input flows through this API.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-method.detect-angular-trust-as-method)\n - [https://docs.angularjs.org/api/ng/service/$sce](https://docs.angularjs.org/api/ng/service/$sce)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "The use of $sce.trustAs can be dangerous if unsanitized user input flows through this API.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host, or ensure that the user data can only affect the path or parameters.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host, or ensure that the user data can only affect the path or parameters.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.injection.tainted-url-host.tainted-url-host)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-method.detect-angular-trust-as-method",
-              "id": "javascript.angular.security.detect-angular-trust-as-method.detect-angular-trust-as-method",
-              "name": "javascript.angular.security.detect-angular-trust-as-method.detect-angular-trust-as-method",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-method.detect-angular-trust-as-method"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "php.laravel.security.laravel-api-route-sql-injection.laravel-api-route-sql-injection",
+              "name": "php.laravel.security.laravel-api-route-sql-injection.laravel-api-route-sql-injection",
+              "short_description": {
+                "text": "Semgrep Finding: php.laravel.security.laravel-api-route-sql-injection.laravel-api-route-sql-injection"
               },
-              "fullDescription": {
-                "text": "Git allows shell commands to be specified in ext URLs for remote repositories. For example, git clone 'ext::sh -c whoami% >&2' will execute the whoami command to try to connect to a remote repository. Make sure that the URL is not controlled by external input."
+              "full_description": {
+                "text": "HTTP method [$METHOD] to Laravel route $ROUTE_NAME is vulnerable to SQL injection via string concatenation or unsafe interpolation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.laravel.security.laravel-api-route-sql-injection.laravel-api-route-sql-injection",
               "help": {
-                "markdown": "Git allows shell commands to be specified in ext URLs for remote repositories. For example, git clone 'ext::sh -c whoami% >&2' will execute the whoami command to try to connect to a remote repository. Make sure that the URL is not controlled by external input.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.spawn-git-clone.spawn-git-clone)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Git allows shell commands to be specified in ext URLs for remote repositories. For example, git clone 'ext::sh -c whoami% >&2' will execute the whoami command to try to connect to a remote repository. Make sure that the URL is not controlled by external input.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "HTTP method [$METHOD] to Laravel route $ROUTE_NAME is vulnerable to SQL injection via string concatenation or unsafe interpolation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "HTTP method [$METHOD] to Laravel route $ROUTE_NAME is vulnerable to SQL injection via string concatenation or unsafe interpolation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.laravel.security.laravel-api-route-sql-injection.laravel-api-route-sql-injection)\n - [https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Laravel_Cheat_Sheet.md](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Laravel_Cheat_Sheet.md)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.spawn-git-clone.spawn-git-clone",
-              "id": "javascript.lang.security.spawn-git-clone.spawn-git-clone",
-              "name": "javascript.lang.security.spawn-git-clone.spawn-git-clone",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.spawn-git-clone.spawn-git-clone"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.kubernetes.security.skip-tls-verify-service.skip-tls-verify-service",
+              "name": "yaml.kubernetes.security.skip-tls-verify-service.skip-tls-verify-service",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.skip-tls-verify-service.skip-tls-verify-service"
               },
-              "fullDescription": {
-                "text": "Mass assignment detected. This can result in assignment to model fields that are unintended and can be exploited by an attacker. Instead of using '**request.$W', assign each field you want to edit individually to prevent mass assignment. You can read more about mass assignment at https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html."
+              "full_description": {
+                "text": "Service is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecureSkipTLSVerify: true' key to secure communication."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.skip-tls-verify-service.skip-tls-verify-service",
               "help": {
-                "markdown": "Mass assignment detected. This can result in assignment to model fields that are unintended and can be exploited by an attacker. Instead of using '**request.$W', assign each field you want to edit individually to prevent mass assignment. You can read more about mass assignment at https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.mass-assignment.mass-assignment)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html)\n",
-                "text": "Mass assignment detected. This can result in assignment to model fields that are unintended and can be exploited by an attacker. Instead of using '**request.$W', assign each field you want to edit individually to prevent mass assignment. You can read more about mass assignment at https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Service is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecureSkipTLSVerify: true' key to secure communication.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Service is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecureSkipTLSVerify: true' key to secure communication.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.skip-tls-verify-service.skip-tls-verify-service)\n - [https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#apiservice-v1-apiregistration-k8s-io](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#apiservice-v1-apiregistration-k8s-io)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.mass-assignment.mass-assignment",
-              "id": "python.django.security.injection.mass-assignment.mass-assignment",
-              "name": "python.django.security.injection.mass-assignment.mass-assignment",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.mass-assignment.mass-assignment"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key",
+              "name": "javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key"
               },
-              "fullDescription": {
-                "text": "Found usage of the 'monetary' argument in a function call of 'locale.format_string'. This is only available on Python 3.7+ and is therefore not backwards compatible. Instead, remove the 'monetary' argument."
+              "full_description": {
+                "text": "Detected a hardcoded hmac key. Avoid hardcoding secrets and consider using an alternate option such as reading the secret from a config file or using an environment variable."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key",
               "help": {
-                "markdown": "Found usage of the 'monetary' argument in a function call of 'locale.format_string'. This is only available on Python 3.7+ and is therefore not backwards compatible. Instead, remove the 'monetary' argument.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-locale1)\n",
-                "text": "Found usage of the 'monetary' argument in a function call of 'locale.format_string'. This is only available on Python 3.7+ and is therefore not backwards compatible. Instead, remove the 'monetary' argument.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a hardcoded hmac key. Avoid hardcoding secrets and consider using an alternate option such as reading the secret from a config file or using an environment variable.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a hardcoded hmac key. Avoid hardcoding secrets and consider using an alternate option such as reading the secret from a config file or using an environment variable.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key)\n - [https://rules.sonarsource.com/javascript/RSPEC-2068](https://rules.sonarsource.com/javascript/RSPEC-2068)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#key-management](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#key-management)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-locale1",
-              "id": "python.lang.compatibility.python37.python37-compatibility-locale1",
-              "name": "python.lang.compatibility.python37.python37-compatibility-locale1",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-locale1"
+                "tags": [
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block",
+              "name": "generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block"
               },
-              "fullDescription": {
-                "text": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability."
+              "full_description": {
+                "text": "Something that looks like a PGP private key block is detected. This is a potential hardcoded secret that could be leaked if this code is committed. Instead, remove this code block from the commit."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block",
               "help": {
-                "markdown": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.insecure-object-assign.insecure-object-assign)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html)\n - [https://en.wikipedia.org/wiki/Mass_assignment_vulnerability](https://en.wikipedia.org/wiki/Mass_assignment_vulnerability)\n",
-                "text": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Something that looks like a PGP private key block is detected. This is a potential hardcoded secret that could be leaked if this code is committed. Instead, remove this code block from the commit.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Something that looks like a PGP private key block is detected. This is a potential hardcoded secret that could be leaked if this code is committed. Instead, remove this code block from the commit.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.insecure-object-assign.insecure-object-assign",
-              "id": "javascript.lang.security.insecure-object-assign.insecure-object-assign",
-              "name": "javascript.lang.security.insecure-object-assign.insecure-object-assign",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.insecure-object-assign.insecure-object-assign"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-elasticsearch-insecure-tls-version.aws-elasticsearch-insecure-tls-version",
+              "name": "terraform.aws.security.aws-elasticsearch-insecure-tls-version.aws-elasticsearch-insecure-tls-version",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-elasticsearch-insecure-tls-version.aws-elasticsearch-insecure-tls-version"
               },
-              "fullDescription": {
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as ActiveRecord which will protect your queries."
+              "full_description": {
+                "text": "Detected an AWS Elasticsearch domain using an insecure version of TLS. To fix this, set \"tls_security_policy\" equal to \"Policy-Min-TLS-1-2-2019-07\"."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-elasticsearch-insecure-tls-version.aws-elasticsearch-insecure-tls-version",
               "help": {
-                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as ActiveRecord which will protect your queries.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://rorsecurity.info/portfolio/ruby-on-rails-sql-injection-cheat-sheet](https://rorsecurity.info/portfolio/ruby-on-rails-sql-injection-cheat-sheet)\n",
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as ActiveRecord which will protect your queries.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an AWS Elasticsearch domain using an insecure version of TLS. To fix this, set \"tls_security_policy\" equal to \"Policy-Min-TLS-1-2-2019-07\".\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an AWS Elasticsearch domain using an insecure version of TLS. To fix this, set \"tls_security_policy\" equal to \"Policy-Min-TLS-1-2-2019-07\".\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-elasticsearch-insecure-tls-version.aws-elasticsearch-insecure-tls-version)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.injection.tainted-sql-string.tainted-sql-string",
-              "id": "ruby.rails.security.injection.tainted-sql-string.tainted-sql-string",
-              "name": "ruby.rails.security.injection.tainted-sql-string.tainted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.injection.tainted-sql-string.tainted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.crypto.des-is-deprecated.des-is-deprecated",
+              "name": "java.lang.security.audit.crypto.des-is-deprecated.des-is-deprecated",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.des-is-deprecated.des-is-deprecated"
               },
-              "fullDescription": {
-                "text": "IPv4Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'."
+              "full_description": {
+                "text": "DES is considered deprecated. AES is the recommended cipher. Upgrade to use AES. See https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.des-is-deprecated.des-is-deprecated",
               "help": {
-                "markdown": "IPv4Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv4network1)\n",
-                "text": "IPv4Network.subnet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the subnet is in 'subnets'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "DES is considered deprecated. AES is the recommended cipher. Upgrade to use AES. See https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "DES is considered deprecated. AES is the recommended cipher. Upgrade to use AES. See https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.des-is-deprecated.des-is-deprecated)\n - [https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard](https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv4network1",
-              "id": "python.lang.compatibility.python37.python37-compatibility-ipv4network1",
-              "name": "python.lang.compatibility.python37.python37-compatibility-ipv4network1",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-ipv4network1"
+                "tags": [
+                  "CWE-326: Inadequate Encryption Strength",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.xss.avoid-redirect.avoid-redirect",
+              "name": "ruby.rails.security.audit.xss.avoid-redirect.avoid-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-redirect.avoid-redirect"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `knex.raw('SELECT $1 from table', [userinput])`"
+              "full_description": {
+                "text": "When a redirect uses user input, a malicious user can spoof a website under a trusted URL or access restricted parts of a site. When using user-supplied values, sanitize the value before using it for the redirect."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-redirect.avoid-redirect",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `knex.raw('SELECT $1 from table', [userinput])`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.knex-sqli.knex-sqli)\n - [https://knexjs.org/#Builder-fromRaw](https://knexjs.org/#Builder-fromRaw)\n - [https://knexjs.org/#Builder-whereRaw](https://knexjs.org/#Builder-whereRaw)\n",
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `knex.raw('SELECT $1 from table', [userinput])`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "When a redirect uses user input, a malicious user can spoof a website under a trusted URL or access restricted parts of a site. When using user-supplied values, sanitize the value before using it for the redirect.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "When a redirect uses user input, a malicious user can spoof a website under a trusted URL or access restricted parts of a site. When using user-supplied values, sanitize the value before using it for the redirect.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-redirect.avoid-redirect)\n - [https://brakemanscanner.org/docs/warning_types/redirect/](https://brakemanscanner.org/docs/warning_types/redirect/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.knex-sqli.knex-sqli",
-              "id": "javascript.aws-lambda.security.knex-sqli.knex-sqli",
-              "name": "javascript.aws-lambda.security.knex-sqli.knex-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.knex-sqli.knex-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "dockerfile.security.last-user-is-root.last-user-is-root",
+              "name": "dockerfile.security.last-user-is-root.last-user-is-root",
+              "short_description": {
+                "text": "Semgrep Finding: dockerfile.security.last-user-is-root.last-user-is-root"
               },
-              "fullDescription": {
-                "text": "Using input or workflow parameters in here-scripts can lead to command injection or code injection. Convert the parameters to env variables instead."
+              "full_description": {
+                "text": "The last user in the container is 'root'. This is a security hazard because if an attacker gains control of the container they will have root access. Switch back to another user after running commands as 'root'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/dockerfile.security.last-user-is-root.last-user-is-root",
               "help": {
-                "markdown": "Using input or workflow parameters in here-scripts can lead to command injection or code injection. Convert the parameters to env variables instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.argo.security.argo-workflow-parameter-command-injection.argo-workflow-parameter-command-injection)\n - [https://github.com/argoproj/argo-workflows/issues/5061](https://github.com/argoproj/argo-workflows/issues/5061)\n - [https://github.com/argoproj/argo-workflows/issues/5114#issue-808865370](https://github.com/argoproj/argo-workflows/issues/5114#issue-808865370)\n",
-                "text": "Using input or workflow parameters in here-scripts can lead to command injection or code injection. Convert the parameters to env variables instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The last user in the container is 'root'. This is a security hazard because if an attacker gains control of the container they will have root access. Switch back to another user after running commands as 'root'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The last user in the container is 'root'. This is a security hazard because if an attacker gains control of the container they will have root access. Switch back to another user after running commands as 'root'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/dockerfile.security.last-user-is-root.last-user-is-root)\n - [https://github.com/hadolint/hadolint/wiki/DL3002](https://github.com/hadolint/hadolint/wiki/DL3002)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.argo.security.argo-workflow-parameter-command-injection.argo-workflow-parameter-command-injection",
-              "id": "yaml.argo.security.argo-workflow-parameter-command-injection.argo-workflow-parameter-command-injection",
-              "name": "yaml.argo.security.argo-workflow-parameter-command-injection.argo-workflow-parameter-command-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-269: Improper Privilege Management",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 \u2013 Injection",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.argo.security.argo-workflow-parameter-command-injection.argo-workflow-parameter-command-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "problem-based-packs.insecure-transport.js-node.ftp-request.ftp-request",
+              "name": "problem-based-packs.insecure-transport.js-node.ftp-request.ftp-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.ftp-request.ftp-request"
               },
-              "fullDescription": {
-                "text": "SonarQube Docs API Key detected"
+              "full_description": {
+                "text": "Checks for lack of usage of the \"secure: true\" option when sending ftp requests through the nodejs ftp module. This leads to unencrypted traffic being sent to the ftp server. There are other options such as \"implicit\" that still does not encrypt all traffic. ftp is the most utilized npm ftp module."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.ftp-request.ftp-request",
               "help": {
-                "markdown": "SonarQube Docs API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-sonarqube-docs-api-key.detected-sonarqube-docs-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "SonarQube Docs API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for lack of usage of the \"secure: true\" option when sending ftp requests through the nodejs ftp module. This leads to unencrypted traffic being sent to the ftp server. There are other options such as \"implicit\" that still does not encrypt all traffic. ftp is the most utilized npm ftp module.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for lack of usage of the \"secure: true\" option when sending ftp requests through the nodejs ftp module. This leads to unencrypted traffic being sent to the ftp server. There are other options such as \"implicit\" that still does not encrypt all traffic. ftp is the most utilized npm ftp module.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.ftp-request.ftp-request)\n - [https://www.npmjs.com/package/ftp](https://www.npmjs.com/package/ftp)\n - [https://openbase.io/js/ftp](https://openbase.io/js/ftp)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-sonarqube-docs-api-key.detected-sonarqube-docs-api-key",
-              "id": "generic.secrets.security.detected-sonarqube-docs-api-key.detected-sonarqube-docs-api-key",
-              "name": "generic.secrets.security.detected-sonarqube-docs-api-key.detected-sonarqube-docs-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-sonarqube-docs-api-key.detected-sonarqube-docs-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.use-snakeyaml-constructor.use-snakeyaml-constructor",
+              "name": "java.lang.security.use-snakeyaml-constructor.use-snakeyaml-constructor",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.use-snakeyaml-constructor.use-snakeyaml-constructor"
               },
-              "fullDescription": {
-                "text": "Detects creations of tls configuration objects with an insecure MinVersion of TLS. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities."
+              "full_description": {
+                "text": "Used SnakeYAML org.yaml.snakeyaml.Yaml() constructor with no arguments, which is vulnerable to deserialization attacks. Use the one-argument Yaml(...) constructor instead, with SafeConstructor or a custom Constructor as the argument."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.use-snakeyaml-constructor.use-snakeyaml-constructor",
               "help": {
-                "markdown": "Detects creations of tls configuration objects with an insecure MinVersion of TLS. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.disallow-old-tls-versions.disallow-old-tls-versions)\n - [https://stackoverflow.com/questions/26429751/java-http-clients-and-poodle](https://stackoverflow.com/questions/26429751/java-http-clients-and-poodle)\n",
-                "text": "Detects creations of tls configuration objects with an insecure MinVersion of TLS. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Used SnakeYAML org.yaml.snakeyaml.Yaml() constructor with no arguments, which is vulnerable to deserialization attacks. Use the one-argument Yaml(...) constructor instead, with SafeConstructor or a custom Constructor as the argument.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Used SnakeYAML org.yaml.snakeyaml.Yaml() constructor with no arguments, which is vulnerable to deserialization attacks. Use the one-argument Yaml(...) constructor instead, with SafeConstructor or a custom Constructor as the argument.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.use-snakeyaml-constructor.use-snakeyaml-constructor)\n - [https://securitylab.github.com/research/swagger-yaml-parser-vulnerability/#snakeyaml-deserialization-vulnerability](https://securitylab.github.com/research/swagger-yaml-parser-vulnerability/#snakeyaml-deserialization-vulnerability)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.disallow-old-tls-versions.disallow-old-tls-versions",
-              "id": "problem-based-packs.insecure-transport.go-stdlib.disallow-old-tls-versions.disallow-old-tls-versions",
-              "name": "problem-based-packs.insecure-transport.go-stdlib.disallow-old-tls-versions.disallow-old-tls-versions",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.disallow-old-tls-versions.disallow-old-tls-versions"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.brakeman.check-regex-dos.check-regex-dos",
+              "name": "ruby.rails.security.brakeman.check-regex-dos.check-regex-dos",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-regex-dos.check-regex-dos"
               },
-              "fullDescription": {
-                "text": "User-controllable string passed to Razor.Parse. This leads directly to code execution in the context of the process."
+              "full_description": {
+                "text": "Found a potentially user-controllable argument in the construction of a regular expressions. This may result in excessive resource consumption when applied to certain inputs, or when the user is allowed to control the match target. Avoid allowing users to specify regular expressions processed by the server. If you must support user-controllable input in a regular expression, use an allow-list to restrict the expressions users may supply to limit catastrophic backtracking."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-regex-dos.check-regex-dos",
               "help": {
-                "markdown": "User-controllable string passed to Razor.Parse. This leads directly to code execution in the context of the process.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.razor-template-injection.razor-template-injection)\n - [https://clement.notin.org/blog/2020/04/15/Server-Side-Template-Injection-(SSTI)-in-ASP.NET-Razor/](https://clement.notin.org/blog/2020/04/15/Server-Side-Template-Injection-(SSTI)-in-ASP.NET-Razor/)\n",
-                "text": "User-controllable string passed to Razor.Parse. This leads directly to code execution in the context of the process.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found a potentially user-controllable argument in the construction of a regular expressions. This may result in excessive resource consumption when applied to certain inputs, or when the user is allowed to control the match target. Avoid allowing users to specify regular expressions processed by the server. If you must support user-controllable input in a regular expression, use an allow-list to restrict the expressions users may supply to limit catastrophic backtracking.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a potentially user-controllable argument in the construction of a regular expressions. This may result in excessive resource consumption when applied to certain inputs, or when the user is allowed to control the match target. Avoid allowing users to specify regular expressions processed by the server. If you must support user-controllable input in a regular expression, use an allow-list to restrict the expressions users may supply to limit catastrophic backtracking.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-regex-dos.check-regex-dos)\n - [https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.dotnet.security.razor-template-injection.razor-template-injection",
-              "id": "csharp.dotnet.security.razor-template-injection.razor-template-injection",
-              "name": "csharp.dotnet.security.razor-template-injection.razor-template-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-1333: Inefficient Regular Expression Complexity",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.dotnet.security.razor-template-injection.razor-template-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-bcrypt-hash.detected-bcrypt-hash",
+              "name": "generic.secrets.security.detected-bcrypt-hash.detected-bcrypt-hash",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-bcrypt-hash.detected-bcrypt-hash"
               },
-              "fullDescription": {
-                "text": "Detected a template variable where autoescaping is explicitly disabled with '| safeseq' filter. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability. If you must do this, use `mark_safe` in your Python code."
+              "full_description": {
+                "text": "bcrypt hash detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-bcrypt-hash.detected-bcrypt-hash",
               "help": {
-                "markdown": "Detected a template variable where autoescaping is explicitly disabled with '| safeseq' filter. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability. If you must do this, use `mark_safe` in your Python code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.template-var-unescaped-with-safeseq.template-var-unescaped-with-safeseq)\n - [https://docs.djangoproject.com/en/3.0/ref/templates/builtins/#safeseq](https://docs.djangoproject.com/en/3.0/ref/templates/builtins/#safeseq)\n",
-                "text": "Detected a template variable where autoescaping is explicitly disabled with '| safeseq' filter. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability. If you must do this, use `mark_safe` in your Python code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "bcrypt hash detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "bcrypt hash detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-bcrypt-hash.detected-bcrypt-hash)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.template-var-unescaped-with-safeseq.template-var-unescaped-with-safeseq",
-              "id": "python.django.security.audit.xss.template-var-unescaped-with-safeseq.template-var-unescaped-with-safeseq",
-              "name": "python.django.security.audit.xss.template-var-unescaped-with-safeseq.template-var-unescaped-with-safeseq",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.template-var-unescaped-with-safeseq.template-var-unescaped-with-safeseq"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.weak-hashes-sha1.weak-hashes-sha1",
+              "name": "ruby.lang.security.weak-hashes-sha1.weak-hashes-sha1",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.weak-hashes-sha1.weak-hashes-sha1"
               },
-              "fullDescription": {
-                "text": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'ftp://'. This connection will not be encrypted. Consider using SFTP instead. urllib does not support SFTP natively, so consider using a library which supports SFTP."
+              "full_description": {
+                "text": "Should not use SHA1 to generate hashes. There is a proven SHA1 hash collision by Google, which could lead to vulnerabilities. Use SHA256, SHA3 or other hashing functions instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.weak-hashes-sha1.weak-hashes-sha1",
               "help": {
-                "markdown": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'ftp://'. This connection will not be encrypted. Consider using SFTP instead. urllib does not support SFTP natively, so consider using a library which supports SFTP.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-request-object-ftp.insecure-request-object-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.Request](https://docs.python.org/3/library/urllib.request.html#urllib.request.Request)\n",
-                "text": "Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'ftp://'. This connection will not be encrypted. Consider using SFTP instead. urllib does not support SFTP natively, so consider using a library which supports SFTP.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Should not use SHA1 to generate hashes. There is a proven SHA1 hash collision by Google, which could lead to vulnerabilities. Use SHA256, SHA3 or other hashing functions instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Should not use SHA1 to generate hashes. There is a proven SHA1 hash collision by Google, which could lead to vulnerabilities. Use SHA256, SHA3 or other hashing functions instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.weak-hashes-sha1.weak-hashes-sha1)\n - [https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html](https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html)\n - [https://shattered.io/](https://shattered.io/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-request-object-ftp.insecure-request-object-ftp",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-request-object-ftp.insecure-request-object-ftp",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-request-object-ftp.insecure-request-object-ftp",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
+                  "CWE-328: Use of Weak Hash",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-request-object-ftp.insecure-request-object-ftp"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.xxe.documentbuilderfactory-external-general-entities-true.documentbuilderfactory-external-general-entities-true",
+              "name": "java.lang.security.audit.xxe.documentbuilderfactory-external-general-entities-true.documentbuilderfactory-external-general-entities-true",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.xxe.documentbuilderfactory-external-general-entities-true.documentbuilderfactory-external-general-entities-true"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-general-entities\" to false."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-external-general-entities-true.documentbuilderfactory-external-general-entities-true",
               "help": {
-                "markdown": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-goto-injection.puppeteer-goto-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-general-entities\" to false.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-general-entities\" to false.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-external-general-entities-true.documentbuilderfactory-external-general-entities-true)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-goto-injection.puppeteer-goto-injection",
-              "id": "javascript.puppeteer.security.audit.puppeteer-goto-injection.puppeteer-goto-injection",
-              "name": "javascript.puppeteer.security.audit.puppeteer-goto-injection.puppeteer-goto-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.puppeteer.security.audit.puppeteer-goto-injection.puppeteer-goto-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.code.user-eval.user-eval",
+              "name": "python.django.security.injection.code.user-eval.user-eval",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.code.user-eval.user-eval"
               },
-              "fullDescription": {
-                "text": "Detected usage of the `notevil` package, which is unmaintained and has vulnerabilities. Using any sort of `eval()` functionality can be very dangerous, but if you must, the `eval` package is an up to date alternative. Be sure that only trusted input reaches an `eval()` function."
+              "full_description": {
+                "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.code.user-eval.user-eval",
               "help": {
-                "markdown": "Detected usage of the `notevil` package, which is unmaintained and has vulnerabilities. Using any sort of `eval()` functionality can be very dangerous, but if you must, the `eval` package is an up to date alternative. Be sure that only trusted input reaches an `eval()` function.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage)\n - [https://github.com/mmckegg/notevil](https://github.com/mmckegg/notevil)\n",
-                "text": "Detected usage of the `notevil` package, which is unmaintained and has vulnerabilities. Using any sort of `eval()` functionality can be very dangerous, but if you must, the `eval` package is an up to date alternative. Be sure that only trusted input reaches an `eval()` function.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.code.user-eval.user-eval)\n - [https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html](https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html)\n - [https://owasp.org/www-community/attacks/Code_Injection](https://owasp.org/www-community/attacks/Code_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage",
-              "id": "javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage",
-              "name": "javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1104: Use of Unmaintained Third Party Components",
-                  "LOW CONFIDENCE",
-                  "OWASP-A06:2021 - Vulnerable and Outdated Components",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-s3-object-copy-encrypted-with-cmk.aws-s3-object-copy-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-s3-object-copy-encrypted-with-cmk.aws-s3-object-copy-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-s3-object-copy-encrypted-with-cmk.aws-s3-object-copy-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself."
+              "full_description": {
+                "text": "Ensure S3 object copies are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-s3-object-copy-encrypted-with-cmk.aws-s3-object-copy-encrypted-with-cmk",
               "help": {
-                "markdown": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.ssrf.http-client.ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n",
-                "text": "SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure S3 object copies are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure S3 object copies are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-s3-object-copy-encrypted-with-cmk.aws-s3-object-copy-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.ssrf.http-client.ssrf",
-              "id": "csharp.lang.security.ssrf.http-client.ssrf",
-              "name": "csharp.lang.security.ssrf.http-client.ssrf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.ssrf.http-client.ssrf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.js-node.using-http-server.using-http-server",
+              "name": "problem-based-packs.insecure-transport.js-node.using-http-server.using-http-server",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.using-http-server.using-http-server"
               },
-              "fullDescription": {
-                "text": "'raw()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. If you must do this, construct individual strings and mark them as safe for HTML rendering with `html_safe()`."
+              "full_description": {
+                "text": "Checks for any usage of http servers instead of https servers. Encourages the usage of https protocol instead of http, which does not have TLS and is therefore unencrypted. Using http can lead to man-in-the-middle attacks in which the attacker is able to read sensitive information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.using-http-server.using-http-server",
               "help": {
-                "markdown": "'raw()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. If you must do this, construct individual strings and mark them as safe for HTML rendering with `html_safe()`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-raw.avoid-raw)\n - [https://api.rubyonrails.org/classes/ActionView/Helpers/OutputSafetyHelper.html#method-i-raw](https://api.rubyonrails.org/classes/ActionView/Helpers/OutputSafetyHelper.html#method-i-raw)\n - [https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/](https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/)\n",
-                "text": "'raw()' bypasses HTML escaping. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. If you must do this, construct individual strings and mark them as safe for HTML rendering with `html_safe()`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for any usage of http servers instead of https servers. Encourages the usage of https protocol instead of http, which does not have TLS and is therefore unencrypted. Using http can lead to man-in-the-middle attacks in which the attacker is able to read sensitive information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for any usage of http servers instead of https servers. Encourages the usage of https protocol instead of http, which does not have TLS and is therefore unencrypted. Using http can lead to man-in-the-middle attacks in which the attacker is able to read sensitive information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.using-http-server.using-http-server)\n - [https://nodejs.org/api/http.html#http_class_http_agent](https://nodejs.org/api/http.html#http_class_http_agent)\n - [https://groups.google.com/g/rubyonrails-security/c/NCCsca7TEtY](https://groups.google.com/g/rubyonrails-security/c/NCCsca7TEtY)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-raw.avoid-raw",
-              "id": "ruby.rails.security.audit.xss.avoid-raw.avoid-raw",
-              "name": "ruby.rails.security.audit.xss.avoid-raw.avoid-raw",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-raw.avoid-raw"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.net.dynamic-httptrace-clienttrace.dynamic-httptrace-clienttrace",
+              "name": "go.lang.security.audit.net.dynamic-httptrace-clienttrace.dynamic-httptrace-clienttrace",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.dynamic-httptrace-clienttrace.dynamic-httptrace-clienttrace"
               },
-              "fullDescription": {
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as SQLAlchemy which will protect your queries."
+              "full_description": {
+                "text": "Detected a potentially dynamic ClientTrace. This occurred because semgrep could not find a static definition for '$TRACE'. Dynamic ClientTraces are dangerous because they deserialize function code to run when certain Request events occur, which could lead to code being run without your knowledge. Ensure that your ClientTrace is statically defined."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.dynamic-httptrace-clienttrace.dynamic-httptrace-clienttrace",
               "help": {
-                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as SQLAlchemy which will protect your queries.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql](https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql)\n - [https://www.tutorialspoint.com/sqlalchemy/sqlalchemy_quick_guide.htm](https://www.tutorialspoint.com/sqlalchemy/sqlalchemy_quick_guide.htm)\n - [https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-more-specific-text-with-table-expression-literal-column-and-expression-column](https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-more-specific-text-with-table-expression-literal-column-and-expression-column)\n",
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as SQLAlchemy which will protect your queries.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a potentially dynamic ClientTrace. This occurred because semgrep could not find a static definition for '$TRACE'. Dynamic ClientTraces are dangerous because they deserialize function code to run when certain Request events occur, which could lead to code being run without your knowledge. Ensure that your ClientTrace is statically defined.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a potentially dynamic ClientTrace. This occurred because semgrep could not find a static definition for '$TRACE'. Dynamic ClientTraces are dangerous because they deserialize function code to run when certain Request events occur, which could lead to code being run without your knowledge. Ensure that your ClientTrace is statically defined.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.dynamic-httptrace-clienttrace.dynamic-httptrace-clienttrace)\n - [https://github.com/returntocorp/semgrep-rules/issues/518](https://github.com/returntocorp/semgrep-rules/issues/518)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.injection.tainted-sql-string.tainted-sql-string",
-              "id": "python.flask.security.injection.tainted-sql-string.tainted-sql-string",
-              "name": "python.flask.security.injection.tainted-sql-string.tainted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-704: Incorrect Type Conversion or Cast",
+                  "CWE-913: Improper Control of Dynamically-Managed Code Resources",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.injection.tainted-sql-string.tainted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "php.lang.security.ftp-use.ftp-use",
+              "name": "php.lang.security.ftp-use.ftp-use",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.ftp-use.ftp-use"
               },
-              "fullDescription": {
-                "text": "Twilio API Key detected"
+              "full_description": {
+                "text": "FTP allows for unencrypted file transfers. Consider using an encrypted alternative."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.ftp-use.ftp-use",
               "help": {
-                "markdown": "Twilio API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-twilio-api-key.detected-twilio-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Twilio API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "FTP allows for unencrypted file transfers. Consider using an encrypted alternative.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "FTP allows for unencrypted file transfers. Consider using an encrypted alternative.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.ftp-use.ftp-use)\n - [https://www.php.net/manual/en/intro.ftp.php](https://www.php.net/manual/en/intro.ftp.php)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/FringeFunctionsSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/FringeFunctionsSniff.php)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-twilio-api-key.detected-twilio-api-key",
-              "id": "generic.secrets.security.detected-twilio-api-key.detected-twilio-api-key",
-              "name": "generic.secrets.security.detected-twilio-api-key.detected-twilio-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-twilio-api-key.detected-twilio-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect",
+              "name": "java.spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect"
               },
-              "fullDescription": {
-                "text": "This GitHub Actions workflow file uses `pull_request_target` and checks out code from the incoming pull request. When using `pull_request_target`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations."
+              "full_description": {
+                "text": "Application redirects a user to a destination URL specified by a user supplied parameter that is not validated."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect",
               "help": {
-                "markdown": "This GitHub Actions workflow file uses `pull_request_target` and checks out code from the incoming pull request. When using `pull_request_target`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout)\n - [https://securitylab.github.com/research/github-actions-preventing-pwn-requests/](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)\n - [https://github.com/justinsteven/advisories/blob/master/2021_github_actions_checkspelling_token_leak_via_advice_symlink.md](https://github.com/justinsteven/advisories/blob/master/2021_github_actions_checkspelling_token_leak_via_advice_symlink.md)\n",
-                "text": "This GitHub Actions workflow file uses `pull_request_target` and checks out code from the incoming pull request. When using `pull_request_target`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Application redirects a user to a destination URL specified by a user supplied parameter that is not validated.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Application redirects a user to a destination URL specified by a user supplied parameter that is not validated.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout",
-              "id": "yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout",
-              "name": "yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-913: Improper Control of Dynamically-Managed Code Resources",
-                  "LOW CONFIDENCE",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.pycryptodome.security.insecure-hash-algorithm-md2.insecure-hash-algorithm-md2",
+              "name": "python.pycryptodome.security.insecure-hash-algorithm-md2.insecure-hash-algorithm-md2",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insecure-hash-algorithm-md2.insecure-hash-algorithm-md2"
               },
-              "fullDescription": {
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
+              "full_description": {
+                "text": "Detected MD2 hash algorithm which is considered insecure. MD2 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md2.insecure-hash-algorithm-md2",
               "help": {
-                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jsonwebtoken.security.jwt-none-alg.jwt-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected MD2 hash algorithm which is considered insecure. MD2 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected MD2 hash algorithm which is considered insecure. MD2 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md2.insecure-hash-algorithm-md2)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.jsonwebtoken.security.jwt-none-alg.jwt-none-alg",
-              "id": "javascript.jsonwebtoken.security.jwt-none-alg.jwt-none-alg",
-              "name": "javascript.jsonwebtoken.security.jwt-none-alg.jwt-none-alg",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -22101,80 +23206,81 @@
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.jsonwebtoken.security.jwt-none-alg.jwt-none-alg"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.superfluid-ctx-injection.superfluid-ctx-injection",
+              "name": "solidity.security.superfluid-ctx-injection.superfluid-ctx-injection",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.superfluid-ctx-injection.superfluid-ctx-injection"
               },
-              "fullDescription": {
-                "text": "An expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
+              "full_description": {
+                "text": "A specially crafted calldata may be used to impersonate other accounts"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.superfluid-ctx-injection.superfluid-ctx-injection",
               "help": {
-                "markdown": "An expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.el-injection.el-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "An expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A specially crafted calldata may be used to impersonate other accounts\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A specially crafted calldata may be used to impersonate other accounts\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.superfluid-ctx-injection.superfluid-ctx-injection)\n - [https://rekt.news/superfluid-rekt/](https://rekt.news/superfluid-rekt/)\n - [https://medium.com/superfluid-blog/08-02-22-exploit-post-mortem-15ff9c97cdd](https://medium.com/superfluid-blog/08-02-22-exploit-post-mortem-15ff9c97cdd)\n - [https://polygonscan.com/address/0x07711bb6dfbc99a1df1f2d7f57545a67519941e7](https://polygonscan.com/address/0x07711bb6dfbc99a1df1f2d7f57545a67519941e7)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.el-injection.el-injection",
-              "id": "java.lang.security.audit.el-injection.el-injection",
-              "name": "java.lang.security.audit.el-injection.el-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-20: Improper Input Validation",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.el-injection.el-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.chrome-remote-interface.security.audit.chrome-remote-interface-compilescript-injection.chrome-remote-interface-compilescript-injection",
+              "name": "javascript.chrome-remote-interface.security.audit.chrome-remote-interface-compilescript-injection.chrome-remote-interface-compilescript-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.chrome-remote-interface.security.audit.chrome-remote-interface-compilescript-injection.chrome-remote-interface-compilescript-injection"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`"
+              "full_description": {
+                "text": "If unverified user data can reach the `compileScript` method it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.chrome-remote-interface.security.audit.chrome-remote-interface-compilescript-injection.chrome-remote-interface-compilescript-injection",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.pymssql-sqli.pymssql-sqli)\n - [https://pypi.org/project/pymssql/](https://pypi.org/project/pymssql/)\n",
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `compileScript` method it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `compileScript` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.chrome-remote-interface.security.audit.chrome-remote-interface-compilescript-injection.chrome-remote-interface-compilescript-injection)\n - [https://github.com/cyrus-and/chrome-remote-interface](https://github.com/cyrus-and/chrome-remote-interface)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.pymssql-sqli.pymssql-sqli",
-              "id": "python.aws-lambda.security.pymssql-sqli.pymssql-sqli",
-              "name": "python.aws-lambda.security.pymssql-sqli.pymssql-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.pymssql-sqli.pymssql-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.xss.direct-response-write.direct-response-write",
+              "name": "javascript.express.security.audit.xss.direct-response-write.direct-response-write",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.direct-response-write.direct-response-write"
               },
-              "fullDescription": {
-                "text": "Detected data rendered directly to the end user via 'Response'. This bypasses Pyramid's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Pyramid's template engines to safely render HTML."
+              "full_description": {
+                "text": "Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.direct-response-write.direct-response-write",
               "help": {
-                "markdown": "Detected data rendered directly to the end user via 'Response'. This bypasses Pyramid's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Pyramid's template engines to safely render HTML.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pyramid.security.direct-use-of-response.pyramid-direct-use-of-response)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected data rendered directly to the end user via 'Response'. This bypasses Pyramid's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Pyramid's template engines to safely render HTML.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.direct-response-write.direct-response-write)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pyramid.security.direct-use-of-response.pyramid-direct-use-of-response",
-              "id": "python.pyramid.security.direct-use-of-response.pyramid-direct-use-of-response",
-              "name": "python.pyramid.security.direct-use-of-response.pyramid-direct-use-of-response",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -22184,2460 +23290,2532 @@
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pyramid.security.direct-use-of-response.pyramid-direct-use-of-response"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.mcrypt-use.mcrypt-use",
+              "name": "php.lang.security.mcrypt-use.mcrypt-use",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.mcrypt-use.mcrypt-use"
               },
-              "fullDescription": {
-                "text": "The AWS Kinesis stream does not encrypt data at rest. The data could be read if the Kinesis stream storage layer is compromised. Enable Kinesis stream server-side encryption."
+              "full_description": {
+                "text": "Mcrypt functionality has been deprecated and/or removed in recent PHP versions. Consider using Sodium or OpenSSL."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.mcrypt-use.mcrypt-use",
               "help": {
-                "markdown": "The AWS Kinesis stream does not encrypt data at rest. The data could be read if the Kinesis stream storage layer is compromised. Enable Kinesis stream server-side encryption.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-kinesis-stream-unencrypted.aws-kinesis-stream-unencrypted)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_stream#encryption_type](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_stream#encryption_type)\n - [https://docs.aws.amazon.com/streams/latest/dev/server-side-encryption.html](https://docs.aws.amazon.com/streams/latest/dev/server-side-encryption.html)\n",
-                "text": "The AWS Kinesis stream does not encrypt data at rest. The data could be read if the Kinesis stream storage layer is compromised. Enable Kinesis stream server-side encryption.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Mcrypt functionality has been deprecated and/or removed in recent PHP versions. Consider using Sodium or OpenSSL.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Mcrypt functionality has been deprecated and/or removed in recent PHP versions. Consider using Sodium or OpenSSL.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.mcrypt-use.mcrypt-use)\n - [https://www.php.net/manual/en/intro.mcrypt.php](https://www.php.net/manual/en/intro.mcrypt.php)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/CryptoFunctionsSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/CryptoFunctionsSniff.php)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-kinesis-stream-unencrypted.aws-kinesis-stream-unencrypted",
-              "id": "terraform.aws.security.aws-kinesis-stream-unencrypted.aws-kinesis-stream-unencrypted",
-              "name": "terraform.aws.security.aws-kinesis-stream-unencrypted.aws-kinesis-stream-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-676: Use of Potentially Dangerous Function",
+                  "LOW CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-kinesis-stream-unencrypted.aws-kinesis-stream-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.kubernetes.security.env.flask-debugging-enabled.flask-debugging-enabled",
+              "name": "yaml.kubernetes.security.env.flask-debugging-enabled.flask-debugging-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.env.flask-debugging-enabled.flask-debugging-enabled"
               },
-              "fullDescription": {
-                "text": "The SoapFormatter type is dangerous and is not recommended for data processing. Applications should stop using SoapFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. SoapFormatter is insecure and can't be made secure"
+              "full_description": {
+                "text": "Do not set FLASK_ENV to \"development\" since that sets `debug=True` in Flask. Use \"dev\" or a similar term instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.env.flask-debugging-enabled.flask-debugging-enabled",
               "help": {
-                "markdown": "The SoapFormatter type is dangerous and is not recommended for data processing. Applications should stop using SoapFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. SoapFormatter is insecure and can't be made secure\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.soap-formatter.insecure-soapformatter-deserialization)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.formatters.soap.soapformatter?view=netframework-4.8#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.serialization.formatters.soap.soapformatter?view=netframework-4.8#remarks)\n",
-                "text": "The SoapFormatter type is dangerous and is not recommended for data processing. Applications should stop using SoapFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. SoapFormatter is insecure and can't be made secure\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Do not set FLASK_ENV to \"development\" since that sets `debug=True` in Flask. Use \"dev\" or a similar term instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Do not set FLASK_ENV to \"development\" since that sets `debug=True` in Flask. Use \"dev\" or a similar term instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.env.flask-debugging-enabled.flask-debugging-enabled)\n - [https://flask.palletsprojects.com/en/2.0.x/debugging/](https://flask.palletsprojects.com/en/2.0.x/debugging/)\n - [https://flask.palletsprojects.com/en/2.0.x/config/#ENV](https://flask.palletsprojects.com/en/2.0.x/config/#ENV)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.soap-formatter.insecure-soapformatter-deserialization",
-              "id": "csharp.lang.security.insecure-deserialization.soap-formatter.insecure-soapformatter-deserialization",
-              "name": "csharp.lang.security.insecure-deserialization.soap-formatter.insecure-soapformatter-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-489: Active Debug Code",
+                  "LOW CONFIDENCE",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.soap-formatter.insecure-soapformatter-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-sqs-queue-policy-wildcard-principal.aws-sqs-queue-policy-wildcard-principal",
+              "name": "terraform.aws.security.aws-sqs-queue-policy-wildcard-principal.aws-sqs-queue-policy-wildcard-principal",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-sqs-queue-policy-wildcard-principal.aws-sqs-queue-policy-wildcard-principal"
               },
-              "fullDescription": {
-                "text": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY."
+              "full_description": {
+                "text": "Wildcard used in your SQS queue policy principal. This grants access to all users, including anonymous users (public access). Unless you explicitly require anyone on the internet to be able to read or write to your queue, limit principals, actions and resources to what you need according to least privilege."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-sqs-queue-policy-wildcard-principal.aws-sqs-queue-policy-wildcard-principal",
               "help": {
-                "markdown": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.ecb-cipher.ecb-cipher)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Cipher in ECB mode is detected. ECB mode produces the same output for the same input each time which allows an attacker to intercept and replay the data. Further, ECB mode does not provide any integrity checking. See https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Wildcard used in your SQS queue policy principal. This grants access to all users, including anonymous users (public access). Unless you explicitly require anyone on the internet to be able to read or write to your queue, limit principals, actions and resources to what you need according to least privilege.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Wildcard used in your SQS queue policy principal. This grants access to all users, including anonymous users (public access). Unless you explicitly require anyone on the internet to be able to read or write to your queue, limit principals, actions and resources to what you need according to least privilege.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-sqs-queue-policy-wildcard-principal.aws-sqs-queue-policy-wildcard-principal)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy)\n - [https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-security-best-practices.html](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-security-best-practices.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.ecb-cipher.ecb-cipher",
-              "id": "kotlin.lang.security.ecb-cipher.ecb-cipher",
-              "name": "kotlin.lang.security.ecb-cipher.ecb-cipher",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.ecb-cipher.ecb-cipher"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "ruby.rails.security.audit.xss.avoid-content-tag.avoid-content-tag",
+              "name": "ruby.rails.security.audit.xss.avoid-content-tag.avoid-content-tag",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-content-tag.avoid-content-tag"
               },
-              "fullDescription": {
-                "text": "Auditing is not enabled for DocumentDB. To ensure that you are able to accurately audit the usage of your DocumentDB cluster, you should enable auditing and export logs to CloudWatch."
+              "full_description": {
+                "text": "'content_tag()' bypasses HTML escaping for some portion of the content. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here. If you must do this, create your HTML manually and use 'html_safe'. Ensure no external data enters the HTML-safe string!"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-content-tag.avoid-content-tag",
               "help": {
-                "markdown": "Auditing is not enabled for DocumentDB. To ensure that you are able to accurately audit the usage of your DocumentDB cluster, you should enable auditing and export logs to CloudWatch.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-documentdb-auditing-disabled.aws-documentdb-auditing-disabled)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#enabled_cloudwatch_logs_exports](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#enabled_cloudwatch_logs_exports)\n - [https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/](https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/)\n",
-                "text": "Auditing is not enabled for DocumentDB. To ensure that you are able to accurately audit the usage of your DocumentDB cluster, you should enable auditing and export logs to CloudWatch.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'content_tag()' bypasses HTML escaping for some portion of the content. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here. If you must do this, create your HTML manually and use 'html_safe'. Ensure no external data enters the HTML-safe string!\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'content_tag()' bypasses HTML escaping for some portion of the content. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here. If you must do this, create your HTML manually and use 'html_safe'. Ensure no external data enters the HTML-safe string!\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-content-tag.avoid-content-tag)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/template_injection/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/template_injection/index.markdown)\n - [https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/](https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-documentdb-auditing-disabled.aws-documentdb-auditing-disabled",
-              "id": "terraform.aws.security.aws-documentdb-auditing-disabled.aws-documentdb-auditing-disabled",
-              "name": "terraform.aws.security.aws-documentdb-auditing-disabled.aws-documentdb-auditing-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-778: Insufficient Logging",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A09:2021 - Security Logging and Monitoring Failures",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-documentdb-auditing-disabled.aws-documentdb-auditing-disabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.avoid-tainted-shell-call.avoid-tainted-shell-call",
+              "name": "ruby.rails.security.audit.avoid-tainted-shell-call.avoid-tainted-shell-call",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.avoid-tainted-shell-call.avoid-tainted-shell-call"
               },
-              "fullDescription": {
-                "text": "Checks for outgoing connections to ftp servers. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network."
+              "full_description": {
+                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-shell-call.avoid-tainted-shell-call",
               "help": {
-                "markdown": "Checks for outgoing connections to ftp servers. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.ftp-request.ftp-request)\n - [https://www.codejava.net/java-se/ftp/connect-and-login-to-a-ftp-server](https://www.codejava.net/java-se/ftp/connect-and-login-to-a-ftp-server)\n - [https://commons.apache.org/proper/commons-net/apidocs/org/apache/commons/net/ftp/FTPClient.html](https://commons.apache.org/proper/commons-net/apidocs/org/apache/commons/net/ftp/FTPClient.html)\n",
-                "text": "Checks for outgoing connections to ftp servers. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-shell-call.avoid-tainted-shell-call)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.ftp-request.ftp-request",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.ftp-request.ftp-request",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.ftp-request.ftp-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.ftp-request.ftp-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.code.user-eval-format-string.user-eval-format-string",
+              "name": "python.django.security.injection.code.user-eval-format-string.user-eval-format-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.code.user-eval-format-string.user-eval-format-string"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `wkhtmltoimage` it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute remote code. See https://owasp.org/www-community/attacks/Code_Injection for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.code.user-eval-format-string.user-eval-format-string",
               "help": {
-                "markdown": "If unverified user data can reach the `wkhtmltoimage` it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.wkhtmltoimage.security.audit.wkhtmltoimage-injection.wkhtmltoimage-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `wkhtmltoimage` it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute remote code. See https://owasp.org/www-community/attacks/Code_Injection for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute remote code. See https://owasp.org/www-community/attacks/Code_Injection for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.code.user-eval-format-string.user-eval-format-string)\n - [https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html](https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.wkhtmltoimage.security.audit.wkhtmltoimage-injection.wkhtmltoimage-injection",
-              "id": "javascript.wkhtmltoimage.security.audit.wkhtmltoimage-injection.wkhtmltoimage-injection",
-              "name": "javascript.wkhtmltoimage.security.audit.wkhtmltoimage-injection.wkhtmltoimage-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.wkhtmltoimage.security.audit.wkhtmltoimage-injection.wkhtmltoimage-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure",
+              "name": "python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure"
               },
-              "fullDescription": {
-                "text": "Deserialization of a string tainted by `event` object found. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of `load` can cause remote code execution. Loading user input with MARSHAL, YAML or CSV can potentially be dangerous. If you need to deserialize untrusted data, you should use JSON as it is only capable of returning 'primitive' types such as strings, arrays, hashes, numbers and nil."
+              "full_description": {
+                "text": "Detected a python logger call with a potential hardcoded secret $FORMAT_STRING being logged. This may lead to secret credentials being exposed. Make sure that the logger is not logging  sensitive information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure",
               "help": {
-                "markdown": "Deserialization of a string tainted by `event` object found. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of `load` can cause remote code execution. Loading user input with MARSHAL, YAML or CSV can potentially be dangerous. If you need to deserialize untrusted data, you should use JSON as it is only capable of returning 'primitive' types such as strings, arrays, hashes, numbers and nil.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.tainted-deserialization.tainted-deserialization)\n - [https://ruby-doc.org/core-3.1.2/doc/security_rdoc.html](https://ruby-doc.org/core-3.1.2/doc/security_rdoc.html)\n - [https://groups.google.com/g/rubyonrails-security/c/61bkgvnSGTQ/m/nehwjA8tQ8EJ](https://groups.google.com/g/rubyonrails-security/c/61bkgvnSGTQ/m/nehwjA8tQ8EJ)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_deserialize.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_deserialize.rb)\n",
-                "text": "Deserialization of a string tainted by `event` object found. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of `load` can cause remote code execution. Loading user input with MARSHAL, YAML or CSV can potentially be dangerous. If you need to deserialize untrusted data, you should use JSON as it is only capable of returning 'primitive' types such as strings, arrays, hashes, numbers and nil.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a python logger call with a potential hardcoded secret $FORMAT_STRING being logged. This may lead to secret credentials being exposed. Make sure that the logger is not logging  sensitive information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a python logger call with a potential hardcoded secret $FORMAT_STRING being logged. This may lead to secret credentials being exposed. Make sure that the logger is not logging  sensitive information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure)\n - [https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures](https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.aws-lambda.security.tainted-deserialization.tainted-deserialization",
-              "id": "ruby.aws-lambda.security.tainted-deserialization.tainted-deserialization",
-              "name": "ruby.aws-lambda.security.tainted-deserialization.tainted-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
+                  "CWE-532: Insertion of Sensitive Information into Log File",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A09:2021 - Security Logging and Monitoring Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.aws-lambda.security.tainted-deserialization.tainted-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ocaml.lang.portability.slash-tmp.not-portable-tmp-string",
+              "name": "ocaml.lang.portability.slash-tmp.not-portable-tmp-string",
+              "short_description": {
+                "text": "Semgrep Finding: ocaml.lang.portability.slash-tmp.not-portable-tmp-string"
               },
-              "fullDescription": {
-                "text": "`$STR.replace` method will only replace the first occurrence when used with a string argument ($CHAR). If this method is used for escaping of dangerous data then there is a possibility for a bypass. Try to use sanitization library instead or use a Regex with a global flag."
+              "full_description": {
+                "text": "You should probably use Filename.get_temp_dirname()."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ocaml.lang.portability.slash-tmp.not-portable-tmp-string",
               "help": {
-                "markdown": "`$STR.replace` method will only replace the first occurrence when used with a string argument ($CHAR). If this method is used for escaping of dangerous data then there is a possibility for a bypass. Try to use sanitization library instead or use a Regex with a global flag.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "`$STR.replace` method will only replace the first occurrence when used with a string argument ($CHAR). If this method is used for escaping of dangerous data then there is a possibility for a bypass. Try to use sanitization library instead or use a Regex with a global flag.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "You should probably use Filename.get_temp_dirname().\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "You should probably use Filename.get_temp_dirname().\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.portability.slash-tmp.not-portable-tmp-string)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization",
-              "id": "javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization",
-              "name": "javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-116: Improper Encoding or Escaping of Output",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.js-node.rest-http-client-support.rest-http-client-support",
+              "name": "problem-based-packs.insecure-transport.js-node.rest-http-client-support.rest-http-client-support",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.rest-http-client-support.rest-http-client-support"
               },
-              "fullDescription": {
-                "text": "`$POLICY` is missing a `condition` block which scopes users of this policy to specific GitHub repositories. Without this, `$POLICY` is open to all users on GitHub. Add a `condition` block on the variable `token.actions.githubusercontent.com:sub` which scopes it to prevent this."
+              "full_description": {
+                "text": "Checks for requests to http (unencrypted) sites using some of node js's most popular REST/HTTP libraries, including node-rest-client, axios, and got."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.rest-http-client-support.rest-http-client-support",
               "help": {
-                "markdown": "`$POLICY` is missing a `condition` block which scopes users of this policy to specific GitHub repositories. Without this, `$POLICY` is open to all users on GitHub. Add a `condition` block on the variable `token.actions.githubusercontent.com:sub` which scopes it to prevent this.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.unrestricted-github-oidc-policy.unrestricted-github-oidc-policy)\n - [https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services#configuring-the-role-and-trust-policy](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services#configuring-the-role-and-trust-policy)\n - [https://dagrz.com/writing/aws-security/hacking-github-aws-oidc/](https://dagrz.com/writing/aws-security/hacking-github-aws-oidc/)\n",
-                "text": "`$POLICY` is missing a `condition` block which scopes users of this policy to specific GitHub repositories. Without this, `$POLICY` is open to all users on GitHub. Add a `condition` block on the variable `token.actions.githubusercontent.com:sub` which scopes it to prevent this.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests to http (unencrypted) sites using some of node js's most popular REST/HTTP libraries, including node-rest-client, axios, and got.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests to http (unencrypted) sites using some of node js's most popular REST/HTTP libraries, including node-rest-client, axios, and got.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.rest-http-client-support.rest-http-client-support)\n - [https://www.npmjs.com/package/axios](https://www.npmjs.com/package/axios)\n - [https://www.npmjs.com/package/got](https://www.npmjs.com/package/got)\n - [https://www.npmjs.com/package/node-rest-client](https://www.npmjs.com/package/node-rest-client)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.unrestricted-github-oidc-policy.unrestricted-github-oidc-policy",
-              "id": "terraform.aws.security.unrestricted-github-oidc-policy.unrestricted-github-oidc-policy",
-              "name": "terraform.aws.security.unrestricted-github-oidc-policy.unrestricted-github-oidc-policy",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-284: Improper Access Control",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Sensitive Data Exposure",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.unrestricted-github-oidc-policy.unrestricted-github-oidc-policy"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.remote-property-injection.remote-property-injection",
+              "name": "javascript.express.security.audit.remote-property-injection.remote-property-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.remote-property-injection.remote-property-injection"
               },
-              "fullDescription": {
-                "text": "Detected possible DOM-based XSS. This occurs because a portion of the URL is being used to construct an element added directly to the page. For example, a malicious actor could send someone a link like this: http://www.some.site/page.html?default=<script>alert(document.cookie)</script> which would add the script to the page. Consider allowlisting appropriate values or using an approach which does not involve the URL."
+              "full_description": {
+                "text": "Bracket object notation with user input is present, this might allow an attacker to access all properties of the object and even it's prototype. Use literal values for object properties."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.remote-property-injection.remote-property-injection",
               "help": {
-                "markdown": "Detected possible DOM-based XSS. This occurs because a portion of the URL is being used to construct an element added directly to the page. For example, a malicious actor could send someone a link like this: http://www.some.site/page.html?default=<script>alert(document.cookie)</script> which would add the script to the page. Consider allowlisting appropriate values or using an approach which does not involve the URL.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.dom-based-xss.dom-based-xss)\n - [https://owasp.org/www-community/attacks/DOM_Based_XSS](https://owasp.org/www-community/attacks/DOM_Based_XSS)\n",
-                "text": "Detected possible DOM-based XSS. This occurs because a portion of the URL is being used to construct an element added directly to the page. For example, a malicious actor could send someone a link like this: http://www.some.site/page.html?default=<script>alert(document.cookie)</script> which would add the script to the page. Consider allowlisting appropriate values or using an approach which does not involve the URL.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Bracket object notation with user input is present, this might allow an attacker to access all properties of the object and even it's prototype. Use literal values for object properties.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Bracket object notation with user input is present, this might allow an attacker to access all properties of the object and even it's prototype. Use literal values for object properties.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.remote-property-injection.remote-property-injection)\n - [https://github.com/nodesecurity/eslint-plugin-security/blob/3c7522ca1be800353513282867a1034c795d9eb4/docs/the-dangers-of-square-bracket-notation.md](https://github.com/nodesecurity/eslint-plugin-security/blob/3c7522ca1be800353513282867a1034c795d9eb4/docs/the-dangers-of-square-bracket-notation.md)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.browser.security.dom-based-xss.dom-based-xss",
-              "id": "javascript.browser.security.dom-based-xss.dom-based-xss",
-              "name": "javascript.browser.security.dom-based-xss.dom-based-xss",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-522: Insufficiently Protected Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.browser.security.dom-based-xss.dom-based-xss"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "python.lang.security.dangerous-os-exec.dangerous-os-exec",
+              "name": "python.lang.security.dangerous-os-exec.dangerous-os-exec",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.dangerous-os-exec.dangerous-os-exec"
               },
-              "fullDescription": {
-                "text": "Ensure that the expiration date is set on all keys"
+              "full_description": {
+                "text": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.dangerous-os-exec.dangerous-os-exec",
               "help": {
-                "markdown": "Ensure that the expiration date is set on all keys\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-ensure-key-expires.keyvault-ensure-key-expires)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key#expiration_date](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key#expiration_date)\n - [https://docs.microsoft.com/en-us/powershell/module/az.keyvault/update-azkeyvaultkey?view=azps-5.8.0#example-1--modify-a-key-to-enable-it--and-set-the-expiration-date-and-tags](https://docs.microsoft.com/en-us/powershell/module/az.keyvault/update-azkeyvaultkey?view=azps-5.8.0#example-1--modify-a-key-to-enable-it--and-set-the-expiration-date-and-tags)\n",
-                "text": "Ensure that the expiration date is set on all keys\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-os-exec.dangerous-os-exec)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-ensure-key-expires.keyvault-ensure-key-expires",
-              "id": "terraform.azure.security.keyvault.keyvault-ensure-key-expires.keyvault-ensure-key-expires",
-              "name": "terraform.azure.security.keyvault.keyvault-ensure-key-expires.keyvault-ensure-key-expires",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-262: Not Using Password Aging",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.keyvault.keyvault-ensure-key-expires.keyvault-ensure-key-expires"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.require-request.require-request",
+              "name": "javascript.express.security.require-request.require-request",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.require-request.require-request"
               },
-              "fullDescription": {
-                "text": "Detected non-static command inside $EXEC. Audit the input to '$EXEC'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              "full_description": {
+                "text": "If an attacker controls the x in require(x) then they can cause code to load that was not intended to run on the server."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.require-request.require-request",
               "help": {
-                "markdown": "Detected non-static command inside $EXEC. Audit the input to '$EXEC'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.dangerous-exec.dangerous-exec)\n - [https://guides.rubyonrails.org/security.html#command-line-injection](https://guides.rubyonrails.org/security.html#command-line-injection)\n",
-                "text": "Detected non-static command inside $EXEC. Audit the input to '$EXEC'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If an attacker controls the x in require(x) then they can cause code to load that was not intended to run on the server.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If an attacker controls the x in require(x) then they can cause code to load that was not intended to run on the server.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.require-request.require-request)\n - [https://github.com/google/node-sec-roadmap/blob/master/chapter-2/dynamism.md#dynamism-when-you-need-it](https://github.com/google/node-sec-roadmap/blob/master/chapter-2/dynamism.md#dynamism-when-you-need-it)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.dangerous-exec.dangerous-exec",
-              "id": "ruby.lang.security.dangerous-exec.dangerous-exec",
-              "name": "ruby.lang.security.dangerous-exec.dangerous-exec",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-706: Use of Incorrectly-Resolved Name or Reference",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.dangerous-exec.dangerous-exec"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.servlets.security.cookie-issecure-false.cookie-issecure-false",
+              "name": "java.servlets.security.cookie-issecure-false.cookie-issecure-false",
+              "short_description": {
+                "text": "Semgrep Finding: java.servlets.security.cookie-issecure-false.cookie-issecure-false"
               },
-              "fullDescription": {
-                "text": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands."
+              "full_description": {
+                "text": "Default session middleware settings: `setSecure` not set to true. This ensures that the cookie is sent only over HTTPS to prevent cross-site scripting attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.servlets.security.cookie-issecure-false.cookie-issecure-false",
               "help": {
-                "markdown": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-spawn-process.dangerous-spawn-process)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n",
-                "text": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Default session middleware settings: `setSecure` not set to true. This ensures that the cookie is sent only over HTTPS to prevent cross-site scripting attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Default session middleware settings: `setSecure` not set to true. This ensures that the cookie is sent only over HTTPS to prevent cross-site scripting attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.servlets.security.cookie-issecure-false.cookie-issecure-false)\n - [https://docs.oracle.com/javaee/6/api/javax/servlet/http/Cookie.html#setSecure(boolean)](https://docs.oracle.com/javaee/6/api/javax/servlet/http/Cookie.html#setSecure(boolean))\n - [https://owasp.org/www-community/controls/SecureCookieAttribute](https://owasp.org/www-community/controls/SecureCookieAttribute)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.dangerous-spawn-process.dangerous-spawn-process",
-              "id": "python.lang.security.dangerous-spawn-process.dangerous-spawn-process",
-              "name": "python.lang.security.dangerous-spawn-process.dangerous-spawn-process",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.dangerous-spawn-process.dangerous-spawn-process"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization",
+              "name": "python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization"
               },
-              "fullDescription": {
-                "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
+              "full_description": {
+                "text": "Avoid using insecure deserialization library, backed by `pickle`, `_pickle`, `cpickle`, `dill`, `shelve`, or `yaml`, which are known to lead to remote code execution vulnerabilities."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization",
               "help": {
-                "markdown": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-pickle)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n",
-                "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using insecure deserialization library, backed by `pickle`, `_pickle`, `cpickle`, `dill`, `shelve`, or `yaml`, which are known to lead to remote code execution vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using insecure deserialization library, backed by `pickle`, `_pickle`, `cpickle`, `dill`, `shelve`, or `yaml`, which are known to lead to remote code execution vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-pickle",
-              "id": "python.lang.security.deserialization.pickle.avoid-pickle",
-              "name": "python.lang.security.deserialization.pickle.avoid-pickle",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A08:2017 - Insecure Deserialization",
                   "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.deserialization.pickle.avoid-pickle"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.sqlalchemy.performance.performance-improvements.batch-import",
+              "name": "python.sqlalchemy.performance.performance-improvements.batch-import",
+              "short_description": {
+                "text": "Semgrep Finding: python.sqlalchemy.performance.performance-improvements.batch-import"
               },
-              "fullDescription": {
-                "text": "Detected non-static command inside Exec. Audit the input to 'syscall.Exec'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code."
+              "full_description": {
+                "text": "Rather than adding one element at a time, consider batch loading to improve performance."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.sqlalchemy.performance.performance-improvements.batch-import",
               "help": {
-                "markdown": "Detected non-static command inside Exec. Audit the input to 'syscall.Exec'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.dangerous-syscall-exec.dangerous-syscall-exec)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected non-static command inside Exec. Audit the input to 'syscall.Exec'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Rather than adding one element at a time, consider batch loading to improve performance.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Rather than adding one element at a time, consider batch loading to improve performance.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sqlalchemy.performance.performance-improvements.batch-import)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.dangerous-syscall-exec.dangerous-syscall-exec",
-              "id": "go.lang.security.audit.dangerous-syscall-exec.dangerous-syscall-exec",
-              "name": "go.lang.security.audit.dangerous-syscall-exec.dangerous-syscall-exec",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.dangerous-syscall-exec.dangerous-syscall-exec"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.memory.memory-marshal-create-span.memory-marshal-create-span",
+              "name": "csharp.lang.security.memory.memory-marshal-create-span.memory-marshal-create-span",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.memory.memory-marshal-create-span.memory-marshal-create-span"
               },
-              "fullDescription": {
-                "text": "If user input reaches `HoverProvider` while `supportHml` is set to `true` it may introduce an XSS vulnerability. Do not produce HTML for hovers with dynamically generated input."
+              "full_description": {
+                "text": "MemoryMarshal.CreateSpan and MemoryMarshal.CreateReadOnlySpan should be used with caution, as the length argument is not checked."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.memory.memory-marshal-create-span.memory-marshal-create-span",
               "help": {
-                "markdown": "If user input reaches `HoverProvider` while `supportHml` is set to `true` it may introduce an XSS vulnerability. Do not produce HTML for hovers with dynamically generated input.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.monaco-editor.security.audit.monaco-hover-htmlsupport.monaco-hover-htmlsupport)\n - [https://github.com/microsoft/monaco-editor/issues/801](https://github.com/microsoft/monaco-editor/issues/801)\n",
-                "text": "If user input reaches `HoverProvider` while `supportHml` is set to `true` it may introduce an XSS vulnerability. Do not produce HTML for hovers with dynamically generated input.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "MemoryMarshal.CreateSpan and MemoryMarshal.CreateReadOnlySpan should be used with caution, as the length argument is not checked.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "MemoryMarshal.CreateSpan and MemoryMarshal.CreateReadOnlySpan should be used with caution, as the length argument is not checked.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.memory.memory-marshal-create-span.memory-marshal-create-span)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.runtime.interopservices.memorymarshal.createspan?view=net-6.0](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.interopservices.memorymarshal.createspan?view=net-6.0)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.runtime.interopservices.memorymarshal.createreadonlyspan?view=net-6.0](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.interopservices.memorymarshal.createreadonlyspan?view=net-6.0)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.monaco-editor.security.audit.monaco-hover-htmlsupport.monaco-hover-htmlsupport",
-              "id": "javascript.monaco-editor.security.audit.monaco-hover-htmlsupport.monaco-hover-htmlsupport",
-              "name": "javascript.monaco-editor.security.audit.monaco-hover-htmlsupport.monaco-hover-htmlsupport",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-125: Out-of-bounds Read",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.monaco-editor.security.audit.monaco-hover-htmlsupport.monaco-hover-htmlsupport"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.aws-lambda.security.tainted-html-string.tainted-html-string",
+              "name": "javascript.aws-lambda.security.tainted-html-string.tainted-html-string",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.tainted-html-string.tainted-html-string"
               },
-              "fullDescription": {
-                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized."
+              "full_description": {
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.tainted-html-string.tainted-html-string",
               "help": {
-                "markdown": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.dangerous-seq-run.dangerous-seq-run)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Found dynamic content used for the external process. This is dangerous if arbitrary data can reach this function call because it allows a malicious actor to execute commands. Ensure your variables are not controlled by users or sufficiently sanitized.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.tainted-html-string.tainted-html-string)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.dangerous-seq-run.dangerous-seq-run",
-              "id": "scala.lang.security.audit.dangerous-seq-run.dangerous-seq-run",
-              "name": "scala.lang.security.audit.dangerous-seq-run.dangerous-seq-run",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.dangerous-seq-run.dangerous-seq-run"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.xml2json.security.audit.xml2json-xxe.xml2json-xxe",
+              "name": "javascript.xml2json.security.audit.xml2json-xxe.xml2json-xxe",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.xml2json.security.audit.xml2json-xxe.xml2json-xxe"
               },
-              "fullDescription": {
-                "text": "QuerySet.extra' does not provide safeguards against SQL injection and requires very careful use. SQL injection can lead to critical data being stolen by attackers. Instead of using '.extra', use the Django ORM and parameterized queries such as `People.objects.get(name='Bob')`."
+              "full_description": {
+                "text": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.xml2json.security.audit.xml2json-xxe.xml2json-xxe",
               "help": {
-                "markdown": "QuerySet.extra' does not provide safeguards against SQL injection and requires very careful use. SQL injection can lead to critical data being stolen by attackers. Instead of using '.extra', use the Django ORM and parameterized queries such as `People.objects.get(name='Bob')`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.query-set-extra.avoid-query-set-extra)\n - [https://docs.djangoproject.com/en/3.0/ref/models/querysets/#django.db.models.query.QuerySet.extra](https://docs.djangoproject.com/en/3.0/ref/models/querysets/#django.db.models.query.QuerySet.extra)\n - [https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/](https://semgrep.dev/blog/2020/preventing-sql-injection-a-django-authors-perspective/)\n",
-                "text": "QuerySet.extra' does not provide safeguards against SQL injection and requires very careful use. SQL injection can lead to critical data being stolen by attackers. Instead of using '.extra', use the Django ORM and parameterized queries such as `People.objects.get(name='Bob')`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.xml2json.security.audit.xml2json-xxe.xml2json-xxe)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.query-set-extra.avoid-query-set-extra",
-              "id": "python.django.security.audit.query-set-extra.avoid-query-set-extra",
-              "name": "python.django.security.audit.query-set-extra.avoid-query-set-extra",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.query-set-extra.avoid-query-set-extra"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.xss.templates.alias-for-html-safe.alias-for-html-safe",
+              "name": "ruby.rails.security.audit.xss.templates.alias-for-html-safe.alias-for-html-safe",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.alias-for-html-safe.alias-for-html-safe"
               },
-              "fullDescription": {
-                "text": "Detected 'urllib.urlretrieve()' using 'ftp://'. This request will not be encrypted. Use SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP."
+              "full_description": {
+                "text": "The syntax `<%== ... %>` is an alias for `html_safe`. This means the content inside these tags will be rendered as raw HTML. This may expose your application to cross-site scripting. If you need raw HTML, prefer using the more explicit `html_safe` and be sure to correctly sanitize variables using a library such as DOMPurify."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.alias-for-html-safe.alias-for-html-safe",
               "help": {
-                "markdown": "Detected 'urllib.urlretrieve()' using 'ftp://'. This request will not be encrypted. Use SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve-ftp.insecure-urlretrieve-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.urlretrieve](https://docs.python.org/3/library/urllib.request.html#urllib.request.urlretrieve)\n",
-                "text": "Detected 'urllib.urlretrieve()' using 'ftp://'. This request will not be encrypted. Use SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The syntax `<%== ... %>` is an alias for `html_safe`. This means the content inside these tags will be rendered as raw HTML. This may expose your application to cross-site scripting. If you need raw HTML, prefer using the more explicit `html_safe` and be sure to correctly sanitize variables using a library such as DOMPurify.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The syntax `<%== ... %>` is an alias for `html_safe`. This means the content inside these tags will be rendered as raw HTML. This may expose your application to cross-site scripting. If you need raw HTML, prefer using the more explicit `html_safe` and be sure to correctly sanitize variables using a library such as DOMPurify.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.alias-for-html-safe.alias-for-html-safe)\n - [https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027](https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027)\n - [https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===](https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve-ftp.insecure-urlretrieve-ftp",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve-ftp.insecure-urlretrieve-ftp",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve-ftp.insecure-urlretrieve-ftp",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlretrieve-ftp.insecure-urlretrieve-ftp"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.iam.no-iam-resource-exposure.no-iam-resource-exposure",
+              "name": "terraform.lang.security.iam.no-iam-resource-exposure.no-iam-resource-exposure",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-resource-exposure.no-iam-resource-exposure"
               },
-              "fullDescription": {
-                "text": "Found user-controlled request data passed into a HttpResponseBadRequest. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed."
+              "full_description": {
+                "text": "Ensure IAM policies don't allow resource exposure. These actions can expose AWS resources to the public. For example `ecr:SetRepositoryPolicy` could let an attacker retrieve container images. Instead, use another action that doesn't expose AWS resources."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-resource-exposure.no-iam-resource-exposure",
               "help": {
-                "markdown": "Found user-controlled request data passed into a HttpResponseBadRequest. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.reflected-data-httpresponsebadrequest.reflected-data-httpresponsebadrequest)\n - [https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss](https://django-book.readthedocs.io/en/latest/chapter20.html#cross-site-scripting-xss)\n",
-                "text": "Found user-controlled request data passed into a HttpResponseBadRequest. This could be vulnerable to XSS, leading to attackers gaining access to user cookies and protected information. Ensure that the request data is properly escaped or sanitzed.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure IAM policies don't allow resource exposure. These actions can expose AWS resources to the public. For example `ecr:SetRepositoryPolicy` could let an attacker retrieve container images. Instead, use another action that doesn't expose AWS resources.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure IAM policies don't allow resource exposure. These actions can expose AWS resources to the public. For example `ecr:SetRepositoryPolicy` could let an attacker retrieve container images. Instead, use another action that doesn't expose AWS resources.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-resource-exposure.no-iam-resource-exposure)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/resource-exposure/](https://cloudsplaining.readthedocs.io/en/latest/glossary/resource-exposure/)\n - [https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMPermissionsManagement.py](https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMPermissionsManagement.py)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.reflected-data-httpresponsebadrequest.reflected-data-httpresponsebadrequest",
-              "id": "python.django.security.injection.reflected-data-httpresponsebadrequest.reflected-data-httpresponsebadrequest",
-              "name": "python.django.security.injection.reflected-data-httpresponsebadrequest.reflected-data-httpresponsebadrequest",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.reflected-data-httpresponsebadrequest.reflected-data-httpresponsebadrequest"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.jwt.security.jwt-exposed-credentials.jwt-python-exposed-credentials",
+              "name": "python.jwt.security.jwt-exposed-credentials.jwt-python-exposed-credentials",
+              "short_description": {
+                "text": "Semgrep Finding: python.jwt.security.jwt-exposed-credentials.jwt-python-exposed-credentials"
               },
-              "fullDescription": {
-                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              "full_description": {
+                "text": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.jwt.security.jwt-exposed-credentials.jwt-python-exposed-credentials",
               "help": {
-                "markdown": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.injection.tainted-url-host.tainted-url-host)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n",
-                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.jwt.security.jwt-exposed-credentials.jwt-python-exposed-credentials)\n - [https://cwe.mitre.org/data/definitions/522.html](https://cwe.mitre.org/data/definitions/522.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.injection.tainted-url-host.tainted-url-host",
-              "id": "php.lang.security.injection.tainted-url-host.tainted-url-host",
-              "name": "php.lang.security.injection.tainted-url-host.tainted-url-host",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.injection.tainted-url-host.tainted-url-host"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.lang.security.detect-insecure-websocket.detect-insecure-websocket",
+              "name": "javascript.lang.security.detect-insecure-websocket.detect-insecure-websocket",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.detect-insecure-websocket.detect-insecure-websocket"
               },
-              "fullDescription": {
-                "text": "AWS Account ID detected. While not considered sensitive information, it is important to use them and share them carefully. For that reason it would be preferrable avoiding to hardcoded it here. Instead, read the value from an environment variable or keep the value in a separate, private file."
+              "full_description": {
+                "text": "Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.detect-insecure-websocket.detect-insecure-websocket",
               "help": {
-                "markdown": "AWS Account ID detected. While not considered sensitive information, it is important to use them and share them carefully. For that reason it would be preferrable avoiding to hardcoded it here. Instead, read the value from an environment variable or keep the value in a separate, private file.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-aws-account-id.detected-aws-account-id)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "AWS Account ID detected. While not considered sensitive information, it is important to use them and share them carefully. For that reason it would be preferrable avoiding to hardcoded it here. Instead, read the value from an environment variable or keep the value in a separate, private file.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-insecure-websocket.detect-insecure-websocket)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-aws-account-id.detected-aws-account-id",
-              "id": "generic.secrets.security.detected-aws-account-id.detected-aws-account-id",
-              "name": "generic.secrets.security.detected-aws-account-id.detected-aws-account-id",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-aws-account-id.detected-aws-account-id"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-md5",
+              "name": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-md5",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.use_of_weak_crypto.use-of-md5"
               },
-              "fullDescription": {
-                "text": "sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as or_, and_, etc.) to construct SQL."
+              "full_description": {
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-md5",
               "help": {
-                "markdown": "sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as or_, and_, etc.) to construct SQL.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text)\n - [https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql](https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql)\n",
-                "text": "sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as or_, and_, etc.) to construct SQL.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-md5)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text",
-              "id": "python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text",
-              "name": "python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-328: Use of Weak Hash",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.xxe.xmlreadersettings-unsafe-parser-override.xmlreadersettings-unsafe-parser-override",
+              "name": "csharp.lang.security.xxe.xmlreadersettings-unsafe-parser-override.xmlreadersettings-unsafe-parser-override",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.xxe.xmlreadersettings-unsafe-parser-override.xmlreadersettings-unsafe-parser-override"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`"
+              "full_description": {
+                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.xxe.xmlreadersettings-unsafe-parser-override.xmlreadersettings-unsafe-parser-override",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.psycopg-sqli.psycopg-sqli)\n - [https://www.psycopg.org/docs/cursor.html#cursor.execute](https://www.psycopg.org/docs/cursor.html#cursor.execute)\n - [https://www.psycopg.org/docs/cursor.html#cursor.executemany](https://www.psycopg.org/docs/cursor.html#cursor.executemany)\n - [https://www.psycopg.org/docs/cursor.html#cursor.mogrify](https://www.psycopg.org/docs/cursor.html#cursor.mogrify)\n",
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = %s', 'active')`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.xxe.xmlreadersettings-unsafe-parser-override.xmlreadersettings-unsafe-parser-override)\n - [https://www.jardinesoftware.net/2016/05/26/xxe-and-net/](https://www.jardinesoftware.net/2016/05/26/xxe-and-net/)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.psycopg-sqli.psycopg-sqli",
-              "id": "python.aws-lambda.security.psycopg-sqli.psycopg-sqli",
-              "name": "python.aws-lambda.security.psycopg-sqli.psycopg-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.psycopg-sqli.psycopg-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.path-traversal.path-traversal-open.path-traversal-open",
+              "name": "python.django.security.injection.path-traversal.path-traversal-open.path-traversal-open",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.path-traversal.path-traversal-open.path-traversal-open"
               },
-              "fullDescription": {
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              "full_description": {
+                "text": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks and therefore sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-open.path-traversal-open",
               "help": {
-                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n",
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks and therefore sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks and therefore sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-open.path-traversal-open)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
-              "id": "python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
-              "name": "python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "problem-based-packs.insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification",
+              "name": "problem-based-packs.insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification"
               },
-              "fullDescription": {
-                "text": "Detected asyncio subprocess function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'."
+              "full_description": {
+                "text": "Checks for disabling of TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification",
               "help": {
-                "markdown": "Detected asyncio subprocess function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-shell.dangerous-asyncio-shell)\n - [https://docs.python.org/3/library/asyncio-subprocess.html](https://docs.python.org/3/library/asyncio-subprocess.html)\n - [https://docs.python.org/3/library/shlex.html](https://docs.python.org/3/library/shlex.html)\n",
-                "text": "Detected asyncio subprocess function with argument tainted by `event` object. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for disabling of TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for disabling of TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification)\n - [https://stackoverflow.com/questions/12122159/how-to-do-a-https-request-with-bad-certificate](https://stackoverflow.com/questions/12122159/how-to-do-a-https-request-with-bad-certificate)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-asyncio-shell.dangerous-asyncio-shell",
-              "id": "python.aws-lambda.security.dangerous-asyncio-shell.dangerous-asyncio-shell",
-              "name": "python.aws-lambda.security.dangerous-asyncio-shell.dangerous-asyncio-shell",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-asyncio-shell.dangerous-asyncio-shell"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-multiprocess2",
+              "name": "python.lang.compatibility.python37.python37-compatibility-multiprocess2",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-multiprocess2"
               },
-              "fullDescription": {
-                "text": "Potential empty AES encryption key. Using an empty key in AES encryption can result in weak encryption and may allow attackers to easily decrypt sensitive data. Ensure that a strong, non-empty key is used for AES encryption."
+              "full_description": {
+                "text": "multiprocessing.Process.kill() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use terminate()."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-multiprocess2",
               "help": {
-                "markdown": "Potential empty AES encryption key. Using an empty key in AES encryption can result in weak encryption and may allow attackers to easily decrypt sensitive data. Ensure that a strong, non-empty key is used for AES encryption.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.empty-aes-key.empty-aes-key)\n - [https://cwe.mitre.org/data/definitions/327.html](https://cwe.mitre.org/data/definitions/327.html)\n - [https://cwe.mitre.org/data/definitions/310.html](https://cwe.mitre.org/data/definitions/310.html)\n",
-                "text": "Potential empty AES encryption key. Using an empty key in AES encryption can result in weak encryption and may allow attackers to easily decrypt sensitive data. Ensure that a strong, non-empty key is used for AES encryption.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "multiprocessing.Process.kill() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use terminate().\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "multiprocessing.Process.kill() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use terminate().\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-multiprocess2)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.cryptography.security.empty-aes-key.empty-aes-key",
-              "id": "python.cryptography.security.empty-aes-key.empty-aes-key",
-              "name": "python.cryptography.security.empty-aes-key.empty-aes-key",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-310: Cryptographic Issues",
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A6:2017 misconfiguration",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.cryptography.security.empty-aes-key.empty-aes-key"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.deserialization.pickle.avoid-cPickle",
+              "name": "python.lang.security.deserialization.pickle.avoid-cPickle",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.deserialization.pickle.avoid-cPickle"
               },
-              "fullDescription": {
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'."
+              "full_description": {
+                "text": "Avoid using `cPickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-cPickle",
               "help": {
-                "markdown": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.java-jwt.security.jwt-none-alg.java-jwt-none-alg)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected use of the 'none' algorithm in a JWT token. The 'none' algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a JWT token that will automatically be verified. Do not explicitly use the 'none' algorithm. Instead, use an algorithm such as 'HS256'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using `cPickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using `cPickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-cPickle)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.java-jwt.security.jwt-none-alg.java-jwt-none-alg",
-              "id": "java.java-jwt.security.jwt-none-alg.java-jwt-none-alg",
-              "name": "java.java-jwt.security.jwt-none-alg.java-jwt-none-alg",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.java-jwt.security.jwt-none-alg.java-jwt-none-alg"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.regular-expression-dos.regular-expression-dos.regular-expression-dos",
+              "name": "csharp.lang.security.regular-expression-dos.regular-expression-dos.regular-expression-dos",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.regular-expression-dos.regular-expression-dos.regular-expression-dos"
               },
-              "fullDescription": {
-                "text": "Conditions for Nginx H2C smuggling identified. H2C smuggling allows upgrading HTTP/1.1 connections to lesser-known HTTP/2 over cleartext (h2c) connections which can allow a bypass of reverse proxy access controls, and lead to long-lived, unrestricted HTTP traffic directly to back-end servers. To mitigate: WebSocket support required: Allow only the value websocket for HTTP/1.1 upgrade headers (e.g., Upgrade: websocket). WebSocket support not required: Do not forward Upgrade headers."
+              "full_description": {
+                "text": "When using `System.Text.RegularExpressions` to process untrusted input, pass a timeout.  A malicious user can provide input to `RegularExpressions` that abuses the backtracking behaviour of this regular expression engine. This will lead to excessive CPU usage, causing a Denial-of-Service attack"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.regular-expression-dos.regular-expression-dos.regular-expression-dos",
               "help": {
-                "markdown": "Conditions for Nginx H2C smuggling identified. H2C smuggling allows upgrading HTTP/1.1 connections to lesser-known HTTP/2 over cleartext (h2c) connections which can allow a bypass of reverse proxy access controls, and lead to long-lived, unrestricted HTTP traffic directly to back-end servers. To mitigate: WebSocket support required: Allow only the value websocket for HTTP/1.1 upgrade headers (e.g., Upgrade: websocket). WebSocket support not required: Do not forward Upgrade headers.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.possible-h2c-smuggling.possible-nginx-h2c-smuggling)\n - [https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c](https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c)\n",
-                "text": "Conditions for Nginx H2C smuggling identified. H2C smuggling allows upgrading HTTP/1.1 connections to lesser-known HTTP/2 over cleartext (h2c) connections which can allow a bypass of reverse proxy access controls, and lead to long-lived, unrestricted HTTP traffic directly to back-end servers. To mitigate: WebSocket support required: Allow only the value websocket for HTTP/1.1 upgrade headers (e.g., Upgrade: websocket). WebSocket support not required: Do not forward Upgrade headers.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "When using `System.Text.RegularExpressions` to process untrusted input, pass a timeout.  A malicious user can provide input to `RegularExpressions` that abuses the backtracking behaviour of this regular expression engine. This will lead to excessive CPU usage, causing a Denial-of-Service attack\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "When using `System.Text.RegularExpressions` to process untrusted input, pass a timeout.  A malicious user can provide input to `RegularExpressions` that abuses the backtracking behaviour of this regular expression engine. This will lead to excessive CPU usage, causing a Denial-of-Service attack\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.regular-expression-dos.regular-expression-dos.regular-expression-dos)\n - [https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)\n - [https://docs.microsoft.com/en-us/dotnet/standard/base-types/regular-expressions#regular-expression-examples](https://docs.microsoft.com/en-us/dotnet/standard/base-types/regular-expressions#regular-expression-examples)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.nginx.security.possible-h2c-smuggling.possible-nginx-h2c-smuggling",
-              "id": "generic.nginx.security.possible-h2c-smuggling.possible-nginx-h2c-smuggling",
-              "name": "generic.nginx.security.possible-h2c-smuggling.possible-nginx-h2c-smuggling",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
+                  "CWE-1333: Inefficient Regular Expression Complexity",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A01:2017 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.nginx.security.possible-h2c-smuggling.possible-nginx-h2c-smuggling"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.angular.security.detect-angular-open-redirect.detect-angular-open-redirect",
+              "name": "javascript.angular.security.detect-angular-open-redirect.detect-angular-open-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-open-redirect.detect-angular-open-redirect"
               },
-              "fullDescription": {
-                "text": "Ensure that groups of actions that include iam:PassRole and could result in privilege escalation are not all allowed for the same user. These actions could result in an attacker gaining full admin access of an AWS account. Try not to use these actions in conjuction."
+              "full_description": {
+                "text": "Use of $window.location.href can lead to open-redirect if user input is used for redirection."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-open-redirect.detect-angular-open-redirect",
               "help": {
-                "markdown": "Ensure that groups of actions that include iam:PassRole and could result in privilege escalation are not all allowed for the same user. These actions could result in an attacker gaining full admin access of an AWS account. Try not to use these actions in conjuction.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-roles.no-iam-priv-esc-roles)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/](https://cloudsplaining.readthedocs.io/en/latest/glossary/privilege-escalation/)\n - [https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/](https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/)\n",
-                "text": "Ensure that groups of actions that include iam:PassRole and could result in privilege escalation are not all allowed for the same user. These actions could result in an attacker gaining full admin access of an AWS account. Try not to use these actions in conjuction.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Use of $window.location.href can lead to open-redirect if user input is used for redirection.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use of $window.location.href can lead to open-redirect if user input is used for redirection.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-open-redirect.detect-angular-open-redirect)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsJs](https://docs.angularjs.org/api/ng/service/$sce#trustAsJs)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-priv-esc-roles.no-iam-priv-esc-roles",
-              "id": "terraform.lang.security.iam.no-iam-priv-esc-roles.no-iam-priv-esc-roles",
-              "name": "terraform.lang.security.iam.no-iam-priv-esc-roles.no-iam-priv-esc-roles",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-269: Improper Privilege Management",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-priv-esc-roles.no-iam-priv-esc-roles"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "swift.lang.storage.sensitive-storage-userdefaults.swift-user-defaults",
+              "name": "swift.lang.storage.sensitive-storage-userdefaults.swift-user-defaults",
+              "short_description": {
+                "text": "Semgrep Finding: swift.lang.storage.sensitive-storage-userdefaults.swift-user-defaults"
               },
-              "fullDescription": {
-                "text": "AWS AppSync GraphQL Key detected"
+              "full_description": {
+                "text": "Potentially sensitive data was observed to be stored in UserDefaults, which is not adequate protection of sensitive information. For data of a sensitive nature, applications should leverage the Keychain."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/swift.lang.storage.sensitive-storage-userdefaults.swift-user-defaults",
               "help": {
-                "markdown": "AWS AppSync GraphQL Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-aws-appsync-graphql-key.detected-aws-appsync-graphql-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "AWS AppSync GraphQL Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Potentially sensitive data was observed to be stored in UserDefaults, which is not adequate protection of sensitive information. For data of a sensitive nature, applications should leverage the Keychain.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Potentially sensitive data was observed to be stored in UserDefaults, which is not adequate protection of sensitive information. For data of a sensitive nature, applications should leverage the Keychain.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/swift.lang.storage.sensitive-storage-userdefaults.swift-user-defaults)\n - [https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/Articles/ValidatingInput.html](https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/Articles/ValidatingInput.html)\n - [https://mas.owasp.org/MASVS/controls/MASVS-STORAGE-1/](https://mas.owasp.org/MASVS/controls/MASVS-STORAGE-1/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-aws-appsync-graphql-key.detected-aws-appsync-graphql-key",
-              "id": "generic.secrets.security.detected-aws-appsync-graphql-key.detected-aws-appsync-graphql-key",
-              "name": "generic.secrets.security.detected-aws-appsync-graphql-key.detected-aws-appsync-graphql-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-311: Missing Encryption of Sensitive Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-aws-appsync-graphql-key.detected-aws-appsync-graphql-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.http.http-listener-wildcard-bindings.http-listener-wildcard-bindings",
+              "name": "csharp.lang.security.http.http-listener-wildcard-bindings.http-listener-wildcard-bindings",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.http.http-listener-wildcard-bindings.http-listener-wildcard-bindings"
               },
-              "fullDescription": {
-                "text": "Data from request ($DATA) is passed to redirect(). This is an open redirect and could be exploited. Ensure you are redirecting to safe URLs by using django.utils.http.is_safe_url(). See https://cwe.mitre.org/data/definitions/601.html for more information."
+              "full_description": {
+                "text": "The top level wildcard bindings $PREFIX leaves your application open to security vulnerabilities and give attackers more control over where traffic is routed. If you must use wildcards, consider using subdomain wildcard binding. For example, you can use \"*.asdf.gov\" if you own all of \"asdf.gov\"."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.http.http-listener-wildcard-bindings.http-listener-wildcard-bindings",
               "help": {
-                "markdown": "Data from request ($DATA) is passed to redirect(). This is an open redirect and could be exploited. Ensure you are redirecting to safe URLs by using django.utils.http.is_safe_url(). See https://cwe.mitre.org/data/definitions/601.html for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.open-redirect.open-redirect)\n - [https://www.djm.org.uk/posts/djangos-little-protections-word-redirect-dangers/](https://www.djm.org.uk/posts/djangos-little-protections-word-redirect-dangers/)\n - [https://github.com/django/django/blob/d1b7bd030b1db111e1a3505b1fc029ab964382cc/django/utils/http.py#L231](https://github.com/django/django/blob/d1b7bd030b1db111e1a3505b1fc029ab964382cc/django/utils/http.py#L231)\n",
-                "text": "Data from request ($DATA) is passed to redirect(). This is an open redirect and could be exploited. Ensure you are redirecting to safe URLs by using django.utils.http.is_safe_url(). See https://cwe.mitre.org/data/definitions/601.html for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The top level wildcard bindings $PREFIX leaves your application open to security vulnerabilities and give attackers more control over where traffic is routed. If you must use wildcards, consider using subdomain wildcard binding. For example, you can use \"*.asdf.gov\" if you own all of \"asdf.gov\".\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The top level wildcard bindings $PREFIX leaves your application open to security vulnerabilities and give attackers more control over where traffic is routed. If you must use wildcards, consider using subdomain wildcard binding. For example, you can use \"*.asdf.gov\" if you own all of \"asdf.gov\".\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.http.http-listener-wildcard-bindings.http-listener-wildcard-bindings)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.net.httplistener?view=net-6.0](https://docs.microsoft.com/en-us/dotnet/api/system.net.httplistener?view=net-6.0)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.open-redirect.open-redirect",
-              "id": "python.django.security.injection.open-redirect.open-redirect",
-              "name": "python.django.security.injection.open-redirect.open-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "CWE-706: Use of Incorrectly-Resolved Name or Reference",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.open-redirect.open-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "trailofbits.go.waitgroup-add-called-inside-goroutine.waitgroup-add-called-inside-goroutine",
+              "name": "trailofbits.go.waitgroup-add-called-inside-goroutine.waitgroup-add-called-inside-goroutine",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.waitgroup-add-called-inside-goroutine.waitgroup-add-called-inside-goroutine"
               },
-              "fullDescription": {
-                "text": "Kolide API Key detected"
+              "full_description": {
+                "text": "Calling `$WG.Add` inside of an anonymous goroutine may result in `$WG.Wait`\nwaiting for more or less calls to `$WG.Done()` than expected\n"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.waitgroup-add-called-inside-goroutine.waitgroup-add-called-inside-goroutine",
               "help": {
-                "markdown": "Kolide API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Kolide API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Calling `$WG.Add` inside of an anonymous goroutine may result in `$WG.Wait`\nwaiting for more or less calls to `$WG.Done()` than expected\n\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Calling `$WG.Add` inside of an anonymous goroutine may result in `$WG.Wait`\nwaiting for more or less calls to `$WG.Done()` than expected\n\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.waitgroup-add-called-inside-goroutine.waitgroup-add-called-inside-goroutine)\n - [https://go101.org/article/concurrent-common-mistakes.html](https://go101.org/article/concurrent-common-mistakes.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key",
-              "id": "generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key",
-              "name": "generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-667: Improper Locking",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.dotnet.security.use_ecb_mode.use_ecb_mode",
+              "name": "csharp.dotnet.security.use_ecb_mode.use_ecb_mode",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.dotnet.security.use_ecb_mode.use_ecb_mode"
               },
-              "fullDescription": {
-                "text": "The application redirects to a URL specified by user-supplied input `$REQ` that is not validated. This could redirect users to malicious locations. Consider using an allow-list approach to validate URLs, or warn users they are being redirected to a third-party website."
+              "full_description": {
+                "text": "Usage of the insecure ECB mode detected. You should use an authenticated encryption mode instead, which is implemented by the classes AesGcm or ChaCha20Poly1305."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.dotnet.security.use_ecb_mode.use_ecb_mode",
               "help": {
-                "markdown": "The application redirects to a URL specified by user-supplied input `$REQ` that is not validated. This could redirect users to malicious locations. Consider using an allow-list approach to validate URLs, or warn users they are being redirected to a third-party website.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-open-redirect.express-open-redirect)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)\n",
-                "text": "The application redirects to a URL specified by user-supplied input `$REQ` that is not validated. This could redirect users to malicious locations. Consider using an allow-list approach to validate URLs, or warn users they are being redirected to a third-party website.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Usage of the insecure ECB mode detected. You should use an authenticated encryption mode instead, which is implemented by the classes AesGcm or ChaCha20Poly1305.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Usage of the insecure ECB mode detected. You should use an authenticated encryption mode instead, which is implemented by the classes AesGcm or ChaCha20Poly1305.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.use_ecb_mode.use_ecb_mode)\n - [https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.chacha20poly1305?view=net-6.0](https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.chacha20poly1305?view=net-6.0)\n - [https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.aesgcm?view=net-6.0](https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.aesgcm?view=net-6.0)\n - [https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.ciphermode?view=net-6.0](https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.ciphermode?view=net-6.0)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#cipher-modes](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#cipher-modes)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-open-redirect.express-open-redirect",
-              "id": "javascript.express.security.audit.express-open-redirect.express-open-redirect",
-              "name": "javascript.express.security.audit.express-open-redirect.express-open-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "HIGH CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-open-redirect.express-open-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.sqli.vertx-sqli.vertx-sqli",
+              "name": "java.lang.security.audit.sqli.vertx-sqli.vertx-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.sqli.vertx-sqli.vertx-sqli"
               },
-              "fullDescription": {
-                "text": "CSRF protection is disabled for this configuration. This is a security risk."
+              "full_description": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.sqli.vertx-sqli.vertx-sqli",
               "help": {
-                "markdown": "CSRF protection is disabled for this configuration. This is a security risk.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spring-csrf-disabled.spring-csrf-disabled)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "CSRF protection is disabled for this configuration. This is a security risk.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.vertx-sqli.vertx-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.audit.spring-csrf-disabled.spring-csrf-disabled",
-              "id": "java.spring.security.audit.spring-csrf-disabled.spring-csrf-disabled",
-              "name": "java.spring.security.audit.spring-csrf-disabled.spring-csrf-disabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.audit.spring-csrf-disabled.spring-csrf-disabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.spring.security.injection.tainted-system-command.tainted-system-command",
+              "name": "java.spring.security.injection.tainted-system-command.tainted-system-command",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.injection.tainted-system-command.tainted-system-command"
+              },
+              "full_description": {
+                "text": "Detected user input entering a method which executes a system command. This could result in a command injection vulnerability, which allows an attacker to inject an arbitrary system command onto the server. The attacker could download malware onto or steal data from the server. Instead, use ProcessBuilder, separating the command into individual arguments, like this: `new ProcessBuilder(\"ls\", \"-al\", targetDirectory)`. Further, make sure you hardcode or allowlist the actual command so that attackers can't run arbitrary commands."
               },
-              "fullDescription": {
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.injection.tainted-system-command.tainted-system-command",
               "help": {
-                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n",
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input entering a method which executes a system command. This could result in a command injection vulnerability, which allows an attacker to inject an arbitrary system command onto the server. The attacker could download malware onto or steal data from the server. Instead, use ProcessBuilder, separating the command into individual arguments, like this: `new ProcessBuilder(\"ls\", \"-al\", targetDirectory)`. Further, make sure you hardcode or allowlist the actual command so that attackers can't run arbitrary commands.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input entering a method which executes a system command. This could result in a command injection vulnerability, which allows an attacker to inject an arbitrary system command onto the server. The attacker could download malware onto or steal data from the server. Instead, use ProcessBuilder, separating the command into individual arguments, like this: `new ProcessBuilder(\"ls\", \"-al\", targetDirectory)`. Further, make sure you hardcode or allowlist the actual command so that attackers can't run arbitrary commands.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.injection.tainted-system-command.tainted-system-command)\n - [https://www.stackhawk.com/blog/command-injection-java/](https://www.stackhawk.com/blog/command-injection-java/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/OS_Command_Injection_Defense_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/OS_Command_Injection_Defense_Cheat_Sheet.html)\n - [https://github.com/github/codeql/blob/main/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.java](https://github.com/github/codeql/blob/main/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.java)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.tainted-sql-string.tainted-sql-string",
-              "id": "python.aws-lambda.security.tainted-sql-string.tainted-sql-string",
-              "name": "python.aws-lambda.security.tainted-sql-string.tainted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "HIGH CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.tainted-sql-string.tainted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.crypto.bad_imports.insecure-module-used",
+              "name": "go.lang.security.audit.crypto.bad_imports.insecure-module-used",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.bad_imports.insecure-module-used"
               },
-              "fullDescription": {
-                "text": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload."
+              "full_description": {
+                "text": "The package `net/http/cgi` is on the import blocklist.  The package is vulnerable to httpoxy attacks (CVE-2015-5386). It is recommended to use `net/http` or a web framework to build a web application instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.bad_imports.insecure-module-used",
               "help": {
-                "markdown": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.jwt.security.audit.jwt-exposed-data.ruby-jwt-exposed-data)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "The object is passed strictly to jsonwebtoken.sign(...) Make sure that sensitive information is not exposed through JWT token payload.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The package `net/http/cgi` is on the import blocklist.  The package is vulnerable to httpoxy attacks (CVE-2015-5386). It is recommended to use `net/http` or a web framework to build a web application instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The package `net/http/cgi` is on the import blocklist.  The package is vulnerable to httpoxy attacks (CVE-2015-5386). It is recommended to use `net/http` or a web framework to build a web application instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.bad_imports.insecure-module-used)\n - [https://godoc.org/golang.org/x/crypto/sha3](https://godoc.org/golang.org/x/crypto/sha3)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.jwt.security.audit.jwt-exposed-data.ruby-jwt-exposed-data",
-              "id": "ruby.jwt.security.audit.jwt-exposed-data.ruby-jwt-exposed-data",
-              "name": "ruby.jwt.security.audit.jwt-exposed-data.ruby-jwt-exposed-data",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.jwt.security.audit.jwt-exposed-data.ruby-jwt-exposed-data"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.lang.security.iam.no-iam-data-exfiltration.no-iam-data-exfiltration",
+              "name": "terraform.lang.security.iam.no-iam-data-exfiltration.no-iam-data-exfiltration",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-data-exfiltration.no-iam-data-exfiltration"
               },
-              "fullDescription": {
-                "text": "The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. Many different options exist to fix this issue depending the use case (Application can send request only to identified and trusted applications, Application can send requests to ANY external IP address or domain name)."
+              "full_description": {
+                "text": "Ensure that IAM policies don't allow data exfiltration actions that are not resource-constrained. This can allow the user to read sensitive data they don't need to read. Instead, make sure that the user granted these privileges are given these permissions on specific resources."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-data-exfiltration.no-iam-data-exfiltration",
               "help": {
-                "markdown": "The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. Many different options exist to fix this issue depending the use case (Application can send request only to identified and trusted applications, Application can send requests to ANY external IP address or domain name).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.ssrf.web-request.ssrf)\n - [https://cwe.mitre.org/data/definitions/918.html](https://cwe.mitre.org/data/definitions/918.html)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n",
-                "text": "The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. Many different options exist to fix this issue depending the use case (Application can send request only to identified and trusted applications, Application can send requests to ANY external IP address or domain name).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure that IAM policies don't allow data exfiltration actions that are not resource-constrained. This can allow the user to read sensitive data they don't need to read. Instead, make sure that the user granted these privileges are given these permissions on specific resources.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure that IAM policies don't allow data exfiltration actions that are not resource-constrained. This can allow the user to read sensitive data they don't need to read. Instead, make sure that the user granted these privileges are given these permissions on specific resources.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-data-exfiltration.no-iam-data-exfiltration)\n - [https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMDataExfiltration.py](https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMDataExfiltration.py)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/data-exfiltration/](https://cloudsplaining.readthedocs.io/en/latest/glossary/data-exfiltration/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.ssrf.web-request.ssrf",
-              "id": "csharp.lang.security.ssrf.web-request.ssrf",
-              "name": "csharp.lang.security.ssrf.web-request.ssrf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.ssrf.web-request.ssrf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.html-templates.security.var-in-script-tag.var-in-script-tag",
+              "name": "generic.html-templates.security.var-in-script-tag.var-in-script-tag",
+              "short_description": {
+                "text": "Semgrep Finding: generic.html-templates.security.var-in-script-tag.var-in-script-tag"
               },
-              "fullDescription": {
-                "text": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege."
+              "full_description": {
+                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`)."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.html-templates.security.var-in-script-tag.var-in-script-tag",
               "help": {
-                "markdown": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-iam-admin-policy.aws-iam-admin-policy)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n",
-                "text": "Detected admin access granted in your policy. This means anyone with this policy can perform administrative actions. Instead, limit actions and resources to what you need according to least privilege.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.html-templates.security.var-in-script-tag.var-in-script-tag)\n - [https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A](https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-iam-admin-policy.aws-iam-admin-policy",
-              "id": "terraform.aws.security.aws-iam-admin-policy.aws-iam-admin-policy",
-              "name": "terraform.aws.security.aws-iam-admin-policy.aws-iam-admin-policy",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-iam-admin-policy.aws-iam-admin-policy"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.go.racy-append-to-slice.racy-append-to-slice",
+              "name": "trailofbits.go.racy-append-to-slice.racy-append-to-slice",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.racy-append-to-slice.racy-append-to-slice"
               },
-              "fullDescription": {
-                "text": "Checks for attempts to connect to an insecure telnet server using the package telnet. This is bad because it can lead to man in the middle attacks."
+              "full_description": {
+                "text": "Appending `$SLICE` from multiple goroutines is not concurrency safe"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.racy-append-to-slice.racy-append-to-slice",
               "help": {
-                "markdown": "Checks for attempts to connect to an insecure telnet server using the package telnet. This is bad because it can lead to man in the middle attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request)\n - [https://godoc.org/github.com/reiver/go-telnet](https://godoc.org/github.com/reiver/go-telnet)\n",
-                "text": "Checks for attempts to connect to an insecure telnet server using the package telnet. This is bad because it can lead to man in the middle attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Appending `$SLICE` from multiple goroutines is not concurrency safe\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Appending `$SLICE` from multiple goroutines is not concurrency safe\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.racy-append-to-slice.racy-append-to-slice)\n - [https://go.dev/blog/maps#concurrency](https://go.dev/blog/maps#concurrency)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request",
-              "id": "problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request",
-              "name": "problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.erc721-reentrancy.erc721-reentrancy",
+              "name": "solidity.security.erc721-reentrancy.erc721-reentrancy",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.erc721-reentrancy.erc721-reentrancy"
               },
-              "fullDescription": {
-                "text": "Detected a SQL query based on user input. This could lead to SQL injection, which could potentially result in sensitive data being exfiltrated by attackers. Instead, use parameterized queries and prepared statements."
+              "full_description": {
+                "text": "ERC721 onERC721Received() reentrancy"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.erc721-reentrancy.erc721-reentrancy",
               "help": {
-                "markdown": "Detected a SQL query based on user input. This could lead to SQL injection, which could potentially result in sensitive data being exfiltrated by attackers. Instead, use parameterized queries and prepared statements.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.laravel.security.laravel-sql-injection.laravel-sql-injection)\n - [https://laravel.com/docs/8.x/queries](https://laravel.com/docs/8.x/queries)\n",
-                "text": "Detected a SQL query based on user input. This could lead to SQL injection, which could potentially result in sensitive data being exfiltrated by attackers. Instead, use parameterized queries and prepared statements.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "ERC721 onERC721Received() reentrancy\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "ERC721 onERC721Received() reentrancy\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.erc721-reentrancy.erc721-reentrancy)\n - [https://blocksecteam.medium.com/when-safemint-becomes-unsafe-lessons-from-the-hypebears-security-incident-2965209bda2a](https://blocksecteam.medium.com/when-safemint-becomes-unsafe-lessons-from-the-hypebears-security-incident-2965209bda2a)\n - [https://etherscan.io/address/0x14e0a1f310e2b7e321c91f58847e98b8c802f6ef](https://etherscan.io/address/0x14e0a1f310e2b7e321c91f58847e98b8c802f6ef)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.laravel.security.laravel-sql-injection.laravel-sql-injection",
-              "id": "php.laravel.security.laravel-sql-injection.laravel-sql-injection",
-              "name": "php.laravel.security.laravel-sql-injection.laravel-sql-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-841: Improper Enforcement of Behavioral Workflow",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.laravel.security.laravel-sql-injection.laravel-sql-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.express-jwt-hardcoded-secret.express-jwt-hardcoded-secret",
+              "name": "javascript.express.security.express-jwt-hardcoded-secret.express-jwt-hardcoded-secret",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-jwt-hardcoded-secret.express-jwt-hardcoded-secret"
               },
-              "fullDescription": {
-                "text": "An insecure SSL context was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use SSLContext.getInstance(\"TLSv1.2\") for the best security."
+              "full_description": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-jwt-hardcoded-secret.express-jwt-hardcoded-secret",
               "help": {
-                "markdown": "An insecure SSL context was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use SSLContext.getInstance(\"TLSv1.2\") for the best security.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.weak-ssl-context.weak-ssl-context)\n - [https://tools.ietf.org/html/rfc7568](https://tools.ietf.org/html/rfc7568)\n - [https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html](https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html)\n",
-                "text": "An insecure SSL context was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use SSLContext.getInstance(\"TLSv1.2\") for the best security.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-jwt-hardcoded-secret.express-jwt-hardcoded-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.weak-ssl-context.weak-ssl-context",
-              "id": "java.lang.security.audit.weak-ssl-context.weak-ssl-context",
-              "name": "java.lang.security.audit.weak-ssl-context.weak-ssl-context",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.weak-ssl-context.weak-ssl-context"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.xxe.xmldocument-unsafe-parser-override.xmldocument-unsafe-parser-override",
+              "name": "csharp.lang.security.xxe.xmldocument-unsafe-parser-override.xmldocument-unsafe-parser-override",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.xxe.xmldocument-unsafe-parser-override.xmldocument-unsafe-parser-override"
               },
-              "fullDescription": {
-                "text": "This GitHub Actions workflow file uses `workflow_run` and checks out code from the incoming pull request. When using `workflow_run`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations."
+              "full_description": {
+                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.xxe.xmldocument-unsafe-parser-override.xmldocument-unsafe-parser-override",
               "help": {
-                "markdown": "This GitHub Actions workflow file uses `workflow_run` and checks out code from the incoming pull request. When using `workflow_run`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.workflow-run-target-code-checkout.workflow-run-target-code-checkout)\n - [https://securitylab.github.com/research/github-actions-preventing-pwn-requests/](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)\n - [https://github.com/justinsteven/advisories/blob/master/2021_github_actions_checkspelling_token_leak_via_advice_symlink.md](https://github.com/justinsteven/advisories/blob/master/2021_github_actions_checkspelling_token_leak_via_advice_symlink.md)\n - [https://www.legitsecurity.com/blog/github-privilege-escalation-vulnerability](https://www.legitsecurity.com/blog/github-privilege-escalation-vulnerability)\n",
-                "text": "This GitHub Actions workflow file uses `workflow_run` and checks out code from the incoming pull request. When using `workflow_run`, the Action runs in the context of the target repository, which includes access to all repository secrets. Normally, this is safe because the Action only runs code from the target repository, not the incoming PR. However, by checking out the incoming PR code, you're now using the incoming code for the rest of the action. You may be inadvertently executing arbitrary code from the incoming PR with access to repository secrets, which would let an attacker steal repository secrets. This normally happens by running build scripts (e.g., `npm build` and `make`) or dependency installation scripts (e.g., `python setup.py install`). Audit your workflow file to make sure no code from the incoming PR is executed. Please see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ for additional mitigations.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.xxe.xmldocument-unsafe-parser-override.xmldocument-unsafe-parser-override)\n - [https://www.jardinesoftware.net/2016/05/26/xxe-and-net/](https://www.jardinesoftware.net/2016/05/26/xxe-and-net/)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.github-actions.security.workflow-run-target-code-checkout.workflow-run-target-code-checkout",
-              "id": "yaml.github-actions.security.workflow-run-target-code-checkout.workflow-run-target-code-checkout",
-              "name": "yaml.github-actions.security.workflow-run-target-code-checkout.workflow-run-target-code-checkout",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-913: Improper Control of Dynamically-Managed Code Resources",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.github-actions.security.workflow-run-target-code-checkout.workflow-run-target-code-checkout"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.go-stdlib.grequests-http-request.grequests-http-request",
+              "name": "problem-based-packs.insecure-transport.go-stdlib.grequests-http-request.grequests-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.grequests-http-request.grequests-http-request"
               },
-              "fullDescription": {
-                "text": "Detected wildcard access granted in your ECR repository policy principal. This grants access to all users, including anonymous users (public access). Instead, limit principals, actions and resources to what you need according to least privilege."
+              "full_description": {
+                "text": "Checks for requests to http (unencrypted) sites using grequests, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.grequests-http-request.grequests-http-request",
               "help": {
-                "markdown": "Detected wildcard access granted in your ECR repository policy principal. This grants access to all users, including anonymous users (public access). Instead, limit principals, actions and resources to what you need according to least privilege.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ecr-repository-wildcard-principal.aws-ecr-repository-wildcard-principal)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy)\n - [https://docs.aws.amazon.com/lambda/latest/operatorguide/wildcard-permissions-iam.html](https://docs.aws.amazon.com/lambda/latest/operatorguide/wildcard-permissions-iam.html)\n - [https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/monitor-amazon-ecr-repositories-for-wildcard-permissions-using-aws-cloudformation-and-aws-config.html](https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/monitor-amazon-ecr-repositories-for-wildcard-permissions-using-aws-cloudformation-and-aws-config.html)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n",
-                "text": "Detected wildcard access granted in your ECR repository policy principal. This grants access to all users, including anonymous users (public access). Instead, limit principals, actions and resources to what you need according to least privilege.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests to http (unencrypted) sites using grequests, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests to http (unencrypted) sites using grequests, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.grequests-http-request.grequests-http-request)\n - [https://godoc.org/github.com/levigross/grequests#DoRegularRequest](https://godoc.org/github.com/levigross/grequests#DoRegularRequest)\n - [https://github.com/levigross/grequests](https://github.com/levigross/grequests)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-ecr-repository-wildcard-principal.aws-ecr-repository-wildcard-principal",
-              "id": "terraform.aws.security.aws-ecr-repository-wildcard-principal.aws-ecr-repository-wildcard-principal",
-              "name": "terraform.aws.security.aws-ecr-repository-wildcard-principal.aws-ecr-repository-wildcard-principal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-ecr-repository-wildcard-principal.aws-ecr-repository-wildcard-principal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "solidity.security.incorrect-use-of-blockhash.incorrect-use-of-blockhash",
+              "name": "solidity.security.incorrect-use-of-blockhash.incorrect-use-of-blockhash",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.incorrect-use-of-blockhash.incorrect-use-of-blockhash"
               },
-              "fullDescription": {
-                "text": "Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation."
+              "full_description": {
+                "text": "blockhash(block.number) and blockhash(block.number + N) always returns 0."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.incorrect-use-of-blockhash.incorrect-use-of-blockhash",
               "help": {
-                "markdown": "Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation)\n - [https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib](https://stackoverflow.com/questions/41740361/is-it-safe-to-disable-ssl-certificate-verification-in-pythonss-requests-lib)\n",
-                "text": "Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "blockhash(block.number) and blockhash(block.number + N) always returns 0.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "blockhash(block.number) and blockhash(block.number + N) always returns 0.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.incorrect-use-of-blockhash.incorrect-use-of-blockhash)\n - [https://blog.positive.com/predicting-random-numbers-in-ethereum-smart-contracts-e5358c6b8620](https://blog.positive.com/predicting-random-numbers-in-ethereum-smart-contracts-e5358c6b8620)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.requests.security.disabled-cert-validation.disabled-cert-validation",
-              "id": "python.requests.security.disabled-cert-validation.disabled-cert-validation",
-              "name": "python.requests.security.disabled-cert-validation.disabled-cert-validation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-295: Improper Certificate Validation",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-341: Predictable from Observable State",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.requests.security.disabled-cert-validation.disabled-cert-validation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.rails.security.audit.sqli.ruby-pg-sqli.ruby-pg-sqli",
+              "name": "ruby.rails.security.audit.sqli.ruby-pg-sqli.ruby-pg-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.sqli.ruby-pg-sqli.ruby-pg-sqli"
               },
-              "fullDescription": {
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using the Django object-relational mappers (ORM) instead of raw SQL queries."
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a pg Ruby SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized queries like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])` And you can use prepared statements with `exec_prepared`."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.sqli.ruby-pg-sqli.ruby-pg-sqli",
               "help": {
-                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using the Django object-relational mappers (ORM) instead of raw SQL queries.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection](https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection)\n",
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using the Django object-relational mappers (ORM) instead of raw SQL queries.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in a pg Ruby SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized queries like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])` And you can use prepared statements with `exec_prepared`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a pg Ruby SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized queries like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])` And you can use prepared statements with `exec_prepared`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.sqli.ruby-pg-sqli.ruby-pg-sqli)\n - [https://www.rubydoc.info/gems/pg/PG/Connection](https://www.rubydoc.info/gems/pg/PG/Connection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.tainted-sql-string.tainted-sql-string",
-              "id": "python.django.security.injection.tainted-sql-string.tainted-sql-string",
-              "name": "python.django.security.injection.tainted-sql-string.tainted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.tainted-sql-string.tainted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop",
+              "name": "javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop"
               },
-              "fullDescription": {
-                "text": "Default session middleware settings: `expires` not set. Use it to set expiration date for persistent cookies."
+              "full_description": {
+                "text": "Possibility of prototype polluting function detected. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf). Possible mitigations might be: freezing the object prototype, using an object without prototypes (via Object.create(null) ), blocking modifications of attributes that resolve to object prototype, using Map instead of object."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop",
               "help": {
-                "markdown": "Default session middleware settings: `expires` not set. Use it to set expiration date for persistent cookies.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-expires)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Default session middleware settings: `expires` not set. Use it to set expiration date for persistent cookies.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Possibility of prototype polluting function detected. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf). Possible mitigations might be: freezing the object prototype, using an object without prototypes (via Object.create(null) ), blocking modifications of attributes that resolve to object prototype, using Map instead of object.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Possibility of prototype polluting function detected. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf). Possible mitigations might be: freezing the object prototype, using an object without prototypes (via Object.create(null) ), blocking modifications of attributes that resolve to object prototype, using Map instead of object.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop)\n - [https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf](https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-expires",
-              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-expires",
-              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-expires",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-expires"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.ldap-bind-without-password.ldap-bind-without-password",
+              "name": "php.lang.security.ldap-bind-without-password.ldap-bind-without-password",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.ldap-bind-without-password.ldap-bind-without-password"
               },
-              "fullDescription": {
-                "text": "Iteration over a possibly empty map `$C`. This is likely a bug or redundant code"
+              "full_description": {
+                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.ldap-bind-without-password.ldap-bind-without-password",
               "help": {
-                "markdown": "Iteration over a possibly empty map `$C`. This is likely a bug or redundant code\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.iterate-over-empty-map.iterate-over-empty-map)\n - [https://blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/](https://blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/)\n",
-                "text": "Iteration over a possibly empty map `$C`. This is likely a bug or redundant code\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.ldap-bind-without-password.ldap-bind-without-password)\n - [https://www.php.net/manual/en/function.ldap-bind.php](https://www.php.net/manual/en/function.ldap-bind.php)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.iterate-over-empty-map.iterate-over-empty-map",
-              "id": "trailofbits.go.iterate-over-empty-map.iterate-over-empty-map",
-              "name": "trailofbits.go.iterate-over-empty-map.iterate-over-empty-map",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-665: Improper Initialization",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-287: Improper Authentication",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.iterate-over-empty-map.iterate-over-empty-map"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected",
+              "name": "python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected"
               },
-              "fullDescription": {
-                "text": "Add \"encryption: $Y.BucketEncryption.KMS_MANAGED\" or \"encryption: $Y.BucketEncryption.S3_MANAGED\" to the bucket props for Bucket construct $X"
+              "full_description": {
+                "text": "Detected a dynamic value being used with urllib. urllib supports 'file://' schemes, so a dynamic value controlled by a malicious actor may allow them to read arbitrary files. Audit uses of urllib calls to ensure user data cannot control the URLs, or consider using the 'requests' library instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected",
               "help": {
-                "markdown": "Add \"encryption: $Y.BucketEncryption.KMS_MANAGED\" or \"encryption: $Y.BucketEncryption.S3_MANAGED\" to the bucket props for Bucket construct $X\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-bucket-encryption.awscdk-bucket-encryption)\n - [https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html](https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html)\n",
-                "text": "Add \"encryption: $Y.BucketEncryption.KMS_MANAGED\" or \"encryption: $Y.BucketEncryption.S3_MANAGED\" to the bucket props for Bucket construct $X\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a dynamic value being used with urllib. urllib supports 'file://' schemes, so a dynamic value controlled by a malicious actor may allow them to read arbitrary files. Audit uses of urllib calls to ensure user data cannot control the URLs, or consider using the 'requests' library instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a dynamic value being used with urllib. urllib supports 'file://' schemes, so a dynamic value controlled by a malicious actor may allow them to read arbitrary files. Audit uses of urllib calls to ensure user data cannot control the URLs, or consider using the 'requests' library instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected)\n - [https://cwe.mitre.org/data/definitions/939.html](https://cwe.mitre.org/data/definitions/939.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-bucket-encryption.awscdk-bucket-encryption",
-              "id": "typescript.aws-cdk.security.audit.awscdk-bucket-encryption.awscdk-bucket-encryption",
-              "name": "typescript.aws-cdk.security.audit.awscdk-bucket-encryption.awscdk-bucket-encryption",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-939: Improper Authorization in Handler for Custom URL Scheme",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.aws-cdk.security.audit.awscdk-bucket-encryption.awscdk-bucket-encryption"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "trailofbits.go.servercodec-readrequestbody-unhandled-nil.servercodec-readrequestbody-unhandled-nil",
+              "name": "trailofbits.go.servercodec-readrequestbody-unhandled-nil.servercodec-readrequestbody-unhandled-nil",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.servercodec-readrequestbody-unhandled-nil.servercodec-readrequestbody-unhandled-nil"
               },
-              "fullDescription": {
-                "text": "Stripe Restricted API Key detected"
+              "full_description": {
+                "text": "The `func ($O *$CODEC) ReadRequestBody($ARG $TYPE) error` function does not handle `nil` argument, as the `ServerCodec` interface requires. An incorrect implementation could lead to denial of service"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.servercodec-readrequestbody-unhandled-nil.servercodec-readrequestbody-unhandled-nil",
               "help": {
-                "markdown": "Stripe Restricted API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-stripe-restricted-api-key.detected-stripe-restricted-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Stripe Restricted API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The `func ($O *$CODEC) ReadRequestBody($ARG $TYPE) error` function does not handle `nil` argument, as the `ServerCodec` interface requires. An incorrect implementation could lead to denial of service\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The `func ($O *$CODEC) ReadRequestBody($ARG $TYPE) error` function does not handle `nil` argument, as the `ServerCodec` interface requires. An incorrect implementation could lead to denial of service\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.servercodec-readrequestbody-unhandled-nil.servercodec-readrequestbody-unhandled-nil)\n - [https://github.com/golang/go/blob/go1.15.2/src/net/rpc/server.go#L643-L658](https://github.com/golang/go/blob/go1.15.2/src/net/rpc/server.go#L643-L658)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-stripe-restricted-api-key.detected-stripe-restricted-api-key",
-              "id": "generic.secrets.security.detected-stripe-restricted-api-key.detected-stripe-restricted-api-key",
-              "name": "generic.secrets.security.detected-stripe-restricted-api-key.detected-stripe-restricted-api-key",
               "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                "precision": "very-high",
+                "tags": [
+                  "CWE-476: NULL Pointer Dereference",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-stripe-restricted-api-key.detected-stripe-restricted-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.sqlalchemy.security.sqlalchemy-sql-injection.sqlalchemy-sql-injection",
+              "name": "python.sqlalchemy.security.sqlalchemy-sql-injection.sqlalchemy-sql-injection",
+              "short_description": {
+                "text": "Semgrep Finding: python.sqlalchemy.security.sqlalchemy-sql-injection.sqlalchemy-sql-injection"
               },
-              "fullDescription": {
-                "text": "Missing `RUnlock` on an `RWMutex` (`$T` variable) lock before returning from a function"
+              "full_description": {
+                "text": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.sqlalchemy.security.sqlalchemy-sql-injection.sqlalchemy-sql-injection",
               "help": {
-                "markdown": "Missing `RUnlock` on an `RWMutex` (`$T` variable) lock before returning from a function\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.missing-runlock-on-rwmutex.missing-runlock-on-rwmutex)\n - [https://pkg.go.dev/sync#RWMutex](https://pkg.go.dev/sync#RWMutex)\n - [https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/](https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/)\n",
-                "text": "Missing `RUnlock` on an `RWMutex` (`$T` variable) lock before returning from a function\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sqlalchemy.security.sqlalchemy-sql-injection.sqlalchemy-sql-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.missing-runlock-on-rwmutex.missing-runlock-on-rwmutex",
-              "id": "trailofbits.go.missing-runlock-on-rwmutex.missing-runlock-on-rwmutex",
-              "name": "trailofbits.go.missing-runlock-on-rwmutex.missing-runlock-on-rwmutex",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-667: Improper Locking",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.missing-runlock-on-rwmutex.missing-runlock-on-rwmutex"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-imagebuilder-component-encrypted-with-cmk.aws-imagebuilder-component-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-imagebuilder-component-encrypted-with-cmk.aws-imagebuilder-component-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-imagebuilder-component-encrypted-with-cmk.aws-imagebuilder-component-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "$METHOD is a state-changing MVC method that does not validate the antiforgery token or do strict content-type checking. State-changing controller methods should either enforce antiforgery tokens or do strict content-type checking to prevent simple HTTP request types from bypassing CORS preflight controls."
+              "full_description": {
+                "text": "Ensure ImageBuilder component is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-imagebuilder-component-encrypted-with-cmk.aws-imagebuilder-component-encrypted-with-cmk",
               "help": {
-                "markdown": "$METHOD is a state-changing MVC method that does not validate the antiforgery token or do strict content-type checking. State-changing controller methods should either enforce antiforgery tokens or do strict content-type checking to prevent simple HTTP request types from bypassing CORS preflight controls.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.mvc-missing-antiforgery.mvc-missing-antiforgery)\n - [https://cheatsheetseries.owasp.org/cheatsheets/DotNet_Security_Cheat_Sheet.html#cross-site-request-forgery](https://cheatsheetseries.owasp.org/cheatsheets/DotNet_Security_Cheat_Sheet.html#cross-site-request-forgery)\n - [https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests)\n",
-                "text": "$METHOD is a state-changing MVC method that does not validate the antiforgery token or do strict content-type checking. State-changing controller methods should either enforce antiforgery tokens or do strict content-type checking to prevent simple HTTP request types from bypassing CORS preflight controls.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure ImageBuilder component is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure ImageBuilder component is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-imagebuilder-component-encrypted-with-cmk.aws-imagebuilder-component-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.dotnet.security.mvc-missing-antiforgery.mvc-missing-antiforgery",
-              "id": "csharp.dotnet.security.mvc-missing-antiforgery.mvc-missing-antiforgery",
-              "name": "csharp.dotnet.security.mvc-missing-antiforgery.mvc-missing-antiforgery",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.dotnet.security.mvc-missing-antiforgery.mvc-missing-antiforgery"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-importlib2",
+              "name": "python.lang.compatibility.python37.python37-compatibility-importlib2",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-importlib2"
               },
-              "fullDescription": {
-                "text": "ECB (Electronic Code Book) is the simplest mode of operation for block ciphers.  Each block of data is encrypted in the same way.  This means identical plaintext blocks will always result in identical ciphertext blocks, which can leave significant patterns in the output. Use a different, cryptographically strong mode instead, such as GCM."
+              "full_description": {
+                "text": "Found 'importlib.resources', which is a module only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Use importlib_resources instead for older Python versions."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib2",
               "help": {
-                "markdown": "ECB (Electronic Code Book) is the simplest mode of operation for block ciphers.  Each block of data is encrypted in the same way.  This means identical plaintext blocks will always result in identical ciphertext blocks, which can leave significant patterns in the output. Use a different, cryptographically strong mode instead, such as GCM.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-cipher-mode-ecb.insecure-cipher-mode-ecb)\n - [https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#insecure-modes](https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#insecure-modes)\n - [https://crypto.stackexchange.com/questions/20941/why-shouldnt-i-use-ecb-encryption](https://crypto.stackexchange.com/questions/20941/why-shouldnt-i-use-ecb-encryption)\n",
-                "text": "ECB (Electronic Code Book) is the simplest mode of operation for block ciphers.  Each block of data is encrypted in the same way.  This means identical plaintext blocks will always result in identical ciphertext blocks, which can leave significant patterns in the output. Use a different, cryptographically strong mode instead, such as GCM.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found 'importlib.resources', which is a module only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Use importlib_resources instead for older Python versions.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found 'importlib.resources', which is a module only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Use importlib_resources instead for older Python versions.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib2)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.cryptography.security.insecure-cipher-mode-ecb.insecure-cipher-mode-ecb",
-              "id": "python.cryptography.security.insecure-cipher-mode-ecb.insecure-cipher-mode-ecb",
-              "name": "python.cryptography.security.insecure-cipher-mode-ecb.insecure-cipher-mode-ecb",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.cryptography.security.insecure-cipher-mode-ecb.insecure-cipher-mode-ecb"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.compatibility.python37.python37-compatibility-math1",
+              "name": "python.lang.compatibility.python37.python37-compatibility-math1",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-math1"
               },
-              "fullDescription": {
-                "text": "multiprocessing.Process.close() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use join()."
+              "full_description": {
+                "text": "math.remainder is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use math.fmod() or calculate $X - n* $Y."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-math1",
               "help": {
-                "markdown": "multiprocessing.Process.close() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use join().\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-multiprocess1)\n",
-                "text": "multiprocessing.Process.close() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use join().\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "math.remainder is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use math.fmod() or calculate $X - n* $Y.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "math.remainder is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use math.fmod() or calculate $X - n* $Y.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-math1)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-multiprocess1",
-              "id": "python.lang.compatibility.python37.python37-compatibility-multiprocess1",
-              "name": "python.lang.compatibility.python37.python37-compatibility-multiprocess1",
               "properties": {
                 "precision": "very-high",
                 "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-multiprocess1"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.angular.security.detect-angular-trust-as-html-method.detect-angular-trust-as-html-method",
+              "name": "javascript.angular.security.detect-angular-trust-as-html-method.detect-angular-trust-as-html-method",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-html-method.detect-angular-trust-as-html-method"
               },
-              "fullDescription": {
-                "text": "Detected RC2 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead."
+              "full_description": {
+                "text": "The use of $sce.trustAsHtml can be dangerous if unsanitized user input flows through this API."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-html-method.detect-angular-trust-as-html-method",
               "help": {
-                "markdown": "Detected RC2 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-rc2.insecure-cipher-algorithm-rc2)\n - [https://cwe.mitre.org/data/definitions/326.html](https://cwe.mitre.org/data/definitions/326.html)\n",
-                "text": "Detected RC2 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The use of $sce.trustAsHtml can be dangerous if unsanitized user input flows through this API.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The use of $sce.trustAsHtml can be dangerous if unsanitized user input flows through this API.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-html-method.detect-angular-trust-as-html-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsHtml](https://docs.angularjs.org/api/ng/service/$sce#trustAsHtml)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-cipher-algorithm-rc2.insecure-cipher-algorithm-rc2",
-              "id": "python.pycryptodome.security.insecure-cipher-algorithm-rc2.insecure-cipher-algorithm-rc2",
-              "name": "python.pycryptodome.security.insecure-cipher-algorithm-rc2.insecure-cipher-algorithm-rc2",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insecure-cipher-algorithm-rc2.insecure-cipher-algorithm-rc2"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopen-ftp.insecure-urlopen-ftp",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopen-ftp.insecure-urlopen-ftp",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopen-ftp.insecure-urlopen-ftp"
               },
-              "fullDescription": {
-                "text": "A parameter being passed directly into `url` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              "full_description": {
+                "text": "Detected 'urllib.urlopen()' using 'ftp://'. This request will not be encrypted. Consider using SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopen-ftp.insecure-urlopen-ftp",
               "help": {
-                "markdown": "A parameter being passed directly into `url` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.dispatch-ssrf.dispatch-ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n - [https://dispatchhttp.org/Dispatch.html](https://dispatchhttp.org/Dispatch.html)\n",
-                "text": "A parameter being passed directly into `url` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected 'urllib.urlopen()' using 'ftp://'. This request will not be encrypted. Consider using SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected 'urllib.urlopen()' using 'ftp://'. This request will not be encrypted. Consider using SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopen-ftp.insecure-urlopen-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.urlopen](https://docs.python.org/3/library/urllib.request.html#urllib.request.urlopen)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.dispatch-ssrf.dispatch-ssrf",
-              "id": "scala.lang.security.audit.dispatch-ssrf.dispatch-ssrf",
-              "name": "scala.lang.security.audit.dispatch-ssrf.dispatch-ssrf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.dispatch-ssrf.dispatch-ssrf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.nginx.security.insecure-redirect.insecure-redirect",
+              "name": "generic.nginx.security.insecure-redirect.insecure-redirect",
+              "short_description": {
+                "text": "Semgrep Finding: generic.nginx.security.insecure-redirect.insecure-redirect"
               },
-              "fullDescription": {
-                "text": "HockeyApp detected"
+              "full_description": {
+                "text": "Detected an insecure redirect in this nginx configuration. If no scheme is specified, nginx will forward the request with the incoming scheme. This could result in unencrypted communications. To fix this, include the 'https' scheme."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.nginx.security.insecure-redirect.insecure-redirect",
               "help": {
-                "markdown": "HockeyApp detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-hockeyapp.detected-hockeyapp)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "HockeyApp detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an insecure redirect in this nginx configuration. If no scheme is specified, nginx will forward the request with the incoming scheme. This could result in unencrypted communications. To fix this, include the 'https' scheme.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an insecure redirect in this nginx configuration. If no scheme is specified, nginx will forward the request with the incoming scheme. This could result in unencrypted communications. To fix this, include the 'https' scheme.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.insecure-redirect.insecure-redirect)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-hockeyapp.detected-hockeyapp",
-              "id": "generic.secrets.security.detected-hockeyapp.detected-hockeyapp",
-              "name": "generic.secrets.security.detected-hockeyapp.detected-hockeyapp",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-hockeyapp.detected-hockeyapp"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "javascript.angular.security.detect-angular-trust-as-url-method.detect-angular-trust-as-url-method",
+              "name": "javascript.angular.security.detect-angular-trust-as-url-method.detect-angular-trust-as-url-method",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-url-method.detect-angular-trust-as-url-method"
               },
-              "fullDescription": {
-                "text": "When running containers in Kubernetes, it's important to ensure that they  are properly secured to prevent privilege escalation attacks.  One potential vulnerability is when a container is allowed to run  applications as the root user, which could allow an attacker to gain  access to sensitive resources. To mitigate this risk, it's recommended to  add a `securityContext` to the container, with the parameter `runAsNonRoot`  set to `true`. This will ensure that the container runs as a non-root user,  limiting the damage that could be caused by any potential attacks. By  adding a `securityContext` to the container in your Kubernetes pod, you can  help to ensure that your containerized applications are more secure and  less vulnerable to privilege escalation attacks."
+              "full_description": {
+                "text": "The use of $sce.trustAsUrl can be dangerous if unsanitized user input flows through this API."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-url-method.detect-angular-trust-as-url-method",
               "help": {
-                "markdown": "When running containers in Kubernetes, it's important to ensure that they  are properly secured to prevent privilege escalation attacks.  One potential vulnerability is when a container is allowed to run  applications as the root user, which could allow an attacker to gain  access to sensitive resources. To mitigate this risk, it's recommended to  add a `securityContext` to the container, with the parameter `runAsNonRoot`  set to `true`. This will ensure that the container runs as a non-root user,  limiting the damage that could be caused by any potential attacks. By  adding a `securityContext` to the container in your Kubernetes pod, you can  help to ensure that your containerized applications are more secure and  less vulnerable to privilege escalation attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.run-as-non-root.run-as-non-root)\n - [https://kubernetes.io/blog/2016/08/security-best-practices-kubernetes-deployment/](https://kubernetes.io/blog/2016/08/security-best-practices-kubernetes-deployment/)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/](https://kubernetes.io/docs/concepts/policy/pod-security-policy/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-2-set-a-user](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-2-set-a-user)\n",
-                "text": "When running containers in Kubernetes, it's important to ensure that they  are properly secured to prevent privilege escalation attacks.  One potential vulnerability is when a container is allowed to run  applications as the root user, which could allow an attacker to gain  access to sensitive resources. To mitigate this risk, it's recommended to  add a `securityContext` to the container, with the parameter `runAsNonRoot`  set to `true`. This will ensure that the container runs as a non-root user,  limiting the damage that could be caused by any potential attacks. By  adding a `securityContext` to the container in your Kubernetes pod, you can  help to ensure that your containerized applications are more secure and  less vulnerable to privilege escalation attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The use of $sce.trustAsUrl can be dangerous if unsanitized user input flows through this API.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The use of $sce.trustAsUrl can be dangerous if unsanitized user input flows through this API.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-url-method.detect-angular-trust-as-url-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsUrl](https://docs.angularjs.org/api/ng/service/$sce#trustAsUrl)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.run-as-non-root.run-as-non-root",
-              "id": "yaml.kubernetes.security.run-as-non-root.run-as-non-root",
-              "name": "yaml.kubernetes.security.run-as-non-root.run-as-non-root",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-250: Execution with Unnecessary Privileges",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.run-as-non-root.run-as-non-root"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "csharp.lang.security.xxe.xmltextreader-unsafe-defaults.xmltextreader-unsafe-defaults",
+              "name": "csharp.lang.security.xxe.xmltextreader-unsafe-defaults.xmltextreader-unsafe-defaults",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.xxe.xmltextreader-unsafe-defaults.xmltextreader-unsafe-defaults"
               },
-              "fullDescription": {
-                "text": "Slack Token detected"
+              "full_description": {
+                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.xxe.xmltextreader-unsafe-defaults.xmltextreader-unsafe-defaults",
               "help": {
-                "markdown": "Slack Token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-slack-token.detected-slack-token)\n - [https://github.com/davidburkitt/python-secret-scanner/blob/335a1f6dab8de59cf39063e57aea39a58951e939/patterns.txt#L58](https://github.com/davidburkitt/python-secret-scanner/blob/335a1f6dab8de59cf39063e57aea39a58951e939/patterns.txt#L58)\n",
-                "text": "Slack Token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.xxe.xmltextreader-unsafe-defaults.xmltextreader-unsafe-defaults)\n - [https://www.jardinesoftware.net/2016/05/26/xxe-and-net/](https://www.jardinesoftware.net/2016/05/26/xxe-and-net/)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-slack-token.detected-slack-token",
-              "id": "generic.secrets.security.detected-slack-token.detected-slack-token",
-              "name": "generic.secrets.security.detected-slack-token.detected-slack-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-slack-token.detected-slack-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.lang.security.audit.documentbuilder-dtd-enabled.documentbuilder-dtd-enabled",
+              "name": "scala.lang.security.audit.documentbuilder-dtd-enabled.documentbuilder-dtd-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.documentbuilder-dtd-enabled.documentbuilder-dtd-enabled"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`"
+              "full_description": {
+                "text": "Document Builder being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.documentbuilder-dtd-enabled.documentbuilder-dtd-enabled",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.mysql-sqli.mysql-sqli)\n - [https://www.npmjs.com/package/mysql2](https://www.npmjs.com/package/mysql2)\n",
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `connection.query('SELECT $1 from table', [userinput])`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Document Builder being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Document Builder being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.documentbuilder-dtd-enabled.documentbuilder-dtd-enabled)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.mysql-sqli.mysql-sqli",
-              "id": "javascript.aws-lambda.security.mysql-sqli.mysql-sqli",
-              "name": "javascript.aws-lambda.security.mysql-sqli.mysql-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.mysql-sqli.mysql-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-sendgrid-api-key.detected-sendgrid-api-key",
+              "name": "generic.secrets.security.detected-sendgrid-api-key.detected-sendgrid-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-sendgrid-api-key.detected-sendgrid-api-key"
               },
-              "fullDescription": {
-                "text": "The target origin of the window.postMessage() API is set to \"*\". This could allow for information disclosure due to the possibility of any origin allowed to receive the message."
+              "full_description": {
+                "text": "SendGrid API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-sendgrid-api-key.detected-sendgrid-api-key",
               "help": {
-                "markdown": "The target origin of the window.postMessage() API is set to \"*\". This could allow for information disclosure due to the possibility of any origin allowed to receive the message.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n",
-                "text": "The target origin of the window.postMessage() API is set to \"*\". This could allow for information disclosure due to the possibility of any origin allowed to receive the message.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "SendGrid API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "SendGrid API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-sendgrid-api-key.detected-sendgrid-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration",
-              "id": "javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration",
-              "name": "javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-345: Insufficient Verification of Data Authenticity",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.sqli.node-mysql-sqli.node-mysql-sqli",
+              "name": "javascript.lang.security.audit.sqli.node-mysql-sqli.node-mysql-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.sqli.node-mysql-sqli.node-mysql-sqli"
               },
-              "fullDescription": {
-                "text": "Detected a possible ZeroDivisionError."
+              "full_description": {
+                "text": "Detected a `$IMPORT` SQL statement that comes from a function argument. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-mysql-sqli.node-mysql-sqli",
               "help": {
-                "markdown": "Detected a possible ZeroDivisionError.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.divide-by-zero.divide-by-zero)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_divide_by_zero.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_divide_by_zero.rb)\n",
-                "text": "Detected a possible ZeroDivisionError.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a `$IMPORT` SQL statement that comes from a function argument. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a `$IMPORT` SQL statement that comes from a function argument. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-mysql-sqli.node-mysql-sqli)\n - [https://www.npmjs.com/package/mysql2](https://www.npmjs.com/package/mysql2)\n - [https://www.npmjs.com/package/mysql](https://www.npmjs.com/package/mysql)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.divide-by-zero.divide-by-zero",
-              "id": "ruby.lang.security.divide-by-zero.divide-by-zero",
-              "name": "ruby.lang.security.divide-by-zero.divide-by-zero",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-369: Divide By Zero",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.divide-by-zero.divide-by-zero"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.azure.security.functionapp.functionapp-enable-http2.functionapp-enable-http2",
+              "name": "terraform.azure.security.functionapp.functionapp-enable-http2.functionapp-enable-http2",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.functionapp.functionapp-enable-http2.functionapp-enable-http2"
               },
-              "fullDescription": {
-                "text": "Proxy declares a state var that may override a storage slot of the implementation"
+              "full_description": {
+                "text": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your function app resource block"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.functionapp.functionapp-enable-http2.functionapp-enable-http2",
               "help": {
-                "markdown": "Proxy declares a state var that may override a storage slot of the implementation\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.proxy-storage-collision.proxy-storage-collision)\n - [https://blog.audius.co/article/audius-governance-takeover-post-mortem-7-23-22](https://blog.audius.co/article/audius-governance-takeover-post-mortem-7-23-22)\n",
-                "text": "Proxy declares a state var that may override a storage slot of the implementation\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your function app resource block\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your function app resource block\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.functionapp.functionapp-enable-http2.functionapp-enable-http2)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#http2_enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#http2_enabled)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.proxy-storage-collision.proxy-storage-collision",
-              "id": "solidity.security.proxy-storage-collision.proxy-storage-collision",
-              "name": "solidity.security.proxy-storage-collision.proxy-storage-collision",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-787: Out-of-bounds Write",
-                  "HIGH CONFIDENCE",
+                  "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.proxy-storage-collision.proxy-storage-collision"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-fsx-lustre-filesystem-encrypted-with-cmk.aws-fsx-lustre-filesystem-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-fsx-lustre-filesystem-encrypted-with-cmk.aws-fsx-lustre-filesystem-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-fsx-lustre-filesystem-encrypted-with-cmk.aws-fsx-lustre-filesystem-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "The 'FTP' class sends information unencrypted. Consider using the 'FTP_TLS' class instead."
+              "full_description": {
+                "text": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-fsx-lustre-filesystem-encrypted-with-cmk.aws-fsx-lustre-filesystem-encrypted-with-cmk",
               "help": {
-                "markdown": "The 'FTP' class sends information unencrypted. Consider using the 'FTP_TLS' class instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.ftplib.use-ftp-tls.use-ftp-tls)\n - [https://docs.python.org/3/library/ftplib.html#ftplib.FTP_TLS](https://docs.python.org/3/library/ftplib.html#ftplib.FTP_TLS)\n",
-                "text": "The 'FTP' class sends information unencrypted. Consider using the 'FTP_TLS' class instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-fsx-lustre-filesystem-encrypted-with-cmk.aws-fsx-lustre-filesystem-encrypted-with-cmk)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.ftplib.use-ftp-tls.use-ftp-tls",
-              "id": "python.lang.security.audit.insecure-transport.ftplib.use-ftp-tls.use-ftp-tls",
-              "name": "python.lang.security.audit.insecure-transport.ftplib.use-ftp-tls.use-ftp-tls",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-311: Missing Encryption of Sensitive Data",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.ftplib.use-ftp-tls.use-ftp-tls"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.ruby-stdlib.http-client-requests.http-client-requests",
+              "name": "problem-based-packs.insecure-transport.ruby-stdlib.http-client-requests.http-client-requests",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.ruby-stdlib.http-client-requests.http-client-requests"
+              },
+              "full_description": {
+                "text": "Checks for requests to http (unencrypted) sites using some of ruby's most popular REST/HTTP libraries, including httparty and restclient."
               },
-              "fullDescription": {
-                "text": "Semgrep found potential reverse shell behavior"
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.http-client-requests.http-client-requests",
               "help": {
-                "markdown": "Semgrep found potential reverse shell behavior\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.java-reverse-shell.java-reverse-shell)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Semgrep found potential reverse shell behavior\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests to http (unencrypted) sites using some of ruby's most popular REST/HTTP libraries, including httparty and restclient.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests to http (unencrypted) sites using some of ruby's most popular REST/HTTP libraries, including httparty and restclient.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.http-client-requests.http-client-requests)\n - [https://github.com/rest-client/rest-client](https://github.com/rest-client/rest-client)\n - [https://github.com/jnunemaker/httparty/tree/master/docs](https://github.com/jnunemaker/httparty/tree/master/docs)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.java-reverse-shell.java-reverse-shell",
-              "id": "java.lang.security.audit.java-reverse-shell.java-reverse-shell",
-              "name": "java.lang.security.audit.java-reverse-shell.java-reverse-shell",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.java-reverse-shell.java-reverse-shell"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.jsonwebtoken.security.audit.jwt-decode-without-verify.jwt-decode-without-verify",
+              "name": "javascript.jsonwebtoken.security.audit.jwt-decode-without-verify.jwt-decode-without-verify",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.jsonwebtoken.security.audit.jwt-decode-without-verify.jwt-decode-without-verify"
               },
-              "fullDescription": {
-                "text": "Ensure EBS Snapshot is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.jsonwebtoken.security.audit.jwt-decode-without-verify.jwt-decode-without-verify",
               "help": {
-                "markdown": "Ensure EBS Snapshot is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ebs-snapshot-encrypted-with-cmk.aws-ebs-snapshot-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure EBS Snapshot is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jsonwebtoken.security.audit.jwt-decode-without-verify.jwt-decode-without-verify)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-ebs-snapshot-encrypted-with-cmk.aws-ebs-snapshot-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-ebs-snapshot-encrypted-with-cmk.aws-ebs-snapshot-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-ebs-snapshot-encrypted-with-cmk.aws-ebs-snapshot-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-345: Insufficient Verification of Data Authenticity",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-ebs-snapshot-encrypted-with-cmk.aws-ebs-snapshot-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe",
+              "name": "clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe",
+              "short_description": {
+                "text": "Semgrep Finding: clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe"
               },
-              "fullDescription": {
-                "text": "top-level app.run(...) is ignored by flask. Consider putting app.run(...) behind a guard, like inside a function"
+              "full_description": {
+                "text": "DOCTYPE declarations are enabled for javax.xml.parsers.SAXParserFactory. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe",
               "help": {
-                "markdown": "top-level app.run(...) is ignored by flask. Consider putting app.run(...) behind a guard, like inside a function\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.app-run-security-config.avoid_using_app_run_directly)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "top-level app.run(...) is ignored by flask. Consider putting app.run(...) behind a guard, like inside a function\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "DOCTYPE declarations are enabled for javax.xml.parsers.SAXParserFactory. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "DOCTYPE declarations are enabled for javax.xml.parsers.SAXParserFactory. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://xerces.apache.org/xerces2-j/features.html](https://xerces.apache.org/xerces2-j/features.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.app-run-security-config.avoid_using_app_run_directly",
-              "id": "python.flask.security.audit.app-run-security-config.avoid_using_app_run_directly",
-              "name": "python.flask.security.audit.app-run-security-config.avoid_using_app_run_directly",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-668: Exposure of Resource to Wrong Sphere",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.app-run-security-config.avoid_using_app_run_directly"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.lang.security.ecr-image-scan-on-push.ecr-image-scan-on-push",
+              "name": "terraform.lang.security.ecr-image-scan-on-push.ecr-image-scan-on-push",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.lang.security.ecr-image-scan-on-push.ecr-image-scan-on-push"
               },
-              "fullDescription": {
-                "text": "User-controlled data from a request is passed to 'execute()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`."
+              "full_description": {
+                "text": "The ECR Repository isn't configured to scan images on push"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/terraform.lang.security.ecr-image-scan-on-push.ecr-image-scan-on-push",
               "help": {
-                "markdown": "User-controlled data from a request is passed to 'execute()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute)\n - [https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection](https://docs.djangoproject.com/en/3.0/topics/security/#sql-injection-protection)\n",
-                "text": "User-controlled data from a request is passed to 'execute()'. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use django's QuerySets, which are built with query parameterization and therefore not vulnerable to sql injection. For example, you could use `Entry.objects.filter(date=2006)`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The ECR Repository isn't configured to scan images on push\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The ECR Repository isn't configured to scan images on push\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.ecr-image-scan-on-push.ecr-image-scan-on-push)\n - [https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components](https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute",
-              "id": "python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute",
-              "name": "python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-1104: Use of Unmaintained Third Party Components",
+                  "LOW CONFIDENCE",
+                  "OWASP-A06:2021 - Vulnerable and Outdated Components",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.sql.sql-injection-using-db-cursor-execute.sql-injection-db-cursor-execute"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.compound-borrowfresh-reentrancy.compound-borrowfresh-reentrancy",
+              "name": "solidity.security.compound-borrowfresh-reentrancy.compound-borrowfresh-reentrancy",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.compound-borrowfresh-reentrancy.compound-borrowfresh-reentrancy"
               },
-              "fullDescription": {
-                "text": "The TokenValidationParameters.$LIFETIME is set to $FALSE, this means the JWT tokens lifetime is not validated. This can lead to an JWT token being used after it has expired, which has security implications. It is recommended to validate the JWT lifetime to ensure only valid tokens are used."
+              "full_description": {
+                "text": "Function borrowFresh() in Compound performs state update after doTransferOut()"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.compound-borrowfresh-reentrancy.compound-borrowfresh-reentrancy",
               "help": {
-                "markdown": "The TokenValidationParameters.$LIFETIME is set to $FALSE, this means the JWT tokens lifetime is not validated. This can lead to an JWT token being used after it has expired, which has security implications. It is recommended to validate the JWT lifetime to ensure only valid tokens are used.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.ad.jwt-tokenvalidationparameters-no-expiry-validation.jwt-tokenvalidationparameters-no-expiry-validation)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/)\n - [https://cwe.mitre.org/data/definitions/613.html](https://cwe.mitre.org/data/definitions/613.html)\n - [https://docs.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.tokens.tokenvalidationparameters?view=azure-dotnet](https://docs.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.tokens.tokenvalidationparameters?view=azure-dotnet)\n",
-                "text": "The TokenValidationParameters.$LIFETIME is set to $FALSE, this means the JWT tokens lifetime is not validated. This can lead to an JWT token being used after it has expired, which has security implications. It is recommended to validate the JWT lifetime to ensure only valid tokens are used.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Function borrowFresh() in Compound performs state update after doTransferOut()\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Function borrowFresh() in Compound performs state update after doTransferOut()\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.compound-borrowfresh-reentrancy.compound-borrowfresh-reentrancy)\n - [https://twitter.com/peckshield/status/1509431646818234369](https://twitter.com/peckshield/status/1509431646818234369)\n - [https://twitter.com/blocksecteam/status/1509466576848064512](https://twitter.com/blocksecteam/status/1509466576848064512)\n - [https://slowmist.medium.com/another-day-another-reentrancy-attack-5cde10bbb2b4](https://slowmist.medium.com/another-day-another-reentrancy-attack-5cde10bbb2b4)\n - [https://explorer.fuse.io/address/0x139Eb08579eec664d461f0B754c1F8B569044611](https://explorer.fuse.io/address/0x139Eb08579eec664d461f0B754c1F8B569044611)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.ad.jwt-tokenvalidationparameters-no-expiry-validation.jwt-tokenvalidationparameters-no-expiry-validation",
-              "id": "csharp.lang.security.ad.jwt-tokenvalidationparameters-no-expiry-validation.jwt-tokenvalidationparameters-no-expiry-validation",
-              "name": "csharp.lang.security.ad.jwt-tokenvalidationparameters-no-expiry-validation.jwt-tokenvalidationparameters-no-expiry-validation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-613: Insufficient Session Expiration",
+                  "CWE-841: Improper Enforcement of Behavioral Workflow",
                   "HIGH CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.ad.jwt-tokenvalidationparameters-no-expiry-validation.jwt-tokenvalidationparameters-no-expiry-validation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.express-sandbox-injection.express-sandbox-code-injection",
+              "name": "javascript.express.security.express-sandbox-injection.express-sandbox-code-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-sandbox-injection.express-sandbox-code-injection"
               },
-              "fullDescription": {
-                "text": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding the `allowPrivilegeEscalation` parameter to your the `securityContext`, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks."
+              "full_description": {
+                "text": "Make sure that unverified user data can not reach `sandbox`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-sandbox-injection.express-sandbox-code-injection",
               "help": {
-                "markdown": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding the `allowPrivilegeEscalation` parameter to your the `securityContext`, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation.allow-privilege-escalation)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n - [https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag)\n",
-                "text": "In Kubernetes, each pod runs in its own isolated environment with its own set of security policies. However, certain container images may contain `setuid` or `setgid` binaries that could allow an attacker to perform privilege escalation and gain access to sensitive resources. To mitigate this risk, it's recommended to add a `securityContext` to the container in the pod, with the parameter `allowPrivilegeEscalation` set to `false`. This will prevent the container from running any privileged processes and limit the impact of any potential attacks. By adding the `allowPrivilegeEscalation` parameter to your the `securityContext`, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Make sure that unverified user data can not reach `sandbox`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Make sure that unverified user data can not reach `sandbox`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-sandbox-injection.express-sandbox-code-injection)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.allow-privilege-escalation.allow-privilege-escalation",
-              "id": "yaml.kubernetes.security.allow-privilege-escalation.allow-privilege-escalation",
-              "name": "yaml.kubernetes.security.allow-privilege-escalation.allow-privilege-escalation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.allow-privilege-escalation.allow-privilege-escalation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "scala.lang.security.audit.scalaj-http-ssrf.scalaj-http-ssrf",
+              "name": "scala.lang.security.audit.scalaj-http-ssrf.scalaj-http-ssrf",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.scalaj-http-ssrf.scalaj-http-ssrf"
               },
-              "fullDescription": {
-                "text": "GCM IV/nonce is reused: encryption can be totally useless"
+              "full_description": {
+                "text": "A parameter being passed directly into `Http` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.scalaj-http-ssrf.scalaj-http-ssrf",
               "help": {
-                "markdown": "GCM IV/nonce is reused: encryption can be totally useless\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.gcm-nonce-reuse.gcm-nonce-reuse)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "GCM IV/nonce is reused: encryption can be totally useless\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A parameter being passed directly into `Http` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A parameter being passed directly into `Http` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.scalaj-http-ssrf.scalaj-http-ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n - [https://github.com/scalaj/scalaj-http#simplified-http](https://github.com/scalaj/scalaj-http#simplified-http)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.gcm-nonce-reuse.gcm-nonce-reuse",
-              "id": "java.lang.security.audit.crypto.gcm-nonce-reuse.gcm-nonce-reuse",
-              "name": "java.lang.security.audit.crypto.gcm-nonce-reuse.gcm-nonce-reuse",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-323: Reusing a Nonce, Key Pair in Encryption",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.gcm-nonce-reuse.gcm-nonce-reuse"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.rails.security.audit.avoid-tainted-http-request.avoid-tainted-http-request",
+              "name": "ruby.rails.security.audit.avoid-tainted-http-request.avoid-tainted-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.avoid-tainted-http-request.avoid-tainted-http-request"
               },
-              "fullDescription": {
-                "text": "Found user-controllable input to Ruby reflection functionality. This allows a remote user to influence runtime behavior, up to and including arbitrary remote code execution. Do not provide user-controllable input to reflection functionality. Do not call symbol conversion on user-controllable input."
+              "full_description": {
+                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-http-request.avoid-tainted-http-request",
               "help": {
-                "markdown": "Found user-controllable input to Ruby reflection functionality. This allows a remote user to influence runtime behavior, up to and including arbitrary remote code execution. Do not provide user-controllable input to reflection functionality. Do not call symbol conversion on user-controllable input.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-unsafe-reflection.check-unsafe-reflection)\n - [https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails2/app/controllers/application_controller.rb](https://github.com/presidentbeef/brakeman/blob/main/test/apps/rails2/app/controllers/application_controller.rb)\n",
-                "text": "Found user-controllable input to Ruby reflection functionality. This allows a remote user to influence runtime behavior, up to and including arbitrary remote code execution. Do not provide user-controllable input to reflection functionality. Do not call symbol conversion on user-controllable input.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-http-request.avoid-tainted-http-request)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-unsafe-reflection.check-unsafe-reflection",
-              "id": "ruby.rails.security.brakeman.check-unsafe-reflection.check-unsafe-reflection",
-              "name": "ruby.rails.security.brakeman.check-unsafe-reflection.check-unsafe-reflection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-unsafe-reflection.check-unsafe-reflection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.nginx.security.missing-internal.missing-internal",
+              "name": "generic.nginx.security.missing-internal.missing-internal",
+              "short_description": {
+                "text": "Semgrep Finding: generic.nginx.security.missing-internal.missing-internal"
               },
-              "fullDescription": {
-                "text": "Default session middleware settings: `path` not set. It indicates the path of the cookie; use it to compare against the request path. If this and domain match, then send the cookie in the request."
+              "full_description": {
+                "text": "This location block contains a 'proxy_pass' directive but does not contain the 'internal' directive. The 'internal' directive restricts access to this location to internal requests. Without 'internal', an attacker could use your server for server-side request forgeries (SSRF). Include the 'internal' directive in this block to limit exposure."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.nginx.security.missing-internal.missing-internal",
               "help": {
-                "markdown": "Default session middleware settings: `path` not set. It indicates the path of the cookie; use it to compare against the request path. If this and domain match, then send the cookie in the request.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-path)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Default session middleware settings: `path` not set. It indicates the path of the cookie; use it to compare against the request path. If this and domain match, then send the cookie in the request.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "This location block contains a 'proxy_pass' directive but does not contain the 'internal' directive. The 'internal' directive restricts access to this location to internal requests. Without 'internal', an attacker could use your server for server-side request forgeries (SSRF). Include the 'internal' directive in this block to limit exposure.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This location block contains a 'proxy_pass' directive but does not contain the 'internal' directive. The 'internal' directive restricts access to this location to internal requests. Without 'internal', an attacker could use your server for server-side request forgeries (SSRF). Include the 'internal' directive in this block to limit exposure.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.missing-internal.missing-internal)\n - [https://github.com/yandex/gixy/blob/master/docs/en/plugins/ssrf.md](https://github.com/yandex/gixy/blob/master/docs/en/plugins/ssrf.md)\n - [https://nginx.org/en/docs/http/ngx_http_core_module.html#internal](https://nginx.org/en/docs/http/ngx_http_core_module.html#internal)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-path",
-              "id": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-path",
-              "name": "javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-path",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-16: CWE CATEGORY: Configuration",
+                  "LOW CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-cookie-settings.express-cookie-session-no-path"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.flask.security.injection.user-eval.eval-injection",
+              "name": "python.flask.security.injection.user-eval.eval-injection",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.injection.user-eval.eval-injection"
               },
-              "fullDescription": {
-                "text": "Found '$SPAWN' with '{shell: $SHELL}'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use '{shell: false}' instead."
+              "full_description": {
+                "text": "Detected user data flowing into eval. This is code injection and should be avoided."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.injection.user-eval.eval-injection",
               "help": {
-                "markdown": "Found '$SPAWN' with '{shell: $SHELL}'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use '{shell: false}' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.spawn-shell-true.spawn-shell-true)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Found '$SPAWN' with '{shell: $SHELL}'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use '{shell: false}' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user data flowing into eval. This is code injection and should be avoided.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user data flowing into eval. This is code injection and should be avoided.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.user-eval.eval-injection)\n - [https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html](https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.spawn-shell-true.spawn-shell-true",
-              "id": "javascript.lang.security.audit.spawn-shell-true.spawn-shell-true",
-              "name": "javascript.lang.security.audit.spawn-shell-true.spawn-shell-true",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.spawn-shell-true.spawn-shell-true"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.aws-cdk.security.audit.awscdk-bucket-enforcessl.aws-cdk-bucket-enforcessl",
+              "name": "typescript.aws-cdk.security.audit.awscdk-bucket-enforcessl.aws-cdk-bucket-enforcessl",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.aws-cdk.security.audit.awscdk-bucket-enforcessl.aws-cdk-bucket-enforcessl"
               },
-              "fullDescription": {
-                "text": "Detected input from a HTTPServletRequest going into a XPath evaluate or compile command. This could lead to xpath injection if variables passed into the evaluate or compile commands are not properly sanitized. Xpath injection could lead to unauthorized access to sensitive information in XML documents. Instead, thoroughly sanitize user input or use parameterized xpath queries if you can."
+              "full_description": {
+                "text": "Bucket $X is not set to enforce encryption-in-transit, if not explictly setting this on the bucket policy - the property \"enforceSSL\" should be set to true"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-bucket-enforcessl.aws-cdk-bucket-enforcessl",
               "help": {
-                "markdown": "Detected input from a HTTPServletRequest going into a XPath evaluate or compile command. This could lead to xpath injection if variables passed into the evaluate or compile commands are not properly sanitized. Xpath injection could lead to unauthorized access to sensitive information in XML documents. Instead, thoroughly sanitize user input or use parameterized xpath queries if you can.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.tainted-xpath-from-http-request.tainted-xpath-from-http-request)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected input from a HTTPServletRequest going into a XPath evaluate or compile command. This could lead to xpath injection if variables passed into the evaluate or compile commands are not properly sanitized. Xpath injection could lead to unauthorized access to sensitive information in XML documents. Instead, thoroughly sanitize user input or use parameterized xpath queries if you can.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Bucket $X is not set to enforce encryption-in-transit, if not explictly setting this on the bucket policy - the property \"enforceSSL\" should be set to true\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Bucket $X is not set to enforce encryption-in-transit, if not explictly setting this on the bucket policy - the property \"enforceSSL\" should be set to true\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-bucket-enforcessl.aws-cdk-bucket-enforcessl)\n - [https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html](https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.tainted-xpath-from-http-request.tainted-xpath-from-http-request",
-              "id": "java.lang.security.audit.tainted-xpath-from-http-request.tainted-xpath-from-http-request",
-              "name": "java.lang.security.audit.tainted-xpath-from-http-request.tainted-xpath-from-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-643: Improper Neutralization of Data within XPath Expressions ('XPath Injection')",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.tainted-xpath-from-http-request.tainted-xpath-from-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.ssl.insecure-hostname-verifier.insecure-hostname-verifier",
+              "name": "java.lang.security.audit.crypto.ssl.insecure-hostname-verifier.insecure-hostname-verifier",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.ssl.insecure-hostname-verifier.insecure-hostname-verifier"
               },
-              "fullDescription": {
-                "text": "When working with web applications that involve rendering user-generated  content, it's important to properly escape any HTML content to prevent  Cross-Site Scripting (XSS) attacks. In Go, the `text/template` package does  not automatically escape HTML content, which can leave your application  vulnerable to these types of attacks. To mitigate this risk, it's  recommended to use the `html/template` package instead, which provides  built-in functionality for HTML escaping. By using `html/template` to render  your HTML content, you can help to ensure that your web application is more  secure and less susceptible to XSS vulnerabilities."
+              "full_description": {
+                "text": "Insecure HostnameVerifier implementation detected. This will accept any SSL certificate with any hostname, which creates the possibility for man-in-the-middle attacks."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.insecure-hostname-verifier.insecure-hostname-verifier",
               "help": {
-                "markdown": "When working with web applications that involve rendering user-generated  content, it's important to properly escape any HTML content to prevent  Cross-Site Scripting (XSS) attacks. In Go, the `text/template` package does  not automatically escape HTML content, which can leave your application  vulnerable to these types of attacks. To mitigate this risk, it's  recommended to use the `html/template` package instead, which provides  built-in functionality for HTML escaping. By using `html/template` to render  your HTML content, you can help to ensure that your web application is more  secure and less susceptible to XSS vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.import-text-template.import-text-template)\n - [https://www.veracode.com/blog/secure-development/use-golang-these-mistakes-could-compromise-your-apps-security](https://www.veracode.com/blog/secure-development/use-golang-these-mistakes-could-compromise-your-apps-security)\n",
-                "text": "When working with web applications that involve rendering user-generated  content, it's important to properly escape any HTML content to prevent  Cross-Site Scripting (XSS) attacks. In Go, the `text/template` package does  not automatically escape HTML content, which can leave your application  vulnerable to these types of attacks. To mitigate this risk, it's  recommended to use the `html/template` package instead, which provides  built-in functionality for HTML escaping. By using `html/template` to render  your HTML content, you can help to ensure that your web application is more  secure and less susceptible to XSS vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Insecure HostnameVerifier implementation detected. This will accept any SSL certificate with any hostname, which creates the possibility for man-in-the-middle attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Insecure HostnameVerifier implementation detected. This will accept any SSL certificate with any hostname, which creates the possibility for man-in-the-middle attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.insecure-hostname-verifier.insecure-hostname-verifier)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.xss.import-text-template.import-text-template",
-              "id": "go.lang.security.audit.xss.import-text-template.import-text-template",
-              "name": "go.lang.security.audit.xss.import-text-template.import-text-template",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-295: Improper Certificate Validation",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.xss.import-text-template.import-text-template"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.angular.security.detect-angular-element-taint.detect-angular-element-taint",
+              "name": "javascript.angular.security.detect-angular-element-taint.detect-angular-element-taint",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.angular.security.detect-angular-element-taint.detect-angular-element-taint"
               },
-              "fullDescription": {
-                "text": "Potential arbitrary code execution, piped to eval"
+              "full_description": {
+                "text": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-element-taint.detect-angular-element-taint",
               "help": {
-                "markdown": "Potential arbitrary code execution, piped to eval\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.thenify.security.audit.multiargs-code-execution.multiargs-code-execution)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Potential arbitrary code execution, piped to eval\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-element-taint.detect-angular-element-taint)\n - [https://docs.angularjs.org/api/ng/function/angular.element](https://docs.angularjs.org/api/ng/function/angular.element)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.thenify.security.audit.multiargs-code-execution.multiargs-code-execution",
-              "id": "javascript.thenify.security.audit.multiargs-code-execution.multiargs-code-execution",
-              "name": "javascript.thenify.security.audit.multiargs-code-execution.multiargs-code-execution",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.thenify.security.audit.multiargs-code-execution.multiargs-code-execution"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "scala.slick.security.scala-slick-sql-non-literal.scala-slick-sql-non-literal",
+              "name": "scala.slick.security.scala-slick-sql-non-literal.scala-slick-sql-non-literal",
+              "short_description": {
+                "text": "Semgrep Finding: scala.slick.security.scala-slick-sql-non-literal.scala-slick-sql-non-literal"
               },
-              "fullDescription": {
-                "text": "Checks for calls to without_protection during mass assignment (which allows record creation from hash values). This can lead to users bypassing permissions protections. For Rails 4 and higher, mass protection is on by default. Fix: Don't use :without_protection => true. Instead, configure attr_accessible to control attribute access."
+              "full_description": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using `#$variable` and use `$variable` in `sql\"...\"` strings instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/scala.slick.security.scala-slick-sql-non-literal.scala-slick-sql-non-literal",
               "help": {
-                "markdown": "Checks for calls to without_protection during mass assignment (which allows record creation from hash values). This can lead to users bypassing permissions protections. For Rails 4 and higher, mass protection is on by default. Fix: Don't use :without_protection => true. Instead, configure attr_accessible to control attribute access.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.unprotected-mass-assign.mass-assignment-vuln)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_without_protection.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_without_protection.rb)\n - [https://www.acunetix.com/vulnerabilities/web/rails-mass-assignment/](https://www.acunetix.com/vulnerabilities/web/rails-mass-assignment/)\n",
-                "text": "Checks for calls to without_protection during mass assignment (which allows record creation from hash values). This can lead to users bypassing permissions protections. For Rails 4 and higher, mass protection is on by default. Fix: Don't use :without_protection => true. Instead, configure attr_accessible to control attribute access.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using `#$variable` and use `$variable` in `sql\"...\"` strings instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using `#$variable` and use `$variable` in `sql\"...\"` strings instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.slick.security.scala-slick-sql-non-literal.scala-slick-sql-non-literal)\n - [https://scala-slick.org/doc/3.3.3/sql.html#splicing-literal-values](https://scala-slick.org/doc/3.3.3/sql.html#splicing-literal-values)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.unprotected-mass-assign.mass-assignment-vuln",
-              "id": "ruby.lang.security.unprotected-mass-assign.mass-assignment-vuln",
-              "name": "ruby.lang.security.unprotected-mass-assign.mass-assignment-vuln",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.unprotected-mass-assign.mass-assignment-vuln"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.audit.xss.pug.var-in-script-tag.var-in-script-tag",
+              "name": "javascript.express.security.audit.xss.pug.var-in-script-tag.var-in-script-tag",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.xss.pug.var-in-script-tag.var-in-script-tag"
               },
-              "fullDescription": {
-                "text": "CodeBuild Project $X is set to have a public URL. This will make the build results, logs, artifacts publically accessible, including builds prior to the project being public. Ensure this is acceptable for the project."
+              "full_description": {
+                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.xss.pug.var-in-script-tag.var-in-script-tag",
               "help": {
-                "markdown": "CodeBuild Project $X is set to have a public URL. This will make the build results, logs, artifacts publically accessible, including builds prior to the project being public. Ensure this is acceptable for the project.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.aws-cdk.security.awscdk-codebuild-project-public.awscdk-codebuild-project-public)\n - [https://docs.aws.amazon.com/codebuild/latest/userguide/public-builds.html](https://docs.aws.amazon.com/codebuild/latest/userguide/public-builds.html)\n",
-                "text": "CodeBuild Project $X is set to have a public URL. This will make the build results, logs, artifacts publically accessible, including builds prior to the project being public. Ensure this is acceptable for the project.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.pug.var-in-script-tag.var-in-script-tag)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.aws-cdk.security.awscdk-codebuild-project-public.awscdk-codebuild-project-public",
-              "id": "typescript.aws-cdk.security.awscdk-codebuild-project-public.awscdk-codebuild-project-public",
-              "name": "typescript.aws-cdk.security.awscdk-codebuild-project-public.awscdk-codebuild-project-public",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-306: Missing Authentication for Critical Function",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.aws-cdk.security.awscdk-codebuild-project-public.awscdk-codebuild-project-public"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.command.subprocess-injection.subprocess-injection",
+              "name": "python.django.security.injection.command.subprocess-injection.subprocess-injection",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.command.subprocess-injection.subprocess-injection"
               },
-              "fullDescription": {
-                "text": "Use of AES with no settings detected. By default, java.crypto.Cipher uses ECB mode. ECB doesn't  provide message confidentiality and is not semantically secure so should not be used. Instead, use a strong, secure cipher: java.crypto.Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information."
+              "full_description": {
+                "text": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.command.subprocess-injection.subprocess-injection",
               "help": {
-                "markdown": "Use of AES with no settings detected. By default, java.crypto.Cipher uses ECB mode. ECB doesn't  provide message confidentiality and is not semantically secure so should not be used. Instead, use a strong, secure cipher: java.crypto.Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-default-aes.use-of-default-aes)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n - [https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html](https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html)\n",
-                "text": "Use of AES with no settings detected. By default, java.crypto.Cipher uses ECB mode. ECB doesn't  provide message confidentiality and is not semantically secure so should not be used. Instead, use a strong, secure cipher: java.crypto.Cipher.getInstance(\"AES/CBC/PKCS7PADDING\"). See https://owasp.org/www-community/Using_the_Java_Cryptographic_Extensions for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.command.subprocess-injection.subprocess-injection)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-default-aes.use-of-default-aes",
-              "id": "java.lang.security.audit.crypto.use-of-default-aes.use-of-default-aes",
-              "name": "java.lang.security.audit.crypto.use-of-default-aes.use-of-default-aes",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-default-aes.use-of-default-aes"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.network.bind.avoid-bind-to-all-interfaces",
+              "name": "python.lang.security.audit.network.bind.avoid-bind-to-all-interfaces",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.network.bind.avoid-bind-to-all-interfaces"
               },
-              "fullDescription": {
-                "text": "A parameter being passed directly into `WSClient` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              "full_description": {
+                "text": "Running `socket.bind` to 0.0.0.0, or empty string could unexpectedly expose the server publicly as it binds to all available interfaces. Consider instead getting correct address from an environment variable or configuration file."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.network.bind.avoid-bind-to-all-interfaces",
               "help": {
-                "markdown": "A parameter being passed directly into `WSClient` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.play.security.webservice-ssrf.webservice-ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n - [https://www.playframework.com/documentation/2.8.x/ScalaWS](https://www.playframework.com/documentation/2.8.x/ScalaWS)\n",
-                "text": "A parameter being passed directly into `WSClient` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Running `socket.bind` to 0.0.0.0, or empty string could unexpectedly expose the server publicly as it binds to all available interfaces. Consider instead getting correct address from an environment variable or configuration file.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Running `socket.bind` to 0.0.0.0, or empty string could unexpectedly expose the server publicly as it binds to all available interfaces. Consider instead getting correct address from an environment variable or configuration file.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.network.bind.avoid-bind-to-all-interfaces)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.play.security.webservice-ssrf.webservice-ssrf",
-              "id": "scala.play.security.webservice-ssrf.webservice-ssrf",
-              "name": "scala.play.security.webservice-ssrf.webservice-ssrf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.play.security.webservice-ssrf.webservice-ssrf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.missing-csrf-protection.missing-csrf-protection",
+              "name": "ruby.lang.security.missing-csrf-protection.missing-csrf-protection",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.missing-csrf-protection.missing-csrf-protection"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls."
+              "full_description": {
+                "text": "Detected controller which does not enable cross-site request forgery protections using 'protect_from_forgery'. Add 'protect_from_forgery :with => :exception' to your controller class."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.missing-csrf-protection.missing-csrf-protection",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.aws-lambda.security.database-sqli.database-sqli)\n - [https://pkg.go.dev/database/sql#DB.Query](https://pkg.go.dev/database/sql#DB.Query)\n",
-                "text": "Detected SQL statement that is tainted by `$EVENT` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use prepared statements with the 'Prepare' and 'PrepareContext' calls.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected controller which does not enable cross-site request forgery protections using 'protect_from_forgery'. Add 'protect_from_forgery :with => :exception' to your controller class.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected controller which does not enable cross-site request forgery protections using 'protect_from_forgery'. Add 'protect_from_forgery :with => :exception' to your controller class.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.missing-csrf-protection.missing-csrf-protection)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.aws-lambda.security.database-sqli.database-sqli",
-              "id": "go.aws-lambda.security.database-sqli.database-sqli",
-              "name": "go.aws-lambda.security.database-sqli.database-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.aws-lambda.security.database-sqli.database-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.php-permissive-cors.php-permissive-cors",
+              "name": "php.lang.security.php-permissive-cors.php-permissive-cors",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.php-permissive-cors.php-permissive-cors"
               },
-              "fullDescription": {
-                "text": "ARC4 (Alleged RC4) is a stream cipher with serious weaknesses in its initial stream output.  Its use is strongly discouraged. ARC4 does not use mode constructions. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use the `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead."
+              "full_description": {
+                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.php-permissive-cors.php-permissive-cors",
               "help": {
-                "markdown": "ARC4 (Alleged RC4) is a stream cipher with serious weaknesses in its initial stream output.  Its use is strongly discouraged. ARC4 does not use mode constructions. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use the `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms-arc4.insecure-cipher-algorithm-arc4)\n - [https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#weak-ciphers](https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/#weak-ciphers)\n",
-                "text": "ARC4 (Alleged RC4) is a stream cipher with serious weaknesses in its initial stream output.  Its use is strongly discouraged. ARC4 does not use mode constructions. Use a strong symmetric cipher such as EAS instead. With the `cryptography` package it is recommended to use the `Fernet` which is a secure implementation of AES in CBC mode with a 128-bit key.  Alternatively, keep using the `Cipher` class from the hazmat primitives but use the AES algorithm instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.php-permissive-cors.php-permissive-cors)\n - [https://developer.mozilla.org/ru/docs/Web/HTTP/Headers/Access-Control-Allow-Origin](https://developer.mozilla.org/ru/docs/Web/HTTP/Headers/Access-Control-Allow-Origin)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.cryptography.security.insecure-cipher-algorithms-arc4.insecure-cipher-algorithm-arc4",
-              "id": "python.cryptography.security.insecure-cipher-algorithms-arc4.insecure-cipher-algorithm-arc4",
-              "name": "python.cryptography.security.insecure-cipher-algorithms-arc4.insecure-cipher-algorithm-arc4",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-346: Origin Validation Error",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.cryptography.security.insecure-cipher-algorithms-arc4.insecure-cipher-algorithm-arc4"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-lambda-environment-credentials.aws-lambda-environment-credentials",
+              "name": "terraform.aws.security.aws-lambda-environment-credentials.aws-lambda-environment-credentials",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-lambda-environment-credentials.aws-lambda-environment-credentials"
               },
-              "fullDescription": {
-                "text": "Detected usage of noassert in Buffer API, which allows the offset the be beyond the end of the buffer. This could result in writing or reading beyond the end of the buffer."
+              "full_description": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-lambda-environment-credentials.aws-lambda-environment-credentials",
               "help": {
-                "markdown": "Detected usage of noassert in Buffer API, which allows the offset the be beyond the end of the buffer. This could result in writing or reading beyond the end of the buffer.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert)\n - [https://cwe.mitre.org/data/definitions/119.html](https://cwe.mitre.org/data/definitions/119.html)\n",
-                "text": "Detected usage of noassert in Buffer API, which allows the offset the be beyond the end of the buffer. This could result in writing or reading beyond the end of the buffer.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-lambda-environment-credentials.aws-lambda-environment-credentials)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert",
-              "id": "javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert",
-              "name": "javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
-                  "LOW CONFIDENCE",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.rails.security.brakeman.check-redirect-to.check-redirect-to",
+              "name": "ruby.rails.security.brakeman.check-redirect-to.check-redirect-to",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-redirect-to.check-redirect-to"
               },
-              "fullDescription": {
-                "text": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'."
+              "full_description": {
+                "text": "Found potentially unsafe handling of redirect behavior $X. Do not pass `params` to `redirect_to` without the `:only_path => true` hash value."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-redirect-to.check-redirect-to",
               "help": {
-                "markdown": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/dockerfile.security.missing-user-entrypoint.missing-user-entrypoint)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found potentially unsafe handling of redirect behavior $X. Do not pass `params` to `redirect_to` without the `:only_path => true` hash value.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found potentially unsafe handling of redirect behavior $X. Do not pass `params` to `redirect_to` without the `:only_path => true` hash value.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-redirect-to.check-redirect-to)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/dockerfile.security.missing-user-entrypoint.missing-user-entrypoint",
-              "id": "dockerfile.security.missing-user-entrypoint.missing-user-entrypoint",
-              "name": "dockerfile.security.missing-user-entrypoint.missing-user-entrypoint",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-269: Improper Privilege Management",
+                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: dockerfile.security.missing-user-entrypoint.missing-user-entrypoint"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.rmi.security.server-dangerous-class-deserialization.server-dangerous-class-deserialization",
+              "name": "java.rmi.security.server-dangerous-class-deserialization.server-dangerous-class-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: java.rmi.security.server-dangerous-class-deserialization.server-dangerous-class-deserialization"
               },
-              "fullDescription": {
-                "text": "User data flows into the host portion of this manually-constructed HTML. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. Consider using a sanitization library such as DOMPurify to sanitize the HTML within."
+              "full_description": {
+                "text": "Using a non-primitive class with Java RMI may be an insecure deserialization vulnerability. Depending on the underlying implementation. This object could be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.rmi.security.server-dangerous-class-deserialization.server-dangerous-class-deserialization",
               "help": {
-                "markdown": "User data flows into the host portion of this manually-constructed HTML. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. Consider using a sanitization library such as DOMPurify to sanitize the HTML within.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.injection.raw-html-format.raw-html-format)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)\n",
-                "text": "User data flows into the host portion of this manually-constructed HTML. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. Consider using a sanitization library such as DOMPurify to sanitize the HTML within.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using a non-primitive class with Java RMI may be an insecure deserialization vulnerability. Depending on the underlying implementation. This object could be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using a non-primitive class with Java RMI may be an insecure deserialization vulnerability. Depending on the underlying implementation. This object could be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.rmi.security.server-dangerous-class-deserialization.server-dangerous-class-deserialization)\n - [https://mogwailabs.de/blog/2019/03/attacking-java-rmi-services-after-jep-290/](https://mogwailabs.de/blog/2019/03/attacking-java-rmi-services-after-jep-290/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.injection.raw-html-format.raw-html-format",
-              "id": "javascript.express.security.injection.raw-html-format.raw-html-format",
-              "name": "javascript.express.security.injection.raw-html-format.raw-html-format",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.injection.raw-html-format.raw-html-format"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.pycryptodome.security.insecure-hash-algorithm-md4.insecure-hash-algorithm-md4",
+              "name": "python.pycryptodome.security.insecure-hash-algorithm-md4.insecure-hash-algorithm-md4",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insecure-hash-algorithm-md4.insecure-hash-algorithm-md4"
               },
-              "fullDescription": {
-                "text": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability."
+              "full_description": {
+                "text": "Detected MD4 hash algorithm which is considered insecure. MD4 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md4.insecure-hash-algorithm-md4",
               "help": {
-                "markdown": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.dangerous-system-call.dangerous-system-call)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected `os` function with argument tainted by `event` object. This is dangerous if external data can reach this function call because it allows a malicious actor to execute commands. Use the 'subprocess' module instead, which is easier to use without accidentally exposing a command injection vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected MD4 hash algorithm which is considered insecure. MD4 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected MD4 hash algorithm which is considered insecure. MD4 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md4.insecure-hash-algorithm-md4)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.dangerous-system-call.dangerous-system-call",
-              "id": "python.aws-lambda.security.dangerous-system-call.dangerous-system-call",
-              "name": "python.aws-lambda.security.dangerous-system-call.dangerous-system-call",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.dangerous-system-call.dangerous-system-call"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.httpsconnection-detected.httpsconnection-detected",
+              "name": "python.lang.security.audit.httpsconnection-detected.httpsconnection-detected",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.httpsconnection-detected.httpsconnection-detected"
               },
-              "fullDescription": {
-                "text": "Set \"rejectUnauthorized\" to false is a convenient way to resolve certificate error. But this method is unsafe because it disables the server certificate verification, making the Node app open to MITM attack. \"rejectUnauthorized\" option must be alway set to True (default value). With self -signed certificate or custom CA, use \"ca\" option to define Root Certificate. This rule checks TLS configuration only for Postgresql, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious."
+              "full_description": {
+                "text": "The HTTPSConnection API has changed frequently with minor releases of Python. Ensure you are using the API for your version of Python securely. For example, Python 3 versions prior to 3.4.3 will not verify SSL certificates by default. See https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.httpsconnection-detected.httpsconnection-detected",
               "help": {
-                "markdown": "Set \"rejectUnauthorized\" to false is a convenient way to resolve certificate error. But this method is unsafe because it disables the server certificate verification, making the Node app open to MITM attack. \"rejectUnauthorized\" option must be alway set to True (default value). With self -signed certificate or custom CA, use \"ca\" option to define Root Certificate. This rule checks TLS configuration only for Postgresql, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-tls-disabled-cert-validation.sequelize-tls-disabled-cert-validation)\n - [https://node-postgres.com/features/ssl](https://node-postgres.com/features/ssl)\n - [https://nodejs.org/api/tls.html#tls_class_tls_tlssocket](https://nodejs.org/api/tls.html#tls_class_tls_tlssocket)\n - [https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options](https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options)\n",
-                "text": "Set \"rejectUnauthorized\" to false is a convenient way to resolve certificate error. But this method is unsafe because it disables the server certificate verification, making the Node app open to MITM attack. \"rejectUnauthorized\" option must be alway set to True (default value). With self -signed certificate or custom CA, use \"ca\" option to define Root Certificate. This rule checks TLS configuration only for Postgresql, MariaDB and MySQL. SQLite is not really concerned by TLS configuration. This rule could be extended for MSSQL, but the dialectOptions is specific for Tedious.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The HTTPSConnection API has changed frequently with minor releases of Python. Ensure you are using the API for your version of Python securely. For example, Python 3 versions prior to 3.4.3 will not verify SSL certificates by default. See https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The HTTPSConnection API has changed frequently with minor releases of Python. Ensure you are using the API for your version of Python securely. For example, Python 3 versions prior to 3.4.3 will not verify SSL certificates by default. See https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.httpsconnection-detected.httpsconnection-detected)\n - [https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection](https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-tls-disabled-cert-validation.sequelize-tls-disabled-cert-validation",
-              "id": "javascript.sequelize.security.audit.sequelize-tls-disabled-cert-validation.sequelize-tls-disabled-cert-validation",
-              "name": "javascript.sequelize.security.audit.sequelize-tls-disabled-cert-validation.sequelize-tls-disabled-cert-validation",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-295: Improper Certificate Validation",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.sequelize.security.audit.sequelize-tls-disabled-cert-validation.sequelize-tls-disabled-cert-validation"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.xss.template-translate-as-no-escape.template-translate-as-no-escape",
+              "name": "python.django.security.audit.xss.template-translate-as-no-escape.template-translate-as-no-escape",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.template-translate-as-no-escape.template-translate-as-no-escape"
               },
-              "fullDescription": {
-                "text": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability."
+              "full_description": {
+                "text": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.template-translate-as-no-escape.template-translate-as-no-escape",
               "help": {
-                "markdown": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-data-exfiltration.express-data-exfiltration)\n - [https://en.wikipedia.org/wiki/Mass_assignment_vulnerability](https://en.wikipedia.org/wiki/Mass_assignment_vulnerability)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html)\n",
-                "text": "Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.template-translate-as-no-escape.template-translate-as-no-escape)\n - [https://edx.readthedocs.io/projects/edx-developer-guide/en/latest/preventing_xss/preventing_xss_in_django_templates.html#html-escaping-translations-in-django-templates](https://edx.readthedocs.io/projects/edx-developer-guide/en/latest/preventing_xss/preventing_xss_in_django_templates.html#html-escaping-translations-in-django-templates)\n - [https://docs.djangoproject.com/en/3.1/topics/i18n/translation/#internationalization-in-template-code](https://docs.djangoproject.com/en/3.1/topics/i18n/translation/#internationalization-in-template-code)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-data-exfiltration.express-data-exfiltration",
-              "id": "javascript.express.security.express-data-exfiltration.express-data-exfiltration",
-              "name": "javascript.express.security.express-data-exfiltration.express-data-exfiltration",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-data-exfiltration.express-data-exfiltration"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.aws-lambda.security.mysql2-sqli.mysql2-sqli",
+              "name": "ruby.aws-lambda.security.mysql2-sqli.mysql2-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.aws-lambda.security.mysql2-sqli.mysql2-sqli"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])`"
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use sanitize statements like so: `escaped = client.escape(user_input)`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.aws-lambda.security.mysql2-sqli.mysql2-sqli",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.pg-sqli.pg-sqli)\n - [https://www.rubydoc.info/gems/pg/PG/Connection](https://www.rubydoc.info/gems/pg/PG/Connection)\n",
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use sanitize statements like so: `escaped = client.escape(user_input)`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use sanitize statements like so: `escaped = client.escape(user_input)`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.mysql2-sqli.mysql2-sqli)\n - [https://github.com/brianmario/mysql2](https://github.com/brianmario/mysql2)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.aws-lambda.security.pg-sqli.pg-sqli",
-              "id": "ruby.aws-lambda.security.pg-sqli.pg-sqli",
-              "name": "ruby.aws-lambda.security.pg-sqli.pg-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -24647,192 +25825,197 @@
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.aws-lambda.security.pg-sqli.pg-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal",
+              "name": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal"
               },
-              "fullDescription": {
-                "text": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from volumes to prevent this."
+              "full_description": {
+                "text": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability,  where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal",
               "help": {
-                "markdown": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from volumes to prevent this.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.exposing-docker-socket-volume.exposing-docker-socket-volume)\n - [https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference](https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-1-do-not-expose-the-docker-daemon-socket-even-to-the-containers](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-1-do-not-expose-the-docker-daemon-socket-even-to-the-containers)\n",
-                "text": "Exposing host's Docker socket to containers via a volume. The owner of this socket is root. Giving someone access to it is equivalent to giving unrestricted root access to your host. Remove 'docker.sock' from volumes to prevent this.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability,  where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability,  where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.docker-compose.security.exposing-docker-socket-volume.exposing-docker-socket-volume",
-              "id": "yaml.docker-compose.security.exposing-docker-socket-volume.exposing-docker-socket-volume",
-              "name": "yaml.docker-compose.security.exposing-docker-socket-volume.exposing-docker-socket-volume",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-250: Execution with Unnecessary Privileges",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                   "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.docker-compose.security.exposing-docker-socket-volume.exposing-docker-socket-volume"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.deserialization.avoid-jsonpickle.avoid-jsonpickle",
+              "name": "python.lang.security.deserialization.avoid-jsonpickle.avoid-jsonpickle",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.deserialization.avoid-jsonpickle.avoid-jsonpickle"
               },
-              "fullDescription": {
-                "text": "Storage Analytics logs detailed information about successful and failed requests to a storage service. This information can be used to monitor individual requests and to diagnose issues with a storage service. Requests are logged on a best-effort basis."
+              "full_description": {
+                "text": "Avoid using `jsonpickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data using `json` module."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.deserialization.avoid-jsonpickle.avoid-jsonpickle",
               "help": {
-                "markdown": "Storage Analytics logs detailed information about successful and failed requests to a storage service. This information can be used to monitor individual requests and to diagnose issues with a storage service. Requests are logged on a best-effort basis.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.storage.storage-queue-services-logging.storage-queue-services-logging)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#logging](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#logging)\n - [https://docs.microsoft.com/en-us/azure/storage/common/storage-analytics-logging?tabs=dotnet](https://docs.microsoft.com/en-us/azure/storage/common/storage-analytics-logging?tabs=dotnet)\n",
-                "text": "Storage Analytics logs detailed information about successful and failed requests to a storage service. This information can be used to monitor individual requests and to diagnose issues with a storage service. Requests are logged on a best-effort basis.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using `jsonpickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data using `json` module.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using `jsonpickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data using `json` module.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.avoid-jsonpickle.avoid-jsonpickle)\n - [https://github.com/jsonpickle/jsonpickle#jsonpickle](https://github.com/jsonpickle/jsonpickle#jsonpickle)\n - [https://www.exploit-db.com/exploits/49585](https://www.exploit-db.com/exploits/49585)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.storage.storage-queue-services-logging.storage-queue-services-logging",
-              "id": "terraform.azure.security.storage.storage-queue-services-logging.storage-queue-services-logging",
-              "name": "terraform.azure.security.storage.storage-queue-services-logging.storage-queue-services-logging",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-778: Insufficient Logging",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "LOW CONFIDENCE",
-                  "OWASP-A09:2021 - Security Logging and Monitoring Failures",
-                  "OWASP-A10:2017 - Insufficient Logging & Monitoring",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.storage.storage-queue-services-logging.storage-queue-services-logging"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.reflect-makefunc.reflect-makefunc",
+              "name": "go.lang.security.audit.reflect-makefunc.reflect-makefunc",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.reflect-makefunc.reflect-makefunc"
               },
-              "fullDescription": {
-                "text": "RSA keys should be at least 2048 bits based on NIST recommendation."
+              "full_description": {
+                "text": "'reflect.MakeFunc' detected. This will sidestep protections that are normally afforded by Go's type system. Audit this call and be sure that user input cannot be used to affect the code generated by MakeFunc; otherwise, you will have a serious security vulnerability."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.reflect-makefunc.reflect-makefunc",
               "help": {
-                "markdown": "RSA keys should be at least 2048 bits based on NIST recommendation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.weak-rsa.use-of-weak-rsa-key)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms)\n",
-                "text": "RSA keys should be at least 2048 bits based on NIST recommendation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'reflect.MakeFunc' detected. This will sidestep protections that are normally afforded by Go's type system. Audit this call and be sure that user input cannot be used to affect the code generated by MakeFunc; otherwise, you will have a serious security vulnerability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'reflect.MakeFunc' detected. This will sidestep protections that are normally afforded by Go's type system. Audit this call and be sure that user input cannot be used to affect the code generated by MakeFunc; otherwise, you will have a serious security vulnerability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.reflect-makefunc.reflect-makefunc)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.weak-rsa.use-of-weak-rsa-key",
-              "id": "java.lang.security.audit.crypto.weak-rsa.use-of-weak-rsa-key",
-              "name": "java.lang.security.audit.crypto.weak-rsa.use-of-weak-rsa-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-913: Improper Control of Dynamically-Managed Code Resources",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.weak-rsa.use-of-weak-rsa-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.locals-as-template-context.locals-as-template-context",
+              "name": "python.django.security.locals-as-template-context.locals-as-template-context",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.locals-as-template-context.locals-as-template-context"
               },
-              "fullDescription": {
-                "text": "Detected an insecure CipherSuite via the 'tls' module. This suite is considered weak. Use the function 'tls.CipherSuites()' to get a list of good cipher suites. See https://golang.org/pkg/crypto/tls/#InsecureCipherSuites for why and what other cipher suites to use."
+              "full_description": {
+                "text": "Using 'locals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'locals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.locals-as-template-context.locals-as-template-context",
               "help": {
-                "markdown": "Detected an insecure CipherSuite via the 'tls' module. This suite is considered weak. Use the function 'tls.CipherSuites()' to get a list of good cipher suites. See https://golang.org/pkg/crypto/tls/#InsecureCipherSuites for why and what other cipher suites to use.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.tls.tls-with-insecure-cipher)\n - [https://golang.org/pkg/crypto/tls/#InsecureCipherSuites](https://golang.org/pkg/crypto/tls/#InsecureCipherSuites)\n",
-                "text": "Detected an insecure CipherSuite via the 'tls' module. This suite is considered weak. Use the function 'tls.CipherSuites()' to get a list of good cipher suites. See https://golang.org/pkg/crypto/tls/#InsecureCipherSuites for why and what other cipher suites to use.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using 'locals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'locals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using 'locals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'locals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.locals-as-template-context.locals-as-template-context)\n - [https://docs.djangoproject.com/en/3.2/ref/settings/#templates](https://docs.djangoproject.com/en/3.2/ref/settings/#templates)\n - [https://docs.djangoproject.com/en/3.2/topics/templates/#django.template.backends.django.DjangoTemplates](https://docs.djangoproject.com/en/3.2/topics/templates/#django.template.backends.django.DjangoTemplates)\n - [https://docs.djangoproject.com/en/3.2/ref/templates/api/#rendering-a-context](https://docs.djangoproject.com/en/3.2/ref/templates/api/#rendering-a-context)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.tls.tls-with-insecure-cipher",
-              "id": "go.lang.security.audit.crypto.tls.tls-with-insecure-cipher",
-              "name": "go.lang.security.audit.crypto.tls.tls-with-insecure-cipher",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.tls.tls-with-insecure-cipher"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-jwt-token.detected-jwt-token",
+              "name": "generic.secrets.security.detected-jwt-token.detected-jwt-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-jwt-token.detected-jwt-token"
               },
-              "fullDescription": {
-                "text": "Triple DES (3DES or DESede) is considered deprecated. AES is the recommended cipher. Upgrade to use AES."
+              "full_description": {
+                "text": "JWT token detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-jwt-token.detected-jwt-token",
               "help": {
-                "markdown": "Triple DES (3DES or DESede) is considered deprecated. AES is the recommended cipher. Upgrade to use AES.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.desede-is-deprecated.desede-is-deprecated)\n - [https://csrc.nist.gov/News/2017/Update-to-Current-Use-and-Deprecation-of-TDEA](https://csrc.nist.gov/News/2017/Update-to-Current-Use-and-Deprecation-of-TDEA)\n",
-                "text": "Triple DES (3DES or DESede) is considered deprecated. AES is the recommended cipher. Upgrade to use AES.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "JWT token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "JWT token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-jwt-token.detected-jwt-token)\n - [https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/](https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.desede-is-deprecated.desede-is-deprecated",
-              "id": "java.lang.security.audit.crypto.desede-is-deprecated.desede-is-deprecated",
-              "name": "java.lang.security.audit.crypto.desede-is-deprecated.desede-is-deprecated",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "HIGH CONFIDENCE",
+                  "CWE-321: Use of Hard-coded Cryptographic Key",
+                  "LOW CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.desede-is-deprecated.desede-is-deprecated"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.spring.security.injection.tainted-sql-string.tainted-sql-string",
+              "name": "java.spring.security.injection.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.injection.tainted-sql-string.tainted-sql-string"
               },
-              "fullDescription": {
-                "text": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct."
+              "full_description": {
+                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.injection.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.cookie-missing-secure.cookie-missing-secure)\n - [https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/util/cookie.go](https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/util/cookie.go)\n - [https://golang.org/src/net/http/cookie.go](https://golang.org/src/net/http/cookie.go)\n",
-                "text": "A session cookie was detected without setting the 'Secure' flag. The 'secure' flag for cookies prevents the client from transmitting the cookie over insecure channels such as HTTP. Set the 'Secure' flag by setting 'Secure' to 'true' in the Options struct.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://docs.oracle.com/javase/7/docs/api/java/sql/PreparedStatement.html](https://docs.oracle.com/javase/7/docs/api/java/sql/PreparedStatement.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.cookie-missing-secure.cookie-missing-secure",
-              "id": "go.lang.security.audit.net.cookie-missing-secure.cookie-missing-secure",
-              "name": "go.lang.security.audit.net.cookie-missing-secure.cookie-missing-secure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.cookie-missing-secure.cookie-missing-secure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.bypass-tls-verification.bypass-tls-verification",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.bypass-tls-verification.bypass-tls-verification",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.bypass-tls-verification.bypass-tls-verification"
               },
-              "fullDescription": {
-                "text": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs."
+              "full_description": {
+                "text": "Checks for redefinitions of the checkServerTrusted function in the X509TrustManager class that disables TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.bypass-tls-verification.bypass-tls-verification",
               "help": {
-                "markdown": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-http-request.net-http-request)\n - [https://ruby-doc.org/stdlib-2.6.5/libdoc/net/http/rdoc/Net/](https://ruby-doc.org/stdlib-2.6.5/libdoc/net/http/rdoc/Net/)\n",
-                "text": "Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for redefinitions of the checkServerTrusted function in the X509TrustManager class that disables TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for redefinitions of the checkServerTrusted function in the X509TrustManager class that disables TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.bypass-tls-verification.bypass-tls-verification)\n - [https://riptutorial.com/java/example/16517/temporarily-disable-ssl-verification--for-testing-purposes-](https://riptutorial.com/java/example/16517/temporarily-disable-ssl-verification--for-testing-purposes-)\n - [https://stackoverflow.com/questions/35530558/how-to-fix-unsafe-implementation-of-x509trustmanager-in-android-app?rq=1](https://stackoverflow.com/questions/35530558/how-to-fix-unsafe-implementation-of-x509trustmanager-in-android-app?rq=1)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-http-request.net-http-request",
-              "id": "problem-based-packs.insecure-transport.ruby-stdlib.net-http-request.net-http-request",
-              "name": "problem-based-packs.insecure-transport.ruby-stdlib.net-http-request.net-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -24841,245 +26024,255 @@
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.ruby-stdlib.net-http-request.net-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.aws-lambda.security.tainted-eval.tainted-eval",
+              "name": "javascript.aws-lambda.security.tainted-eval.tainted-eval",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.aws-lambda.security.tainted-eval.tainted-eval"
               },
-              "fullDescription": {
-                "text": "String-formatted SQL query detected. This could lead to SQL injection if the string is not sanitized properly. Audit this call to ensure the SQL is not manipulable by external data."
+              "full_description": {
+                "text": "The `eval()` function evaluates JavaScript code represented as a string. Executing JavaScript from a string is an enormous security risk. It is far too easy for a bad actor to run arbitrary code when you use `eval()`. Ensure evaluated content is not definable by external sources."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.aws-lambda.security.tainted-eval.tainted-eval",
               "help": {
-                "markdown": "String-formatted SQL query detected. This could lead to SQL injection if the string is not sanitized properly. Audit this call to ensure the SQL is not manipulable by external data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.database.string-formatted-query.string-formatted-query)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "String-formatted SQL query detected. This could lead to SQL injection if the string is not sanitized properly. Audit this call to ensure the SQL is not manipulable by external data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The `eval()` function evaluates JavaScript code represented as a string. Executing JavaScript from a string is an enormous security risk. It is far too easy for a bad actor to run arbitrary code when you use `eval()`. Ensure evaluated content is not definable by external sources.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The `eval()` function evaluates JavaScript code represented as a string. Executing JavaScript from a string is an enormous security risk. It is far too easy for a bad actor to run arbitrary code when you use `eval()`. Ensure evaluated content is not definable by external sources.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.tainted-eval.tainted-eval)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.database.string-formatted-query.string-formatted-query",
-              "id": "go.lang.security.audit.database.string-formatted-query.string-formatted-query",
-              "name": "go.lang.security.audit.database.string-formatted-query.string-formatted-query",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.database.string-formatted-query.string-formatted-query"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-ebs-volume-unencrypted.aws-ebs-volume-unencrypted",
+              "name": "terraform.aws.security.aws-ebs-volume-unencrypted.aws-ebs-volume-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-ebs-volume-unencrypted.aws-ebs-volume-unencrypted"
               },
-              "fullDescription": {
-                "text": "Because portions of the logging configuration are passed through eval(), use of this function may open its users to a security risk. While the function only binds to a socket on localhost, and so does not accept connections from remote machines, there are scenarios where untrusted code could be run under the account of the process which calls listen(). To avoid this happening, use the `verify()` argument to `listen()` to prevent unrecognized configurations."
+              "full_description": {
+                "text": "The AWS EBS volume is unencrypted. The volume, the disk I/O and any derived snapshots could be read if compromised. Volumes should be encrypted to ensure sensitive data is stored securely."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-ebs-volume-unencrypted.aws-ebs-volume-unencrypted",
               "help": {
-                "markdown": "Because portions of the logging configuration are passed through eval(), use of this function may open its users to a security risk. While the function only binds to a socket on localhost, and so does not accept connections from remote machines, there are scenarios where untrusted code could be run under the account of the process which calls listen(). To avoid this happening, use the `verify()` argument to `listen()` to prevent unrecognized configurations.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.logging.listeneval.listen-eval)\n - [https://docs.python.org/3/library/logging.config.html?highlight=security#logging.config.listen](https://docs.python.org/3/library/logging.config.html?highlight=security#logging.config.listen)\n",
-                "text": "Because portions of the logging configuration are passed through eval(), use of this function may open its users to a security risk. While the function only binds to a socket on localhost, and so does not accept connections from remote machines, there are scenarios where untrusted code could be run under the account of the process which calls listen(). To avoid this happening, use the `verify()` argument to `listen()` to prevent unrecognized configurations.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS EBS volume is unencrypted. The volume, the disk I/O and any derived snapshots could be read if compromised. Volumes should be encrypted to ensure sensitive data is stored securely.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS EBS volume is unencrypted. The volume, the disk I/O and any derived snapshots could be read if compromised. Volumes should be encrypted to ensure sensitive data is stored securely.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ebs-volume-unencrypted.aws-ebs-volume-unencrypted)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume#encrypted](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume#encrypted)\n - [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.logging.listeneval.listen-eval",
-              "id": "python.lang.security.audit.logging.listeneval.listen-eval",
-              "name": "python.lang.security.audit.logging.listeneval.listen-eval",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-311: Missing Encryption of Sensitive Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.logging.listeneval.listen-eval"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.django.security.injection.ssrf.ssrf-injection-urllib.ssrf-injection-urllib",
+              "name": "python.django.security.injection.ssrf.ssrf-injection-urllib.ssrf-injection-urllib",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.ssrf.ssrf-injection-urllib.ssrf-injection-urllib"
               },
-              "fullDescription": {
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              "full_description": {
+                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF), which could result in attackers gaining access to private organization data. To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.ssrf.ssrf-injection-urllib.ssrf-injection-urllib",
               "help": {
-                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.formatted-sql-string.formatted-sql-string)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n - [https://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html#create_ps](https://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html#create_ps)\n - [https://software-security.sans.org/developer-how-to/fix-sql-injection-in-java-using-prepared-callable-statement](https://software-security.sans.org/developer-how-to/fix-sql-injection-in-java-using-prepared-callable-statement)\n",
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF), which could result in attackers gaining access to private organization data. To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF), which could result in attackers gaining access to private organization data. To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.ssrf.ssrf-injection-urllib.ssrf-injection-urllib)\n - [https://owasp.org/www-community/attacks/Server_Side_Request_Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.formatted-sql-string.formatted-sql-string",
-              "id": "java.lang.security.audit.formatted-sql-string.formatted-sql-string",
-              "name": "java.lang.security.audit.formatted-sql-string.formatted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.formatted-sql-string.formatted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.github-actions.security.curl-eval.curl-eval",
+              "name": "yaml.github-actions.security.curl-eval.curl-eval",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.github-actions.security.curl-eval.curl-eval"
               },
-              "fullDescription": {
-                "text": "The LosFormatter type is dangerous and is not recommended for data processing. Applications should stop using LosFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. LosFormatter is insecure and can't be made secure"
+              "full_description": {
+                "text": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.github-actions.security.curl-eval.curl-eval",
               "help": {
-                "markdown": "The LosFormatter type is dangerous and is not recommended for data processing. Applications should stop using LosFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. LosFormatter is insecure and can't be made secure\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.los-formatter.insecure-losformatter-deserialization)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.web.ui.losformatter?view=netframework-4.8](https://docs.microsoft.com/en-us/dotnet/api/system.web.ui.losformatter?view=netframework-4.8)\n",
-                "text": "The LosFormatter type is dangerous and is not recommended for data processing. Applications should stop using LosFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. LosFormatter is insecure and can't be made secure\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.curl-eval.curl-eval)\n - [https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections](https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.los-formatter.insecure-losformatter-deserialization",
-              "id": "csharp.lang.security.insecure-deserialization.los-formatter.insecure-losformatter-deserialization",
-              "name": "csharp.lang.security.insecure-deserialization.los-formatter.insecure-losformatter-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.los-formatter.insecure-losformatter-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.azure.security.keyvault.keyvault-specify-network-acl.keyvault-specify-network-acl",
+              "name": "terraform.azure.security.keyvault.keyvault-specify-network-acl.keyvault-specify-network-acl",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.keyvault.keyvault-specify-network-acl.keyvault-specify-network-acl"
               },
-              "fullDescription": {
-                "text": "The AWS Backup vault is unencrypted. The AWS KMS encryption key protects backups in the Backup vault. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account."
+              "full_description": {
+                "text": "Network ACLs allow you to reduce your exposure to risk by limiting what can access your key vault. The default action of the Network ACL should be set to deny for when IPs are not matched. Azure services can be allowed to bypass."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-specify-network-acl.keyvault-specify-network-acl",
               "help": {
-                "markdown": "The AWS Backup vault is unencrypted. The AWS KMS encryption key protects backups in the Backup vault. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-backup-vault-unencrypted.aws-backup-vault-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS Backup vault is unencrypted. The AWS KMS encryption key protects backups in the Backup vault. To create your own, create a aws_kms_key resource or use the ARN string of a key in your account.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Network ACLs allow you to reduce your exposure to risk by limiting what can access your key vault. The default action of the Network ACL should be set to deny for when IPs are not matched. Azure services can be allowed to bypass.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Network ACLs allow you to reduce your exposure to risk by limiting what can access your key vault. The default action of the Network ACL should be set to deny for when IPs are not matched. Azure services can be allowed to bypass.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-specify-network-acl.keyvault-specify-network-acl)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault#network_acls](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault#network_acls)\n - [https://docs.microsoft.com/en-us/azure/key-vault/general/network-security](https://docs.microsoft.com/en-us/azure/key-vault/general/network-security)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-backup-vault-unencrypted.aws-backup-vault-unencrypted",
-              "id": "terraform.aws.security.aws-backup-vault-unencrypted.aws-backup-vault-unencrypted",
-              "name": "terraform.aws.security.aws-backup-vault-unencrypted.aws-backup-vault-unencrypted",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "CWE-284: Improper Access Control",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-backup-vault-unencrypted.aws-backup-vault-unencrypted"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-aws-secret-access-key.detected-aws-secret-access-key",
+              "name": "generic.secrets.security.detected-aws-secret-access-key.detected-aws-secret-access-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-aws-secret-access-key.detected-aws-secret-access-key"
               },
-              "fullDescription": {
-                "text": "Database instance has no logging. Missing logs can cause missing important event information."
+              "full_description": {
+                "text": "AWS Secret Access Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-aws-secret-access-key.detected-aws-secret-access-key",
               "help": {
-                "markdown": "Database instance has no logging. Missing logs can cause missing important event information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-db-instance-no-logging.aws-db-instance-no-logging)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Database instance has no logging. Missing logs can cause missing important event information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "AWS Secret Access Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "AWS Secret Access Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-aws-secret-access-key.detected-aws-secret-access-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-db-instance-no-logging.aws-db-instance-no-logging",
-              "id": "terraform.aws.security.aws-db-instance-no-logging.aws-db-instance-no-logging",
-              "name": "terraform.aws.security.aws-db-instance-no-logging.aws-db-instance-no-logging",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-798: Use of Hard-coded Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-db-instance-no-logging.aws-db-instance-no-logging"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter",
+              "name": "go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter"
               },
-              "fullDescription": {
-                "text": "Detected DynamoDB query params that are tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client."
+              "full_description": {
+                "text": "Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter",
               "help": {
-                "markdown": "Detected DynamoDB query params that are tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.dynamodb-request-object.dynamodb-request-object)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected DynamoDB query params that are tainted by `$EVENT` object. This could lead to NoSQL injection if the variable is user-controlled and not properly sanitized. Explicitly assign query params instead of passing data from `$EVENT` directly to DynamoDB client.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.dynamodb-request-object.dynamodb-request-object",
-              "id": "javascript.aws-lambda.security.dynamodb-request-object.dynamodb-request-object",
-              "name": "javascript.aws-lambda.security.dynamodb-request-object.dynamodb-request-object",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-943: Improper Neutralization of Special Elements in Data Query Logic",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.dynamodb-request-object.dynamodb-request-object"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.aws.security.aws-dynamodb-table-unencrypted.aws-dynamodb-table-unencrypted",
+              "name": "terraform.aws.security.aws-dynamodb-table-unencrypted.aws-dynamodb-table-unencrypted",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-dynamodb-table-unencrypted.aws-dynamodb-table-unencrypted"
               },
-              "fullDescription": {
-                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host, or ensure that the user data can only affect the path or parameters."
+              "full_description": {
+                "text": "By default, AWS DynamoDB Table is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your data in the DynamoDB table. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-dynamodb-table-unencrypted.aws-dynamodb-table-unencrypted",
               "help": {
-                "markdown": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host, or ensure that the user data can only affect the path or parameters.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.injection.tainted-url-host.tainted-url-host)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n",
-                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host, or ensure that the user data can only affect the path or parameters.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "By default, AWS DynamoDB Table is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your data in the DynamoDB table. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "By default, AWS DynamoDB Table is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your data in the DynamoDB table. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-dynamodb-table-unencrypted.aws-dynamodb-table-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.injection.tainted-url-host.tainted-url-host",
-              "id": "java.spring.security.injection.tainted-url-host.tainted-url-host",
-              "name": "java.spring.security.injection.tainted-url-host.tainted-url-host",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-326: Inadequate Encryption Strength",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.injection.tainted-url-host.tainted-url-host"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.laravel.security.laravel-unsafe-validator.laravel-unsafe-validator",
+              "name": "php.laravel.security.laravel-unsafe-validator.laravel-unsafe-validator",
+              "short_description": {
+                "text": "Semgrep Finding: php.laravel.security.laravel-unsafe-validator.laravel-unsafe-validator"
               },
-              "fullDescription": {
-                "text": "HTTP method [$METHOD] to Laravel route $ROUTE_NAME is vulnerable to SQL injection via string concatenation or unsafe interpolation."
+              "full_description": {
+                "text": "Found a request argument passed to an `ignore()` definition in a Rule constraint. This can lead to SQL injection."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.laravel.security.laravel-unsafe-validator.laravel-unsafe-validator",
               "help": {
-                "markdown": "HTTP method [$METHOD] to Laravel route $ROUTE_NAME is vulnerable to SQL injection via string concatenation or unsafe interpolation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.laravel.security.laravel-api-route-sql-injection.laravel-api-route-sql-injection)\n - [https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Laravel_Cheat_Sheet.md](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Laravel_Cheat_Sheet.md)\n",
-                "text": "HTTP method [$METHOD] to Laravel route $ROUTE_NAME is vulnerable to SQL injection via string concatenation or unsafe interpolation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found a request argument passed to an `ignore()` definition in a Rule constraint. This can lead to SQL injection.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a request argument passed to an `ignore()` definition in a Rule constraint. This can lead to SQL injection.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.laravel.security.laravel-unsafe-validator.laravel-unsafe-validator)\n - [https://laravel.com/docs/9.x/validation#rule-unique](https://laravel.com/docs/9.x/validation#rule-unique)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.laravel.security.laravel-api-route-sql-injection.laravel-api-route-sql-injection",
-              "id": "php.laravel.security.laravel-api-route-sql-injection.laravel-api-route-sql-injection",
-              "name": "php.laravel.security.laravel-api-route-sql-injection.laravel-api-route-sql-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -25089,217 +26282,245 @@
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.laravel.security.laravel-api-route-sql-injection.laravel-api-route-sql-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.jboss.security.seam-log-injection.seam-log-injection",
+              "name": "java.jboss.security.seam-log-injection.seam-log-injection",
+              "short_description": {
+                "text": "Semgrep Finding: java.jboss.security.seam-log-injection.seam-log-injection"
               },
-              "fullDescription": {
-                "text": "Service is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecureSkipTLSVerify: true' key to secure communication."
+              "full_description": {
+                "text": "Seam Logging API support an expression language to introduce bean property to log messages. The expression language can also be the source to unwanted code execution. In this context, an expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.jboss.security.seam-log-injection.seam-log-injection",
               "help": {
-                "markdown": "Service is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecureSkipTLSVerify: true' key to secure communication.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.skip-tls-verify-service.skip-tls-verify-service)\n - [https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#apiservice-v1-apiregistration-k8s-io](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#apiservice-v1-apiregistration-k8s-io)\n",
-                "text": "Service is disabling TLS certificate verification when communicating with the server. This makes your HTTPS connections insecure. Remove the 'insecureSkipTLSVerify: true' key to secure communication.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Seam Logging API support an expression language to introduce bean property to log messages. The expression language can also be the source to unwanted code execution. In this context, an expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Seam Logging API support an expression language to introduce bean property to log messages. The expression language can also be the source to unwanted code execution. In this context, an expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.jboss.security.seam-log-injection.seam-log-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.skip-tls-verify-service.skip-tls-verify-service",
-              "id": "yaml.kubernetes.security.skip-tls-verify-service.skip-tls-verify-service",
-              "name": "yaml.kubernetes.security.skip-tls-verify-service.skip-tls-verify-service",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
+              }
+            },
+            {
+              "id": "solidity.security.balancer-readonly-reentrancy-getpooltokens.balancer-readonly-reentrancy-getpooltokens",
+              "name": "solidity.security.balancer-readonly-reentrancy-getpooltokens.balancer-readonly-reentrancy-getpooltokens",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.balancer-readonly-reentrancy-getpooltokens.balancer-readonly-reentrancy-getpooltokens"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.skip-tls-verify-service.skip-tls-verify-service"
+              "full_description": {
+                "text": "$VAULT.getPoolTokens() call on a Balancer pool is not protected from the read-only reentrancy."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/solidity.security.balancer-readonly-reentrancy-getpooltokens.balancer-readonly-reentrancy-getpooltokens",
+              "help": {
+                "text": "$VAULT.getPoolTokens() call on a Balancer pool is not protected from the read-only reentrancy.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "$VAULT.getPoolTokens() call on a Balancer pool is not protected from the read-only reentrancy.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.balancer-readonly-reentrancy-getpooltokens.balancer-readonly-reentrancy-getpooltokens)\n - [https://quillaudits.medium.com/decoding-sentiment-protocols-1-million-exploit-quillaudits-f36bee77d376](https://quillaudits.medium.com/decoding-sentiment-protocols-1-million-exploit-quillaudits-f36bee77d376)\n - [https://hackmd.io/@sentimentxyz/SJCySo1z2](https://hackmd.io/@sentimentxyz/SJCySo1z2)\n"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-841: Improper Enforcement of Behavioral Workflow",
+                  "HIGH CONFIDENCE",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.xss.templates.avoid-content-tag.avoid-content-tag",
+              "name": "ruby.rails.security.audit.xss.templates.avoid-content-tag.avoid-content-tag",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.avoid-content-tag.avoid-content-tag"
               },
-              "fullDescription": {
-                "text": "Detected a hardcoded hmac key. Avoid hardcoding secrets and consider using an alternate option such as reading the secret from a config file or using an environment variable."
+              "full_description": {
+                "text": "'content_tag' exhibits unintuitive escaping behavior and may accidentally expose your application to cross-site scripting. If using Rails 2, only attribute values are escaped. If using Rails 3, content and attribute values are escaped. Tag and attribute names are never escaped. Because of this, it is recommended to use 'html_safe' if you must render raw HTML data."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-content-tag.avoid-content-tag",
               "help": {
-                "markdown": "Detected a hardcoded hmac key. Avoid hardcoding secrets and consider using an alternate option such as reading the secret from a config file or using an environment variable.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key)\n - [https://rules.sonarsource.com/javascript/RSPEC-2068](https://rules.sonarsource.com/javascript/RSPEC-2068)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#key-management](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#key-management)\n",
-                "text": "Detected a hardcoded hmac key. Avoid hardcoding secrets and consider using an alternate option such as reading the secret from a config file or using an environment variable.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'content_tag' exhibits unintuitive escaping behavior and may accidentally expose your application to cross-site scripting. If using Rails 2, only attribute values are escaped. If using Rails 3, content and attribute values are escaped. Tag and attribute names are never escaped. Because of this, it is recommended to use 'html_safe' if you must render raw HTML data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'content_tag' exhibits unintuitive escaping behavior and may accidentally expose your application to cross-site scripting. If using Rails 2, only attribute values are escaped. If using Rails 3, content and attribute values are escaped. Tag and attribute names are never escaped. Because of this, it is recommended to use 'html_safe' if you must render raw HTML data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-content-tag.avoid-content-tag)\n - [https://brakemanscanner.org/docs/warning_types/content_tag/](https://brakemanscanner.org/docs/warning_types/content_tag/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key",
-              "id": "javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key",
-              "name": "javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "problem-based-packs.insecure-transport.ruby-stdlib.net-telnet-request.net-telnet-request",
+              "name": "problem-based-packs.insecure-transport.ruby-stdlib.net-telnet-request.net-telnet-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.ruby-stdlib.net-telnet-request.net-telnet-request"
               },
-              "fullDescription": {
-                "text": "Something that looks like a PGP private key block is detected. This is a potential hardcoded secret that could be leaked if this code is committed. Instead, remove this code block from the commit."
+              "full_description": {
+                "text": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-telnet-request.net-telnet-request",
               "help": {
-                "markdown": "Something that looks like a PGP private key block is detected. This is a potential hardcoded secret that could be leaked if this code is committed. Instead, remove this code block from the commit.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Something that looks like a PGP private key block is detected. This is a potential hardcoded secret that could be leaked if this code is committed. Instead, remove this code block from the commit.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-telnet-request.net-telnet-request)\n - [https://docs.ruby-lang.org/en/2.2.0/Net/Telnet.html](https://docs.ruby-lang.org/en/2.2.0/Net/Telnet.html)\n - [https://www.rubydoc.info/gems/net-ssh-telnet2/0.1.0/Net/SSH/Telnet](https://www.rubydoc.info/gems/net-ssh-telnet2/0.1.0/Net/SSH/Telnet)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block",
-              "id": "generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block",
-              "name": "generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.exec-use.exec-use",
+              "name": "php.lang.security.exec-use.exec-use",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.exec-use.exec-use"
               },
-              "fullDescription": {
-                "text": "Detected an AWS Elasticsearch domain using an insecure version of TLS. To fix this, set \"tls_security_policy\" equal to \"Policy-Min-TLS-1-2-2019-07\"."
+              "full_description": {
+                "text": "Executing non-constant commands. This can lead to command injection."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.exec-use.exec-use",
               "help": {
-                "markdown": "Detected an AWS Elasticsearch domain using an insecure version of TLS. To fix this, set \"tls_security_policy\" equal to \"Policy-Min-TLS-1-2-2019-07\".\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-elasticsearch-insecure-tls-version.aws-elasticsearch-insecure-tls-version)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected an AWS Elasticsearch domain using an insecure version of TLS. To fix this, set \"tls_security_policy\" equal to \"Policy-Min-TLS-1-2-2019-07\".\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Executing non-constant commands. This can lead to command injection.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Executing non-constant commands. This can lead to command injection.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.exec-use.exec-use)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/SystemExecFunctionsSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/SystemExecFunctionsSniff.php)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-elasticsearch-insecure-tls-version.aws-elasticsearch-insecure-tls-version",
-              "id": "terraform.aws.security.aws-elasticsearch-insecure-tls-version.aws-elasticsearch-insecure-tls-version",
-              "name": "terraform.aws.security.aws-elasticsearch-insecure-tls-version.aws-elasticsearch-insecure-tls-version",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-elasticsearch-insecure-tls-version.aws-elasticsearch-insecure-tls-version"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-importlib3",
+              "name": "python.lang.compatibility.python37.python37-compatibility-importlib3",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-importlib3"
               },
-              "fullDescription": {
-                "text": "DES is considered deprecated. AES is the recommended cipher. Upgrade to use AES. See https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard for more information."
+              "full_description": {
+                "text": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib3",
               "help": {
-                "markdown": "DES is considered deprecated. AES is the recommended cipher. Upgrade to use AES. See https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.des-is-deprecated.des-is-deprecated)\n - [https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard](https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms)\n",
-                "text": "DES is considered deprecated. AES is the recommended cipher. Upgrade to use AES. See https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib3)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.des-is-deprecated.des-is-deprecated",
-              "id": "java.lang.security.audit.crypto.des-is-deprecated.des-is-deprecated",
-              "name": "java.lang.security.audit.crypto.des-is-deprecated.des-is-deprecated",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.des-is-deprecated.des-is-deprecated"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.playwright.security.audit.playwright-addinitscript-code-injection.playwright-addinitscript-code-injection",
+              "name": "javascript.playwright.security.audit.playwright-addinitscript-code-injection.playwright-addinitscript-code-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-addinitscript-code-injection.playwright-addinitscript-code-injection"
               },
-              "fullDescription": {
-                "text": "When a redirect uses user input, a malicious user can spoof a website under a trusted URL or access restricted parts of a site. When using user-supplied values, sanitize the value before using it for the redirect."
+              "full_description": {
+                "text": "If unverified user data can reach the `addInitScript` method it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-addinitscript-code-injection.playwright-addinitscript-code-injection",
               "help": {
-                "markdown": "When a redirect uses user input, a malicious user can spoof a website under a trusted URL or access restricted parts of a site. When using user-supplied values, sanitize the value before using it for the redirect.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-redirect.avoid-redirect)\n - [https://brakemanscanner.org/docs/warning_types/redirect/](https://brakemanscanner.org/docs/warning_types/redirect/)\n",
-                "text": "When a redirect uses user input, a malicious user can spoof a website under a trusted URL or access restricted parts of a site. When using user-supplied values, sanitize the value before using it for the redirect.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `addInitScript` method it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `addInitScript` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-addinitscript-code-injection.playwright-addinitscript-code-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-redirect.avoid-redirect",
-              "id": "ruby.rails.security.audit.xss.avoid-redirect.avoid-redirect",
-              "name": "ruby.rails.security.audit.xss.avoid-redirect.avoid-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-redirect.avoid-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "kotlin.lang.security.gcm-detection.gcm-detection",
+              "name": "kotlin.lang.security.gcm-detection.gcm-detection",
+              "short_description": {
+                "text": "Semgrep Finding: kotlin.lang.security.gcm-detection.gcm-detection"
               },
-              "fullDescription": {
-                "text": "The last user in the container is 'root'. This is a security hazard because if an attacker gains control of the container they will have root access. Switch back to another user after running commands as 'root'."
+              "full_description": {
+                "text": "GCM detected, please check that IV/nonce is not reused, an Initialization Vector (IV) is a nonce used to randomize the encryption, so that even if multiple messages with identical plaintext are encrypted, the generated corresponding ciphertexts are different.Unlike the Key, the IV usually does not need to be secret, rather it is important that it is random and unique. Certain encryption schemes the IV is exchanged in public as part of the ciphertext. Reusing same Initialization Vector with the same Key to encrypt multiple plaintext blocks allows an attacker to compare the ciphertexts and then, with some assumptions on the content of the messages, to gain important information about the data being encrypted."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/kotlin.lang.security.gcm-detection.gcm-detection",
               "help": {
-                "markdown": "The last user in the container is 'root'. This is a security hazard because if an attacker gains control of the container they will have root access. Switch back to another user after running commands as 'root'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/dockerfile.security.last-user-is-root.last-user-is-root)\n - [https://github.com/hadolint/hadolint/wiki/DL3002](https://github.com/hadolint/hadolint/wiki/DL3002)\n",
-                "text": "The last user in the container is 'root'. This is a security hazard because if an attacker gains control of the container they will have root access. Switch back to another user after running commands as 'root'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "GCM detected, please check that IV/nonce is not reused, an Initialization Vector (IV) is a nonce used to randomize the encryption, so that even if multiple messages with identical plaintext are encrypted, the generated corresponding ciphertexts are different.Unlike the Key, the IV usually does not need to be secret, rather it is important that it is random and unique. Certain encryption schemes the IV is exchanged in public as part of the ciphertext. Reusing same Initialization Vector with the same Key to encrypt multiple plaintext blocks allows an attacker to compare the ciphertexts and then, with some assumptions on the content of the messages, to gain important information about the data being encrypted.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "GCM detected, please check that IV/nonce is not reused, an Initialization Vector (IV) is a nonce used to randomize the encryption, so that even if multiple messages with identical plaintext are encrypted, the generated corresponding ciphertexts are different.Unlike the Key, the IV usually does not need to be secret, rather it is important that it is random and unique. Certain encryption schemes the IV is exchanged in public as part of the ciphertext. Reusing same Initialization Vector with the same Key to encrypt multiple plaintext blocks allows an attacker to compare the ciphertexts and then, with some assumptions on the content of the messages, to gain important information about the data being encrypted.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.gcm-detection.gcm-detection)\n - [https://cwe.mitre.org/data/definitions/323.html](https://cwe.mitre.org/data/definitions/323.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/dockerfile.security.last-user-is-root.last-user-is-root",
-              "id": "dockerfile.security.last-user-is-root.last-user-is-root",
-              "name": "dockerfile.security.last-user-is-root.last-user-is-root",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-269: Improper Privilege Management",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-323: Reusing a Nonce, Key Pair in Encryption",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: dockerfile.security.last-user-is-root.last-user-is-root"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.ruby-stdlib.net-ftp-request.net-ftp-request",
+              "name": "problem-based-packs.insecure-transport.ruby-stdlib.net-ftp-request.net-ftp-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.ruby-stdlib.net-ftp-request.net-ftp-request"
               },
-              "fullDescription": {
-                "text": "Checks for lack of usage of the \"secure: true\" option when sending ftp requests through the nodejs ftp module. This leads to unencrypted traffic being sent to the ftp server. There are other options such as \"implicit\" that still does not encrypt all traffic. ftp is the most utilized npm ftp module."
+              "full_description": {
+                "text": "Checks for outgoing connections to ftp servers with the 'net/ftp' package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-ftp-request.net-ftp-request",
               "help": {
-                "markdown": "Checks for lack of usage of the \"secure: true\" option when sending ftp requests through the nodejs ftp module. This leads to unencrypted traffic being sent to the ftp server. There are other options such as \"implicit\" that still does not encrypt all traffic. ftp is the most utilized npm ftp module.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.ftp-request.ftp-request)\n - [https://www.npmjs.com/package/ftp](https://www.npmjs.com/package/ftp)\n - [https://openbase.io/js/ftp](https://openbase.io/js/ftp)\n",
-                "text": "Checks for lack of usage of the \"secure: true\" option when sending ftp requests through the nodejs ftp module. This leads to unencrypted traffic being sent to the ftp server. There are other options such as \"implicit\" that still does not encrypt all traffic. ftp is the most utilized npm ftp module.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for outgoing connections to ftp servers with the 'net/ftp' package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for outgoing connections to ftp servers with the 'net/ftp' package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-ftp-request.net-ftp-request)\n - [https://docs.ruby-lang.org/en/2.0.0/Net/FTP.html](https://docs.ruby-lang.org/en/2.0.0/Net/FTP.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.ftp-request.ftp-request",
-              "id": "problem-based-packs.insecure-transport.js-node.ftp-request.ftp-request",
-              "name": "problem-based-packs.insecure-transport.js-node.ftp-request.ftp-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -25308,80 +26529,81 @@
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.ftp-request.ftp-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.go.invalid-usage-of-modified-variable.invalid-usage-of-modified-variable",
+              "name": "trailofbits.go.invalid-usage-of-modified-variable.invalid-usage-of-modified-variable",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.invalid-usage-of-modified-variable.invalid-usage-of-modified-variable"
               },
-              "fullDescription": {
-                "text": "Used SnakeYAML org.yaml.snakeyaml.Yaml() constructor with no arguments, which is vulnerable to deserialization attacks. Use the one-argument Yaml(...) constructor instead, with SafeConstructor or a custom Constructor as the argument."
+              "full_description": {
+                "text": "Variable `$X` is likely modified and later used on error. In some cases this could result  in panics due to a nil dereference"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.invalid-usage-of-modified-variable.invalid-usage-of-modified-variable",
               "help": {
-                "markdown": "Used SnakeYAML org.yaml.snakeyaml.Yaml() constructor with no arguments, which is vulnerable to deserialization attacks. Use the one-argument Yaml(...) constructor instead, with SafeConstructor or a custom Constructor as the argument.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.use-snakeyaml-constructor.use-snakeyaml-constructor)\n - [https://securitylab.github.com/research/swagger-yaml-parser-vulnerability/#snakeyaml-deserialization-vulnerability](https://securitylab.github.com/research/swagger-yaml-parser-vulnerability/#snakeyaml-deserialization-vulnerability)\n",
-                "text": "Used SnakeYAML org.yaml.snakeyaml.Yaml() constructor with no arguments, which is vulnerable to deserialization attacks. Use the one-argument Yaml(...) constructor instead, with SafeConstructor or a custom Constructor as the argument.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Variable `$X` is likely modified and later used on error. In some cases this could result  in panics due to a nil dereference\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Variable `$X` is likely modified and later used on error. In some cases this could result  in panics due to a nil dereference\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.invalid-usage-of-modified-variable.invalid-usage-of-modified-variable)\n - [https://blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/](https://blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.use-snakeyaml-constructor.use-snakeyaml-constructor",
-              "id": "java.lang.security.use-snakeyaml-constructor.use-snakeyaml-constructor",
-              "name": "java.lang.security.use-snakeyaml-constructor.use-snakeyaml-constructor",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-665: Improper Initialization",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.use-snakeyaml-constructor.use-snakeyaml-constructor"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.express-res-sendfile.express-res-sendfile",
+              "name": "javascript.express.security.audit.express-res-sendfile.express-res-sendfile",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-res-sendfile.express-res-sendfile"
               },
-              "fullDescription": {
-                "text": "Found a potentially user-controllable argument in the construction of a regular expressions. This may result in excessive resource consumption when applied to certain inputs, or when the user is allowed to control the match target. Avoid allowing users to specify regular expressions processed by the server. If you must support user-controllable input in a regular expression, use an allow-list to restrict the expressions users may supply to limit catastrophic backtracking."
+              "full_description": {
+                "text": "The application processes user-input, this is passed to res.sendFile which can allow an attacker to arbitrarily read files on the system through path traversal. It is recommended to perform input validation in addition to canonicalizing the path. This allows you to validate the path against the intended directory it should be accessing."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-res-sendfile.express-res-sendfile",
               "help": {
-                "markdown": "Found a potentially user-controllable argument in the construction of a regular expressions. This may result in excessive resource consumption when applied to certain inputs, or when the user is allowed to control the match target. Avoid allowing users to specify regular expressions processed by the server. If you must support user-controllable input in a regular expression, use an allow-list to restrict the expressions users may supply to limit catastrophic backtracking.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-regex-dos.check-regex-dos)\n - [https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)\n",
-                "text": "Found a potentially user-controllable argument in the construction of a regular expressions. This may result in excessive resource consumption when applied to certain inputs, or when the user is allowed to control the match target. Avoid allowing users to specify regular expressions processed by the server. If you must support user-controllable input in a regular expression, use an allow-list to restrict the expressions users may supply to limit catastrophic backtracking.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The application processes user-input, this is passed to res.sendFile which can allow an attacker to arbitrarily read files on the system through path traversal. It is recommended to perform input validation in addition to canonicalizing the path. This allows you to validate the path against the intended directory it should be accessing.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The application processes user-input, this is passed to res.sendFile which can allow an attacker to arbitrarily read files on the system through path traversal. It is recommended to perform input validation in addition to canonicalizing the path. This allows you to validate the path against the intended directory it should be accessing.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-res-sendfile.express-res-sendfile)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-regex-dos.check-regex-dos",
-              "id": "ruby.rails.security.brakeman.check-regex-dos.check-regex-dos",
-              "name": "ruby.rails.security.brakeman.check-regex-dos.check-regex-dos",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1333: Inefficient Regular Expression Complexity",
+                  "CWE-73: External Control of File Name or Path",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-regex-dos.check-regex-dos"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "generic.secrets.security.detected-generic-api-key.detected-generic-api-key",
+              "name": "generic.secrets.security.detected-generic-api-key.detected-generic-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-generic-api-key.detected-generic-api-key"
               },
-              "fullDescription": {
-                "text": "bcrypt hash detected"
+              "full_description": {
+                "text": "Generic API Key detected"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-generic-api-key.detected-generic-api-key",
               "help": {
-                "markdown": "bcrypt hash detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-bcrypt-hash.detected-bcrypt-hash)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "bcrypt hash detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Generic API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Generic API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-generic-api-key.detected-generic-api-key)\n - [https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json](https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-bcrypt-hash.detected-bcrypt-hash",
-              "id": "generic.secrets.security.detected-bcrypt-hash.detected-bcrypt-hash",
-              "name": "generic.secrets.security.detected-bcrypt-hash.detected-bcrypt-hash",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -25390,434 +26612,449 @@
                   "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-bcrypt-hash.detected-bcrypt-hash"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.js-node.telnet-request.telnet-request",
+              "name": "problem-based-packs.insecure-transport.js-node.telnet-request.telnet-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.telnet-request.telnet-request"
               },
-              "fullDescription": {
-                "text": "Should not use SHA1 to generate hashes. There is a proven SHA1 hash collision by Google, which could lead to vulnerabilities. Use SHA256, SHA3 or other hashing functions instead."
+              "full_description": {
+                "text": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.telnet-request.telnet-request",
               "help": {
-                "markdown": "Should not use SHA1 to generate hashes. There is a proven SHA1 hash collision by Google, which could lead to vulnerabilities. Use SHA256, SHA3 or other hashing functions instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.weak-hashes-sha1.weak-hashes-sha1)\n - [https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html](https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html)\n - [https://shattered.io/](https://shattered.io/)\n",
-                "text": "Should not use SHA1 to generate hashes. There is a proven SHA1 hash collision by Google, which could lead to vulnerabilities. Use SHA256, SHA3 or other hashing functions instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.telnet-request.telnet-request)\n - [https://www.npmjs.com/package/telnet](https://www.npmjs.com/package/telnet)\n - [https://www.npmjs.com/package/telnet-client](https://www.npmjs.com/package/telnet-client)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.weak-hashes-sha1.weak-hashes-sha1",
-              "id": "ruby.lang.security.weak-hashes-sha1.weak-hashes-sha1",
-              "name": "ruby.lang.security.weak-hashes-sha1.weak-hashes-sha1",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-328: Use of Weak Hash",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.weak-hashes-sha1.weak-hashes-sha1"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "terraform.azure.security.appservice.appservice-require-client-cert.appservice-require-client-cert",
+              "name": "terraform.azure.security.appservice.appservice-require-client-cert.appservice-require-client-cert",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-require-client-cert.appservice-require-client-cert"
               },
-              "fullDescription": {
-                "text": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-general-entities\" to false."
+              "full_description": {
+                "text": "Detected an AppService that was not configured to use a client certificate. Add `client_cert_enabled = true` in your resource block."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-require-client-cert.appservice-require-client-cert",
               "help": {
-                "markdown": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-general-entities\" to false.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-external-general-entities-true.documentbuilderfactory-external-general-entities-true)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n",
-                "text": "External entities are allowed for $DBFACTORY. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://xml.org/sax/features/external-general-entities\" to false.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an AppService that was not configured to use a client certificate. Add `client_cert_enabled = true` in your resource block.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an AppService that was not configured to use a client certificate. Add `client_cert_enabled = true` in your resource block.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-require-client-cert.appservice-require-client-cert)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#client_cert_enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#client_cert_enabled)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-external-general-entities-true.documentbuilderfactory-external-general-entities-true",
-              "id": "java.lang.security.audit.xxe.documentbuilderfactory-external-general-entities-true.documentbuilderfactory-external-general-entities-true",
-              "name": "java.lang.security.audit.xxe.documentbuilderfactory-external-general-entities-true.documentbuilderfactory-external-general-entities-true",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-295: Improper Certificate Validation",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.xxe.documentbuilderfactory-external-general-entities-true.documentbuilderfactory-external-general-entities-true"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.injection.tainted-sql-string.tainted-sql-string",
+              "name": "javascript.express.security.injection.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.injection.tainted-sql-string.tainted-sql-string"
               },
-              "fullDescription": {
-                "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need."
+              "full_description": {
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.injection.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.code.user-eval.user-eval)\n - [https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html](https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html)\n - [https://owasp.org/www-community/attacks/Code_Injection](https://owasp.org/www-community/attacks/Code_Injection)\n",
-                "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.code.user-eval.user-eval",
-              "id": "python.django.security.injection.code.user-eval.user-eval",
-              "name": "python.django.security.injection.code.user-eval.user-eval",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.code.user-eval.user-eval"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.secure-static-file-serve.avoid_send_file_without_path_sanitization",
+              "name": "python.flask.security.secure-static-file-serve.avoid_send_file_without_path_sanitization",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.secure-static-file-serve.avoid_send_file_without_path_sanitization"
               },
-              "fullDescription": {
-                "text": "Ensure S3 object copies are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Detected a user-controlled `filename` that could flow to `flask.send_file()` function. This could lead to an attacker reading arbitrary file from the system, leaking private information. Make sure to properly sanitize filename or use `flask.send_from_directory`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.secure-static-file-serve.avoid_send_file_without_path_sanitization",
               "help": {
-                "markdown": "Ensure S3 object copies are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-s3-object-copy-encrypted-with-cmk.aws-s3-object-copy-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure S3 object copies are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a user-controlled `filename` that could flow to `flask.send_file()` function. This could lead to an attacker reading arbitrary file from the system, leaking private information. Make sure to properly sanitize filename or use `flask.send_from_directory`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a user-controlled `filename` that could flow to `flask.send_file()` function. This could lead to an attacker reading arbitrary file from the system, leaking private information. Make sure to properly sanitize filename or use `flask.send_from_directory`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.secure-static-file-serve.avoid_send_file_without_path_sanitization)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-s3-object-copy-encrypted-with-cmk.aws-s3-object-copy-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-s3-object-copy-encrypted-with-cmk.aws-s3-object-copy-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-s3-object-copy-encrypted-with-cmk.aws-s3-object-copy-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "CWE-73: External Control of File Name or Path",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-s3-object-copy-encrypted-with-cmk.aws-s3-object-copy-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.java-spring.spring-ftp-request.spring-ftp-request",
+              "name": "problem-based-packs.insecure-transport.java-spring.spring-ftp-request.spring-ftp-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-spring.spring-ftp-request.spring-ftp-request"
               },
-              "fullDescription": {
-                "text": "Checks for any usage of http servers instead of https servers. Encourages the usage of https protocol instead of http, which does not have TLS and is therefore unencrypted. Using http can lead to man-in-the-middle attacks in which the attacker is able to read sensitive information."
+              "full_description": {
+                "text": "Checks for outgoing connections to ftp servers via Spring plugin ftpSessionFactory. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.spring-ftp-request.spring-ftp-request",
               "help": {
-                "markdown": "Checks for any usage of http servers instead of https servers. Encourages the usage of https protocol instead of http, which does not have TLS and is therefore unencrypted. Using http can lead to man-in-the-middle attacks in which the attacker is able to read sensitive information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.using-http-server.using-http-server)\n - [https://nodejs.org/api/http.html#http_class_http_agent](https://nodejs.org/api/http.html#http_class_http_agent)\n - [https://groups.google.com/g/rubyonrails-security/c/NCCsca7TEtY](https://groups.google.com/g/rubyonrails-security/c/NCCsca7TEtY)\n",
-                "text": "Checks for any usage of http servers instead of https servers. Encourages the usage of https protocol instead of http, which does not have TLS and is therefore unencrypted. Using http can lead to man-in-the-middle attacks in which the attacker is able to read sensitive information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for outgoing connections to ftp servers via Spring plugin ftpSessionFactory. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for outgoing connections to ftp servers via Spring plugin ftpSessionFactory. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.spring-ftp-request.spring-ftp-request)\n - [https://docs.spring.io/spring-integration/api/org/springframework/integration/ftp/session/AbstractFtpSessionFactory.html#setClientMode-int-](https://docs.spring.io/spring-integration/api/org/springframework/integration/ftp/session/AbstractFtpSessionFactory.html#setClientMode-int-)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.using-http-server.using-http-server",
-              "id": "problem-based-packs.insecure-transport.js-node.using-http-server.using-http-server",
-              "name": "problem-based-packs.insecure-transport.js-node.using-http-server.using-http-server",
               "properties": {
                 "precision": "very-high",
                 "tags": [
                   "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.using-http-server.using-http-server"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.rmi.security.server-dangerous-object-deserialization.server-dangerous-object-deserialization",
+              "name": "java.rmi.security.server-dangerous-object-deserialization.server-dangerous-object-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: java.rmi.security.server-dangerous-object-deserialization.server-dangerous-object-deserialization"
               },
-              "fullDescription": {
-                "text": "Detected a potentially dynamic ClientTrace. This occurred because semgrep could not find a static definition for '$TRACE'. Dynamic ClientTraces are dangerous because they deserialize function code to run when certain Request events occur, which could lead to code being run without your knowledge. Ensure that your ClientTrace is statically defined."
+              "full_description": {
+                "text": "Using an arbitrary object ('$PARAMTYPE $PARAM') with Java RMI is an insecure deserialization vulnerability. This object can be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.rmi.security.server-dangerous-object-deserialization.server-dangerous-object-deserialization",
               "help": {
-                "markdown": "Detected a potentially dynamic ClientTrace. This occurred because semgrep could not find a static definition for '$TRACE'. Dynamic ClientTraces are dangerous because they deserialize function code to run when certain Request events occur, which could lead to code being run without your knowledge. Ensure that your ClientTrace is statically defined.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.dynamic-httptrace-clienttrace.dynamic-httptrace-clienttrace)\n - [https://github.com/returntocorp/semgrep-rules/issues/518](https://github.com/returntocorp/semgrep-rules/issues/518)\n",
-                "text": "Detected a potentially dynamic ClientTrace. This occurred because semgrep could not find a static definition for '$TRACE'. Dynamic ClientTraces are dangerous because they deserialize function code to run when certain Request events occur, which could lead to code being run without your knowledge. Ensure that your ClientTrace is statically defined.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using an arbitrary object ('$PARAMTYPE $PARAM') with Java RMI is an insecure deserialization vulnerability. This object can be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using an arbitrary object ('$PARAMTYPE $PARAM') with Java RMI is an insecure deserialization vulnerability. This object can be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.rmi.security.server-dangerous-object-deserialization.server-dangerous-object-deserialization)\n - [https://frohoff.github.io/appseccali-marshalling-pickles/](https://frohoff.github.io/appseccali-marshalling-pickles/)\n - [https://book.hacktricks.xyz/network-services-pentesting/1099-pentesting-java-rmi](https://book.hacktricks.xyz/network-services-pentesting/1099-pentesting-java-rmi)\n - [https://youtu.be/t_aw1mDNhzI](https://youtu.be/t_aw1mDNhzI)\n - [https://github.com/qtc-de/remote-method-guesser](https://github.com/qtc-de/remote-method-guesser)\n - [https://github.com/openjdk/jdk/blob/master/src/java.rmi/share/classes/sun/rmi/server/UnicastRef.java#L303C4-L331](https://github.com/openjdk/jdk/blob/master/src/java.rmi/share/classes/sun/rmi/server/UnicastRef.java#L303C4-L331)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.dynamic-httptrace-clienttrace.dynamic-httptrace-clienttrace",
-              "id": "go.lang.security.audit.net.dynamic-httptrace-clienttrace.dynamic-httptrace-clienttrace",
-              "name": "go.lang.security.audit.net.dynamic-httptrace-clienttrace.dynamic-httptrace-clienttrace",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-913: Improper Control of Dynamically-Managed Code Resources",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.dynamic-httptrace-clienttrace.dynamic-httptrace-clienttrace"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.compatibility.python36.python36-compatibility-Popen2",
+              "name": "python.lang.compatibility.python36.python36-compatibility-Popen2",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python36.python36-compatibility-Popen2"
               },
-              "fullDescription": {
-                "text": "FTP allows for unencrypted file transfers. Consider using an encrypted alternative."
+              "full_description": {
+                "text": "the `encoding` argument to Popen is only available on Python 3.6+"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-Popen2",
               "help": {
-                "markdown": "FTP allows for unencrypted file transfers. Consider using an encrypted alternative.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.ftp-use.ftp-use)\n - [https://www.php.net/manual/en/intro.ftp.php](https://www.php.net/manual/en/intro.ftp.php)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/FringeFunctionsSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/FringeFunctionsSniff.php)\n",
-                "text": "FTP allows for unencrypted file transfers. Consider using an encrypted alternative.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "the `encoding` argument to Popen is only available on Python 3.6+\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "the `encoding` argument to Popen is only available on Python 3.6+\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-Popen2)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.ftp-use.ftp-use",
-              "id": "php.lang.security.ftp-use.ftp-use",
-              "name": "php.lang.security.ftp-use.ftp-use",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.ftp-use.ftp-use"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection",
+              "name": "javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection"
               },
-              "fullDescription": {
-                "text": "Application redirects a user to a destination URL specified by a user supplied parameter that is not validated."
+              "full_description": {
+                "text": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection",
               "help": {
-                "markdown": "Application redirects a user to a destination URL specified by a user supplied parameter that is not validated.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Application redirects a user to a destination URL specified by a user supplied parameter that is not validated.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection)\n - [https://sequelize.org/docs/v6/core-concepts/raw-queries/#replacements](https://sequelize.org/docs/v6/core-concepts/raw-queries/#replacements)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect",
-              "id": "java.spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect",
-              "name": "java.spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.xss.template-autoescape-off.template-autoescape-off",
+              "name": "python.django.security.audit.xss.template-autoescape-off.template-autoescape-off",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.template-autoescape-off.template-autoescape-off"
               },
-              "fullDescription": {
-                "text": "Detected MD2 hash algorithm which is considered insecure. MD2 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              "full_description": {
+                "text": "Detected a template block where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Turn autoescaping on to prevent cross-site scripting (XSS). If you must do this, consider instead, using `mark_safe` in Python code."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.template-autoescape-off.template-autoescape-off",
               "help": {
-                "markdown": "Detected MD2 hash algorithm which is considered insecure. MD2 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md2.insecure-hash-algorithm-md2)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n",
-                "text": "Detected MD2 hash algorithm which is considered insecure. MD2 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a template block where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Turn autoescaping on to prevent cross-site scripting (XSS). If you must do this, consider instead, using `mark_safe` in Python code.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a template block where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Turn autoescaping on to prevent cross-site scripting (XSS). If you must do this, consider instead, using `mark_safe` in Python code.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.template-autoescape-off.template-autoescape-off)\n - [https://docs.djangoproject.com/en/3.1/ref/templates/builtins/#autoescape](https://docs.djangoproject.com/en/3.1/ref/templates/builtins/#autoescape)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md2.insecure-hash-algorithm-md2",
-              "id": "python.pycryptodome.security.insecure-hash-algorithm-md2.insecure-hash-algorithm-md2",
-              "name": "python.pycryptodome.security.insecure-hash-algorithm-md2.insecure-hash-algorithm-md2",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insecure-hash-algorithm-md2.insecure-hash-algorithm-md2"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions1.disallow-old-tls-versions1",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions1.disallow-old-tls-versions1",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions1.disallow-old-tls-versions1"
               },
-              "fullDescription": {
-                "text": "A specially crafted calldata may be used to impersonate other accounts"
+              "full_description": {
+                "text": "Detects direct creations of SSLConnectionSocketFactories that don't disallow SSL v2, SSL v3, and TLS v1. SSLSocketFactory can be used to validate the identity of the HTTPS server against a list of trusted certificates. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions1.disallow-old-tls-versions1",
               "help": {
-                "markdown": "A specially crafted calldata may be used to impersonate other accounts\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.superfluid-ctx-injection.superfluid-ctx-injection)\n - [https://rekt.news/superfluid-rekt/](https://rekt.news/superfluid-rekt/)\n - [https://medium.com/superfluid-blog/08-02-22-exploit-post-mortem-15ff9c97cdd](https://medium.com/superfluid-blog/08-02-22-exploit-post-mortem-15ff9c97cdd)\n - [https://polygonscan.com/address/0x07711bb6dfbc99a1df1f2d7f57545a67519941e7](https://polygonscan.com/address/0x07711bb6dfbc99a1df1f2d7f57545a67519941e7)\n",
-                "text": "A specially crafted calldata may be used to impersonate other accounts\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detects direct creations of SSLConnectionSocketFactories that don't disallow SSL v2, SSL v3, and TLS v1. SSLSocketFactory can be used to validate the identity of the HTTPS server against a list of trusted certificates. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detects direct creations of SSLConnectionSocketFactories that don't disallow SSL v2, SSL v3, and TLS v1. SSLSocketFactory can be used to validate the identity of the HTTPS server against a list of trusted certificates. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions1.disallow-old-tls-versions1)\n - [https://stackoverflow.com/questions/26429751/java-http-clients-and-poodle](https://stackoverflow.com/questions/26429751/java-http-clients-and-poodle)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.superfluid-ctx-injection.superfluid-ctx-injection",
-              "id": "solidity.security.superfluid-ctx-injection.superfluid-ctx-injection",
-              "name": "solidity.security.superfluid-ctx-injection.superfluid-ctx-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-20: Improper Input Validation",
-                  "HIGH CONFIDENCE",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.superfluid-ctx-injection.superfluid-ctx-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.jwt.security.audit.jwt-decode-without-verify.ruby-jwt-decode-without-verify",
+              "name": "ruby.jwt.security.audit.jwt-decode-without-verify.ruby-jwt-decode-without-verify",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.jwt.security.audit.jwt-decode-without-verify.ruby-jwt-decode-without-verify"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `compileScript` method it can result in Server-Side Request Forgery vulnerabilities"
+              "full_description": {
+                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.jwt.security.audit.jwt-decode-without-verify.ruby-jwt-decode-without-verify",
               "help": {
-                "markdown": "If unverified user data can reach the `compileScript` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.chrome-remote-interface.security.audit.chrome-remote-interface-compilescript-injection.chrome-remote-interface-compilescript-injection)\n - [https://github.com/cyrus-and/chrome-remote-interface](https://github.com/cyrus-and/chrome-remote-interface)\n",
-                "text": "If unverified user data can reach the `compileScript` method it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.jwt.security.audit.jwt-decode-without-verify.ruby-jwt-decode-without-verify)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.chrome-remote-interface.security.audit.chrome-remote-interface-compilescript-injection.chrome-remote-interface-compilescript-injection",
-              "id": "javascript.chrome-remote-interface.security.audit.chrome-remote-interface-compilescript-injection.chrome-remote-interface-compilescript-injection",
-              "name": "javascript.chrome-remote-interface.security.audit.chrome-remote-interface-compilescript-injection.chrome-remote-interface-compilescript-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "CWE-345: Insufficient Verification of Data Authenticity",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.chrome-remote-interface.security.audit.chrome-remote-interface-compilescript-injection.chrome-remote-interface-compilescript-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.ftplib.ftplib",
+              "name": "python.lang.security.audit.ftplib.ftplib",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.ftplib.ftplib"
               },
-              "fullDescription": {
-                "text": "Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML."
+              "full_description": {
+                "text": "FTP does not encrypt communications by default. This can lead to sensitive data being exposed. Ensure use of FTP here does not expose sensitive data."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.ftplib.ftplib",
               "help": {
-                "markdown": "Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.direct-response-write.direct-response-write)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)\n",
-                "text": "Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "FTP does not encrypt communications by default. This can lead to sensitive data being exposed. Ensure use of FTP here does not expose sensitive data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "FTP does not encrypt communications by default. This can lead to sensitive data being exposed. Ensure use of FTP here does not expose sensitive data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.ftplib.ftplib)\n - [https://docs.python.org/3/library/telnetlib.html](https://docs.python.org/3/library/telnetlib.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.direct-response-write.direct-response-write",
-              "id": "javascript.express.security.audit.xss.direct-response-write.direct-response-write",
-              "name": "javascript.express.security.audit.xss.direct-response-write.direct-response-write",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.direct-response-write.direct-response-write"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.cors-misconfiguration.cors-misconfiguration",
+              "name": "javascript.express.security.cors-misconfiguration.cors-misconfiguration",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.cors-misconfiguration.cors-misconfiguration"
               },
-              "fullDescription": {
-                "text": "Mcrypt functionality has been deprecated and/or removed in recent PHP versions. Consider using Sodium or OpenSSL."
+              "full_description": {
+                "text": "By letting user input control CORS parameters, there is a risk that software does not properly verify that the source of data or communication is valid. Use literal values for CORS settings."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.cors-misconfiguration.cors-misconfiguration",
               "help": {
-                "markdown": "Mcrypt functionality has been deprecated and/or removed in recent PHP versions. Consider using Sodium or OpenSSL.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.mcrypt-use.mcrypt-use)\n - [https://www.php.net/manual/en/intro.mcrypt.php](https://www.php.net/manual/en/intro.mcrypt.php)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/CryptoFunctionsSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/CryptoFunctionsSniff.php)\n",
-                "text": "Mcrypt functionality has been deprecated and/or removed in recent PHP versions. Consider using Sodium or OpenSSL.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "By letting user input control CORS parameters, there is a risk that software does not properly verify that the source of data or communication is valid. Use literal values for CORS settings.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "By letting user input control CORS parameters, there is a risk that software does not properly verify that the source of data or communication is valid. Use literal values for CORS settings.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.cors-misconfiguration.cors-misconfiguration)\n - [https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.mcrypt-use.mcrypt-use",
-              "id": "php.lang.security.mcrypt-use.mcrypt-use",
-              "name": "php.lang.security.mcrypt-use.mcrypt-use",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-676: Use of Potentially Dangerous Function",
-                  "LOW CONFIDENCE",
+                  "CWE-346: Origin Validation Error",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.mcrypt-use.mcrypt-use"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.tainted-url-host.tainted-url-host",
+              "name": "python.django.security.injection.tainted-url-host.tainted-url-host",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.tainted-url-host.tainted-url-host"
               },
-              "fullDescription": {
-                "text": "Do not set FLASK_ENV to \"development\" since that sets `debug=True` in Flask. Use \"dev\" or a similar term instead."
+              "full_description": {
+                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.tainted-url-host.tainted-url-host",
               "help": {
-                "markdown": "Do not set FLASK_ENV to \"development\" since that sets `debug=True` in Flask. Use \"dev\" or a similar term instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.env.flask-debugging-enabled.flask-debugging-enabled)\n - [https://flask.palletsprojects.com/en/2.0.x/debugging/](https://flask.palletsprojects.com/en/2.0.x/debugging/)\n - [https://flask.palletsprojects.com/en/2.0.x/config/#ENV](https://flask.palletsprojects.com/en/2.0.x/config/#ENV)\n",
-                "text": "Do not set FLASK_ENV to \"development\" since that sets `debug=True` in Flask. Use \"dev\" or a similar term instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.tainted-url-host.tainted-url-host)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.env.flask-debugging-enabled.flask-debugging-enabled",
-              "id": "yaml.kubernetes.security.env.flask-debugging-enabled.flask-debugging-enabled",
-              "name": "yaml.kubernetes.security.env.flask-debugging-enabled.flask-debugging-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-489: Active Debug Code",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.env.flask-debugging-enabled.flask-debugging-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "clojure.lang.security.use-of-sha1.use-of-sha1",
+              "name": "clojure.lang.security.use-of-sha1.use-of-sha1",
+              "short_description": {
+                "text": "Semgrep Finding: clojure.lang.security.use-of-sha1.use-of-sha1"
               },
-              "fullDescription": {
-                "text": "Wildcard used in your SQS queue policy principal. This grants access to all users, including anonymous users (public access). Unless you explicitly require anyone on the internet to be able to read or write to your queue, limit principals, actions and resources to what you need according to least privilege."
+              "full_description": {
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/clojure.lang.security.use-of-sha1.use-of-sha1",
               "help": {
-                "markdown": "Wildcard used in your SQS queue policy principal. This grants access to all users, including anonymous users (public access). Unless you explicitly require anyone on the internet to be able to read or write to your queue, limit principals, actions and resources to what you need according to least privilege.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-sqs-queue-policy-wildcard-principal.aws-sqs-queue-policy-wildcard-principal)\n - [https://cwe.mitre.org/data/definitions/732.html](https://cwe.mitre.org/data/definitions/732.html)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy)\n - [https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-security-best-practices.html](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-security-best-practices.html)\n",
-                "text": "Wildcard used in your SQS queue policy principal. This grants access to all users, including anonymous users (public access). Unless you explicitly require anyone on the internet to be able to read or write to your queue, limit principals, actions and resources to what you need according to least privilege.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/clojure.lang.security.use-of-sha1.use-of-sha1)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-sqs-queue-policy-wildcard-principal.aws-sqs-queue-policy-wildcard-principal",
-              "id": "terraform.aws.security.aws-sqs-queue-policy-wildcard-principal.aws-sqs-queue-policy-wildcard-principal",
-              "name": "terraform.aws.security.aws-sqs-queue-policy-wildcard-principal.aws-sqs-queue-policy-wildcard-principal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-328: Use of Weak Hash",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-sqs-queue-policy-wildcard-principal.aws-sqs-queue-policy-wildcard-principal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.xss.no-io-writestring-to-responsewriter.no-io-writestring-to-responsewriter",
+              "name": "go.lang.security.audit.xss.no-io-writestring-to-responsewriter.no-io-writestring-to-responsewriter",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.xss.no-io-writestring-to-responsewriter.no-io-writestring-to-responsewriter"
               },
-              "fullDescription": {
-                "text": "'content_tag()' bypasses HTML escaping for some portion of the content. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here. If you must do this, create your HTML manually and use 'html_safe'. Ensure no external data enters the HTML-safe string!"
+              "full_description": {
+                "text": "Detected 'io.WriteString()' writing directly to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-io-writestring-to-responsewriter.no-io-writestring-to-responsewriter",
               "help": {
-                "markdown": "'content_tag()' bypasses HTML escaping for some portion of the content. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here. If you must do this, create your HTML manually and use 'html_safe'. Ensure no external data enters the HTML-safe string!\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-content-tag.avoid-content-tag)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/template_injection/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/template_injection/index.markdown)\n - [https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/](https://www.netsparker.com/blog/web-security/preventing-xss-ruby-on-rails-web-applications/)\n",
-                "text": "'content_tag()' bypasses HTML escaping for some portion of the content. If external data can reach here, this exposes your application to cross-site scripting (XSS) attacks. Ensure no external data reaches here. If you must do this, create your HTML manually and use 'html_safe'. Ensure no external data enters the HTML-safe string!\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected 'io.WriteString()' writing directly to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected 'io.WriteString()' writing directly to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-io-writestring-to-responsewriter.no-io-writestring-to-responsewriter)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n - [https://golang.org/pkg/io/#WriteString](https://golang.org/pkg/io/#WriteString)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.avoid-content-tag.avoid-content-tag",
-              "id": "ruby.rails.security.audit.xss.avoid-content-tag.avoid-content-tag",
-              "name": "ruby.rails.security.audit.xss.avoid-content-tag.avoid-content-tag",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -25827,595 +27064,600 @@
                   "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.avoid-content-tag.avoid-content-tag"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli",
+              "name": "java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli"
               },
-              "fullDescription": {
-                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to."
+              "full_description": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli",
               "help": {
-                "markdown": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-shell-call.avoid-tainted-shell-call)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown)\n",
-                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-shell-call.avoid-tainted-shell-call",
-              "id": "ruby.rails.security.audit.avoid-tainted-shell-call.avoid-tainted-shell-call",
-              "name": "ruby.rails.security.audit.avoid-tainted-shell-call.avoid-tainted-shell-call",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.avoid-tainted-shell-call.avoid-tainted-shell-call"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.ci.security.bash-reverse-shell.bash_reverse_shell",
+              "name": "generic.ci.security.bash-reverse-shell.bash_reverse_shell",
+              "short_description": {
+                "text": "Semgrep Finding: generic.ci.security.bash-reverse-shell.bash_reverse_shell"
               },
-              "fullDescription": {
-                "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute remote code. See https://owasp.org/www-community/attacks/Code_Injection for more information."
+              "full_description": {
+                "text": "Semgrep found a bash reverse shell"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/generic.ci.security.bash-reverse-shell.bash_reverse_shell",
               "help": {
-                "markdown": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute remote code. See https://owasp.org/www-community/attacks/Code_Injection for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.code.user-eval-format-string.user-eval-format-string)\n - [https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html](https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html)\n",
-                "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute remote code. See https://owasp.org/www-community/attacks/Code_Injection for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Semgrep found a bash reverse shell\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Semgrep found a bash reverse shell\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.ci.security.bash-reverse-shell.bash_reverse_shell)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.code.user-eval-format-string.user-eval-format-string",
-              "id": "python.django.security.injection.code.user-eval-format-string.user-eval-format-string",
-              "name": "python.django.security.injection.code.user-eval-format-string.user-eval-format-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "HIGH CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.code.user-eval-format-string.user-eval-format-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.docker-compose.security.no-new-privileges.no-new-privileges",
+              "name": "yaml.docker-compose.security.no-new-privileges.no-new-privileges",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.docker-compose.security.no-new-privileges.no-new-privileges"
               },
-              "fullDescription": {
-                "text": "Detected a python logger call with a potential hardcoded secret $FORMAT_STRING being logged. This may lead to secret credentials being exposed. Make sure that the logger is not logging  sensitive information."
+              "full_description": {
+                "text": "Service '$SERVICE' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.docker-compose.security.no-new-privileges.no-new-privileges",
               "help": {
-                "markdown": "Detected a python logger call with a potential hardcoded secret $FORMAT_STRING being logged. This may lead to secret credentials being exposed. Make sure that the logger is not logging  sensitive information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure)\n - [https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures](https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures)\n",
-                "text": "Detected a python logger call with a potential hardcoded secret $FORMAT_STRING being logged. This may lead to secret credentials being exposed. Make sure that the logger is not logging  sensitive information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Service '$SERVICE' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Service '$SERVICE' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.no-new-privileges.no-new-privileges)\n - [https://raesene.github.io/blog/2019/06/01/docker-capabilities-and-no-new-privs/](https://raesene.github.io/blog/2019/06/01/docker-capabilities-and-no-new-privs/)\n - [https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure",
-              "id": "python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure",
-              "name": "python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-532: Insertion of Sensitive Information into Log File",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A09:2021 - Security Logging and Monitoring Failures",
+                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
+                  "LOW CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.nginx.security.missing-ssl-version.missing-ssl-version",
+              "name": "generic.nginx.security.missing-ssl-version.missing-ssl-version",
+              "short_description": {
+                "text": "Semgrep Finding: generic.nginx.security.missing-ssl-version.missing-ssl-version"
               },
-              "fullDescription": {
-                "text": "You should probably use Filename.get_temp_dirname()."
+              "full_description": {
+                "text": "This server configuration is missing the 'ssl_protocols' directive. By default, this server will use 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2', and versions older than TLSv1.2 are known to be broken. Explicitly specify 'ssl_protocols TLSv1.2 TLSv1.3' to use secure TLS versions."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.nginx.security.missing-ssl-version.missing-ssl-version",
               "help": {
-                "markdown": "You should probably use Filename.get_temp_dirname().\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.portability.slash-tmp.not-portable-tmp-string)\n",
-                "text": "You should probably use Filename.get_temp_dirname().\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "This server configuration is missing the 'ssl_protocols' directive. By default, this server will use 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2', and versions older than TLSv1.2 are known to be broken. Explicitly specify 'ssl_protocols TLSv1.2 TLSv1.3' to use secure TLS versions.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "This server configuration is missing the 'ssl_protocols' directive. By default, this server will use 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2', and versions older than TLSv1.2 are known to be broken. Explicitly specify 'ssl_protocols TLSv1.2 TLSv1.3' to use secure TLS versions.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.missing-ssl-version.missing-ssl-version)\n - [https://www.acunetix.com/blog/web-security-zone/hardening-nginx/](https://www.acunetix.com/blog/web-security-zone/hardening-nginx/)\n - [https://nginx.org/en/docs/http/configuring_https_servers.html](https://nginx.org/en/docs/http/configuring_https_servers.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ocaml.lang.portability.slash-tmp.not-portable-tmp-string",
-              "id": "ocaml.lang.portability.slash-tmp.not-portable-tmp-string",
-              "name": "ocaml.lang.portability.slash-tmp.not-portable-tmp-string",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ocaml.lang.portability.slash-tmp.not-portable-tmp-string"
+                "tags": [
+                  "CWE-326: Inadequate Encryption Strength",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.pycryptodome.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
+              "name": "python.pycryptodome.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
+              "short_description": {
+                "text": "Semgrep Finding: python.pycryptodome.security.insufficient-rsa-key-size.insufficient-rsa-key-size"
               },
-              "fullDescription": {
-                "text": "Checks for requests to http (unencrypted) sites using some of node js's most popular REST/HTTP libraries, including node-rest-client, axios, and got."
+              "full_description": {
+                "text": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.pycryptodome.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
               "help": {
-                "markdown": "Checks for requests to http (unencrypted) sites using some of node js's most popular REST/HTTP libraries, including node-rest-client, axios, and got.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.rest-http-client-support.rest-http-client-support)\n - [https://www.npmjs.com/package/axios](https://www.npmjs.com/package/axios)\n - [https://www.npmjs.com/package/got](https://www.npmjs.com/package/got)\n - [https://www.npmjs.com/package/node-rest-client](https://www.npmjs.com/package/node-rest-client)\n",
-                "text": "Checks for requests to http (unencrypted) sites using some of node js's most popular REST/HTTP libraries, including node-rest-client, axios, and got.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insufficient-rsa-key-size.insufficient-rsa-key-size)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.rest-http-client-support.rest-http-client-support",
-              "id": "problem-based-packs.insecure-transport.js-node.rest-http-client-support.rest-http-client-support",
-              "name": "problem-based-packs.insecure-transport.js-node.rest-http-client-support.rest-http-client-support",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-326: Inadequate Encryption Strength",
                   "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.rest-http-client-support.rest-http-client-support"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "php.symfony.security.audit.symfony-permissive-cors.symfony-permissive-cors",
+              "name": "php.symfony.security.audit.symfony-permissive-cors.symfony-permissive-cors",
+              "short_description": {
+                "text": "Semgrep Finding: php.symfony.security.audit.symfony-permissive-cors.symfony-permissive-cors"
               },
-              "fullDescription": {
-                "text": "Bracket object notation with user input is present, this might allow an attacker to access all properties of the object and even it's prototype. Use literal values for object properties."
+              "full_description": {
+                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/php.symfony.security.audit.symfony-permissive-cors.symfony-permissive-cors",
               "help": {
-                "markdown": "Bracket object notation with user input is present, this might allow an attacker to access all properties of the object and even it's prototype. Use literal values for object properties.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.remote-property-injection.remote-property-injection)\n - [https://github.com/nodesecurity/eslint-plugin-security/blob/3c7522ca1be800353513282867a1034c795d9eb4/docs/the-dangers-of-square-bracket-notation.md](https://github.com/nodesecurity/eslint-plugin-security/blob/3c7522ca1be800353513282867a1034c795d9eb4/docs/the-dangers-of-square-bracket-notation.md)\n",
-                "text": "Bracket object notation with user input is present, this might allow an attacker to access all properties of the object and even it's prototype. Use literal values for object properties.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.symfony.security.audit.symfony-permissive-cors.symfony-permissive-cors)\n - [https://developer.mozilla.org/ru/docs/Web/HTTP/Headers/Access-Control-Allow-Origin](https://developer.mozilla.org/ru/docs/Web/HTTP/Headers/Access-Control-Allow-Origin)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.remote-property-injection.remote-property-injection",
-              "id": "javascript.express.security.audit.remote-property-injection.remote-property-injection",
-              "name": "javascript.express.security.audit.remote-property-injection.remote-property-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
+                  "CWE-346: Origin Validation Error",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.remote-property-injection.remote-property-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.servletresponse-writer-xss.servletresponse-writer-xss",
+              "name": "java.lang.security.servletresponse-writer-xss.servletresponse-writer-xss",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.servletresponse-writer-xss.servletresponse-writer-xss"
               },
-              "fullDescription": {
-                "text": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands."
+              "full_description": {
+                "text": "Cross-site scripting detected in HttpServletResponse writer with variable '$VAR'. User input was detected going directly from the HttpServletRequest into output. Ensure your data is properly encoded using org.owasp.encoder.Encode.forHtml: 'Encode.forHtml($VAR)'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.servletresponse-writer-xss.servletresponse-writer-xss",
               "help": {
-                "markdown": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-os-exec.dangerous-os-exec)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n",
-                "text": "Found user controlled content when spawning a process. This is dangerous because it allows a malicious actor to execute commands.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Cross-site scripting detected in HttpServletResponse writer with variable '$VAR'. User input was detected going directly from the HttpServletRequest into output. Ensure your data is properly encoded using org.owasp.encoder.Encode.forHtml: 'Encode.forHtml($VAR)'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Cross-site scripting detected in HttpServletResponse writer with variable '$VAR'. User input was detected going directly from the HttpServletRequest into output. Ensure your data is properly encoded using org.owasp.encoder.Encode.forHtml: 'Encode.forHtml($VAR)'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.servletresponse-writer-xss.servletresponse-writer-xss)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.dangerous-os-exec.dangerous-os-exec",
-              "id": "python.lang.security.dangerous-os-exec.dangerous-os-exec",
-              "name": "python.lang.security.dangerous-os-exec.dangerous-os-exec",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.dangerous-os-exec.dangerous-os-exec"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.cryptography.security.insecure-hash-algorithms-md5.insecure-hash-algorithm-md5",
+              "name": "python.cryptography.security.insecure-hash-algorithms-md5.insecure-hash-algorithm-md5",
+              "short_description": {
+                "text": "Semgrep Finding: python.cryptography.security.insecure-hash-algorithms-md5.insecure-hash-algorithm-md5"
               },
-              "fullDescription": {
-                "text": "If an attacker controls the x in require(x) then they can cause code to load that was not intended to run on the server."
+              "full_description": {
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.cryptography.security.insecure-hash-algorithms-md5.insecure-hash-algorithm-md5",
               "help": {
-                "markdown": "If an attacker controls the x in require(x) then they can cause code to load that was not intended to run on the server.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.require-request.require-request)\n - [https://github.com/google/node-sec-roadmap/blob/master/chapter-2/dynamism.md#dynamism-when-you-need-it](https://github.com/google/node-sec-roadmap/blob/master/chapter-2/dynamism.md#dynamism-when-you-need-it)\n",
-                "text": "If an attacker controls the x in require(x) then they can cause code to load that was not intended to run on the server.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-hash-algorithms-md5.insecure-hash-algorithm-md5)\n - [https://cryptography.io/en/latest/hazmat/primitives/cryptographic-hashes/#md5](https://cryptography.io/en/latest/hazmat/primitives/cryptographic-hashes/#md5)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.require-request.require-request",
-              "id": "javascript.express.security.require-request.require-request",
-              "name": "javascript.express.security.require-request.require-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-706: Use of Incorrectly-Resolved Name or Reference",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.require-request.require-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.nginx.security.insecure-ssl-version.insecure-ssl-version",
+              "name": "generic.nginx.security.insecure-ssl-version.insecure-ssl-version",
+              "short_description": {
+                "text": "Semgrep Finding: generic.nginx.security.insecure-ssl-version.insecure-ssl-version"
               },
-              "fullDescription": {
-                "text": "Default session middleware settings: `setSecure` not set to true. This ensures that the cookie is sent only over HTTPS to prevent cross-site scripting attacks."
+              "full_description": {
+                "text": "Detected use of an insecure SSL version. Secure SSL versions are TLSv1.2 and TLS1.3; older versions are known to be broken and are susceptible to attacks. Prefer use of TLSv1.2 or later."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.nginx.security.insecure-ssl-version.insecure-ssl-version",
               "help": {
-                "markdown": "Default session middleware settings: `setSecure` not set to true. This ensures that the cookie is sent only over HTTPS to prevent cross-site scripting attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.servlets.security.cookie-issecure-false.cookie-issecure-false)\n - [https://docs.oracle.com/javaee/6/api/javax/servlet/http/Cookie.html#setSecure(boolean)](https://docs.oracle.com/javaee/6/api/javax/servlet/http/Cookie.html#setSecure(boolean))\n - [https://owasp.org/www-community/controls/SecureCookieAttribute](https://owasp.org/www-community/controls/SecureCookieAttribute)\n",
-                "text": "Default session middleware settings: `setSecure` not set to true. This ensures that the cookie is sent only over HTTPS to prevent cross-site scripting attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected use of an insecure SSL version. Secure SSL versions are TLSv1.2 and TLS1.3; older versions are known to be broken and are susceptible to attacks. Prefer use of TLSv1.2 or later.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected use of an insecure SSL version. Secure SSL versions are TLSv1.2 and TLS1.3; older versions are known to be broken and are susceptible to attacks. Prefer use of TLSv1.2 or later.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.insecure-ssl-version.insecure-ssl-version)\n - [https://www.acunetix.com/blog/web-security-zone/hardening-nginx/](https://www.acunetix.com/blog/web-security-zone/hardening-nginx/)\n - [https://www.acunetix.com/blog/articles/tls-ssl-cipher-hardening/](https://www.acunetix.com/blog/articles/tls-ssl-cipher-hardening/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.servlets.security.cookie-issecure-false.cookie-issecure-false",
-              "id": "java.servlets.security.cookie-issecure-false.cookie-issecure-false",
-              "name": "java.servlets.security.cookie-issecure-false.cookie-issecure-false",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "HIGH CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.servlets.security.cookie-issecure-false.cookie-issecure-false"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "scala.lang.security.audit.sax-dtd-enabled.sax-dtd-enabled",
+              "name": "scala.lang.security.audit.sax-dtd-enabled.sax-dtd-enabled",
+              "short_description": {
+                "text": "Semgrep Finding: scala.lang.security.audit.sax-dtd-enabled.sax-dtd-enabled"
               },
-              "fullDescription": {
-                "text": "Avoid using insecure deserialization library, backed by `pickle`, `_pickle`, `cpickle`, `dill`, `shelve`, or `yaml`, which are known to lead to remote code execution vulnerabilities."
+              "full_description": {
+                "text": "XML processor being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Parsers can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/scala.lang.security.audit.sax-dtd-enabled.sax-dtd-enabled",
               "help": {
-                "markdown": "Avoid using insecure deserialization library, backed by `pickle`, `_pickle`, `cpickle`, `dill`, `shelve`, or `yaml`, which are known to lead to remote code execution vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n",
-                "text": "Avoid using insecure deserialization library, backed by `pickle`, `_pickle`, `cpickle`, `dill`, `shelve`, or `yaml`, which are known to lead to remote code execution vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "XML processor being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Parsers can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "XML processor being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Parsers can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.sax-dtd-enabled.sax-dtd-enabled)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization",
-              "id": "python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization",
-              "name": "python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Rather than adding one element at a time, consider batch loading to improve performance."
-              },
-              "help": {
-                "markdown": "Rather than adding one element at a time, consider batch loading to improve performance.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sqlalchemy.performance.performance-improvements.batch-import)\n",
-                "text": "Rather than adding one element at a time, consider batch loading to improve performance.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.sqlalchemy.performance.performance-improvements.batch-import",
-              "id": "python.sqlalchemy.performance.performance-improvements.batch-import",
-              "name": "python.sqlalchemy.performance.performance-improvements.batch-import",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
+              "id": "go.lang.security.injection.tainted-sql-string.tainted-sql-string",
+              "name": "go.lang.security.injection.tainted-sql-string.tainted-sql-string",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.injection.tainted-sql-string.tainted-sql-string"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.sqlalchemy.performance.performance-improvements.batch-import"
-              }
-            },
-            {
-              "defaultConfiguration": {
-                "level": "warning"
+              "full_description": {
+                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`db.Query(\"SELECT * FROM t WHERE id = ?\", id)`) or a safe library."
               },
-              "fullDescription": {
-                "text": "MemoryMarshal.CreateSpan and MemoryMarshal.CreateReadOnlySpan should be used with caution, as the length argument is not checked."
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.injection.tainted-sql-string.tainted-sql-string",
               "help": {
-                "markdown": "MemoryMarshal.CreateSpan and MemoryMarshal.CreateReadOnlySpan should be used with caution, as the length argument is not checked.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.memory.memory-marshal-create-span.memory-marshal-create-span)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.runtime.interopservices.memorymarshal.createspan?view=net-6.0](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.interopservices.memorymarshal.createspan?view=net-6.0)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.runtime.interopservices.memorymarshal.createreadonlyspan?view=net-6.0](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.interopservices.memorymarshal.createreadonlyspan?view=net-6.0)\n",
-                "text": "MemoryMarshal.CreateSpan and MemoryMarshal.CreateReadOnlySpan should be used with caution, as the length argument is not checked.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`db.Query(\"SELECT * FROM t WHERE id = ?\", id)`) or a safe library.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`db.Query(\"SELECT * FROM t WHERE id = ?\", id)`) or a safe library.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://golang.org/doc/database/sql-injection](https://golang.org/doc/database/sql-injection)\n - [https://www.stackhawk.com/blog/golang-sql-injection-guide-examples-and-prevention/](https://www.stackhawk.com/blog/golang-sql-injection-guide-examples-and-prevention/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.memory.memory-marshal-create-span.memory-marshal-create-span",
-              "id": "csharp.lang.security.memory.memory-marshal-create-span.memory-marshal-create-span",
-              "name": "csharp.lang.security.memory.memory-marshal-create-span.memory-marshal-create-span",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-125: Out-of-bounds Read",
-                  "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.memory.memory-marshal-create-span.memory-marshal-create-span"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.android.security.exported_activity.exported_activity",
+              "name": "java.android.security.exported_activity.exported_activity",
+              "short_description": {
+                "text": "Semgrep Finding: java.android.security.exported_activity.exported_activity"
               },
-              "fullDescription": {
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead."
+              "full_description": {
+                "text": "The application exports an activity. Any application on the device can launch the exported activity which may compromise the integrity of your application or its data.  Ensure that any exported activities do not have privileged access to your application's control plane."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.android.security.exported_activity.exported_activity",
               "help": {
-                "markdown": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.tainted-html-string.tainted-html-string)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates which will safely render HTML instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The application exports an activity. Any application on the device can launch the exported activity which may compromise the integrity of your application or its data.  Ensure that any exported activities do not have privileged access to your application's control plane.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The application exports an activity. Any application on the device can launch the exported activity which may compromise the integrity of your application or its data.  Ensure that any exported activities do not have privileged access to your application's control plane.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.android.security.exported_activity.exported_activity)\n - [https://cwe.mitre.org/data/definitions/926.html](https://cwe.mitre.org/data/definitions/926.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.tainted-html-string.tainted-html-string",
-              "id": "javascript.aws-lambda.security.tainted-html-string.tainted-html-string",
-              "name": "javascript.aws-lambda.security.tainted-html-string.tainted-html-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-926: Improper Export of Android Application Components",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A5:2021 Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.tainted-html-string.tainted-html-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-softlayer-api-key.detected-softlayer-api-key",
+              "name": "generic.secrets.security.detected-softlayer-api-key.detected-softlayer-api-key",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-softlayer-api-key.detected-softlayer-api-key"
               },
-              "fullDescription": {
-                "text": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities"
+              "full_description": {
+                "text": "SoftLayer API Key detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-softlayer-api-key.detected-softlayer-api-key",
               "help": {
-                "markdown": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.xml2json.security.audit.xml2json-xxe.xml2json-xxe)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n",
-                "text": "If unverified user data can reach the XML Parser it can result in XML External or Internal Entity (XXE) Processing vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "SoftLayer API Key detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "SoftLayer API Key detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-softlayer-api-key.detected-softlayer-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.xml2json.security.audit.xml2json-xxe.xml2json-xxe",
-              "id": "javascript.xml2json.security.audit.xml2json-xxe.xml2json-xxe",
-              "name": "javascript.xml2json.security.audit.xml2json-xxe.xml2json-xxe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.xml2json.security.audit.xml2json-xxe.xml2json-xxe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-sagemaker-domain-encrypted-with-cmk.aws-sagemaker-domain-encrypted-with-cmk",
+              "name": "terraform.aws.security.aws-sagemaker-domain-encrypted-with-cmk.aws-sagemaker-domain-encrypted-with-cmk",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-sagemaker-domain-encrypted-with-cmk.aws-sagemaker-domain-encrypted-with-cmk"
               },
-              "fullDescription": {
-                "text": "The syntax `<%== ... %>` is an alias for `html_safe`. This means the content inside these tags will be rendered as raw HTML. This may expose your application to cross-site scripting. If you need raw HTML, prefer using the more explicit `html_safe` and be sure to correctly sanitize variables using a library such as DOMPurify."
+              "full_description": {
+                "text": "Ensure AWS Sagemaker domains are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-sagemaker-domain-encrypted-with-cmk.aws-sagemaker-domain-encrypted-with-cmk",
               "help": {
-                "markdown": "The syntax `<%== ... %>` is an alias for `html_safe`. This means the content inside these tags will be rendered as raw HTML. This may expose your application to cross-site scripting. If you need raw HTML, prefer using the more explicit `html_safe` and be sure to correctly sanitize variables using a library such as DOMPurify.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.alias-for-html-safe.alias-for-html-safe)\n - [https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027](https://medium.com/sumone-technical-blog/a-pretty-way-to-unescape-html-in-a-ruby-on-rails-application-efc22b850027)\n - [https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===](https://stackoverflow.com/questions/4251284/raw-vs-html-safe-vs-h-to-unescape-html#:~:text===)\n",
-                "text": "The syntax `<%== ... %>` is an alias for `html_safe`. This means the content inside these tags will be rendered as raw HTML. This may expose your application to cross-site scripting. If you need raw HTML, prefer using the more explicit `html_safe` and be sure to correctly sanitize variables using a library such as DOMPurify.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Ensure AWS Sagemaker domains are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Ensure AWS Sagemaker domains are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-sagemaker-domain-encrypted-with-cmk.aws-sagemaker-domain-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.alias-for-html-safe.alias-for-html-safe",
-              "id": "ruby.rails.security.audit.xss.templates.alias-for-html-safe.alias-for-html-safe",
-              "name": "ruby.rails.security.audit.xss.templates.alias-for-html-safe.alias-for-html-safe",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.alias-for-html-safe.alias-for-html-safe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.doctrine.security.audit.doctrine-dbal-dangerous-query.doctrine-dbal-dangerous-query",
+              "name": "php.doctrine.security.audit.doctrine-dbal-dangerous-query.doctrine-dbal-dangerous-query",
+              "short_description": {
+                "text": "Semgrep Finding: php.doctrine.security.audit.doctrine-dbal-dangerous-query.doctrine-dbal-dangerous-query"
               },
-              "fullDescription": {
-                "text": "Ensure IAM policies don't allow resource exposure. These actions can expose AWS resources to the public. For example `ecr:SetRepositoryPolicy` could let an attacker retrieve container images. Instead, use another action that doesn't expose AWS resources."
+              "full_description": {
+                "text": "Detected string concatenation with a non-literal variable in a Doctrine DBAL query method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.doctrine.security.audit.doctrine-dbal-dangerous-query.doctrine-dbal-dangerous-query",
               "help": {
-                "markdown": "Ensure IAM policies don't allow resource exposure. These actions can expose AWS resources to the public. For example `ecr:SetRepositoryPolicy` could let an attacker retrieve container images. Instead, use another action that doesn't expose AWS resources.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-resource-exposure.no-iam-resource-exposure)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/resource-exposure/](https://cloudsplaining.readthedocs.io/en/latest/glossary/resource-exposure/)\n - [https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMPermissionsManagement.py](https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMPermissionsManagement.py)\n",
-                "text": "Ensure IAM policies don't allow resource exposure. These actions can expose AWS resources to the public. For example `ecr:SetRepositoryPolicy` could let an attacker retrieve container images. Instead, use another action that doesn't expose AWS resources.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected string concatenation with a non-literal variable in a Doctrine DBAL query method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected string concatenation with a non-literal variable in a Doctrine DBAL query method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.doctrine.security.audit.doctrine-dbal-dangerous-query.doctrine-dbal-dangerous-query)\n - [https://www.doctrine-project.org/projects/doctrine-dbal/en/current/reference/security.html](https://www.doctrine-project.org/projects/doctrine-dbal/en/current/reference/security.html)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-resource-exposure.no-iam-resource-exposure",
-              "id": "terraform.lang.security.iam.no-iam-resource-exposure.no-iam-resource-exposure",
-              "name": "terraform.lang.security.iam.no-iam-resource-exposure.no-iam-resource-exposure",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-resource-exposure.no-iam-resource-exposure"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.cryptography.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
+              "name": "python.cryptography.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
+              "short_description": {
+                "text": "Semgrep Finding: python.cryptography.security.insufficient-rsa-key-size.insufficient-rsa-key-size"
               },
-              "fullDescription": {
-                "text": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens."
+              "full_description": {
+                "text": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.cryptography.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
               "help": {
-                "markdown": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.jwt.security.jwt-exposed-credentials.jwt-python-exposed-credentials)\n - [https://cwe.mitre.org/data/definitions/522.html](https://cwe.mitre.org/data/definitions/522.html)\n",
-                "text": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insufficient-rsa-key-size.insufficient-rsa-key-size)\n - [https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/](https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.jwt.security.jwt-exposed-credentials.jwt-python-exposed-credentials",
-              "id": "python.jwt.security.jwt-exposed-credentials.jwt-python-exposed-credentials",
-              "name": "python.jwt.security.jwt-exposed-credentials.jwt-python-exposed-credentials",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-326: Inadequate Encryption Strength",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.jwt.security.jwt-exposed-credentials.jwt-python-exposed-credentials"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.paramiko.paramiko-exec-command.paramiko-exec-command",
+              "name": "python.lang.security.audit.paramiko.paramiko-exec-command.paramiko-exec-command",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.paramiko.paramiko-exec-command.paramiko-exec-command"
               },
-              "fullDescription": {
-                "text": "Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections."
+              "full_description": {
+                "text": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context()' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.paramiko.paramiko-exec-command.paramiko-exec-command",
               "help": {
-                "markdown": "Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.detect-insecure-websocket.detect-insecure-websocket)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context()' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context()' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.paramiko.paramiko-exec-command.paramiko-exec-command)\n - [http://docs.paramiko.org/en/stable/api/client.html#paramiko.client.SSHClient.exec_command](http://docs.paramiko.org/en/stable/api/client.html#paramiko.client.SSHClient.exec_command)\n - [https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/plugins/injection_paramiko.py](https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/plugins/injection_paramiko.py)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.detect-insecure-websocket.detect-insecure-websocket",
-              "id": "javascript.lang.security.detect-insecure-websocket.detect-insecure-websocket",
-              "name": "javascript.lang.security.detect-insecure-websocket.detect-insecure-websocket",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.detect-insecure-websocket.detect-insecure-websocket"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.ssl.insecure-trust-manager.insecure-trust-manager",
+              "name": "java.lang.security.audit.crypto.ssl.insecure-trust-manager.insecure-trust-manager",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.ssl.insecure-trust-manager.insecure-trust-manager"
               },
-              "fullDescription": {
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              "full_description": {
+                "text": "Detected empty trust manager implementations. This is dangerous because it accepts any certificate, enabling man-in-the-middle attacks. Consider using a KeyStore and TrustManagerFactory instead. See https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.insecure-trust-manager.insecure-trust-manager",
               "help": {
-                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-md5)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected empty trust manager implementations. This is dangerous because it accepts any certificate, enabling man-in-the-middle attacks. Consider using a KeyStore and TrustManagerFactory instead. See https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected empty trust manager implementations. This is dangerous because it accepts any certificate, enabling man-in-the-middle attacks. Consider using a KeyStore and TrustManagerFactory instead. See https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.insecure-trust-manager.insecure-trust-manager)\n - [https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https](https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-md5",
-              "id": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-md5",
-              "name": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-md5",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-328: Use of Weak Hash",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-295: Improper Certificate Validation",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.use_of_weak_crypto.use-of-md5"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.spring.security.audit.spring-jsp-eval.spring-jsp-eval",
+              "name": "java.spring.security.audit.spring-jsp-eval.spring-jsp-eval",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.audit.spring-jsp-eval.spring-jsp-eval"
               },
-              "fullDescription": {
-                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data."
+              "full_description": {
+                "text": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.audit.spring-jsp-eval.spring-jsp-eval",
               "help": {
-                "markdown": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.xxe.xmlreadersettings-unsafe-parser-override.xmlreadersettings-unsafe-parser-override)\n - [https://www.jardinesoftware.net/2016/05/26/xxe-and-net/](https://www.jardinesoftware.net/2016/05/26/xxe-and-net/)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks)\n",
-                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spring-jsp-eval.spring-jsp-eval)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.xxe.xmlreadersettings-unsafe-parser-override.xmlreadersettings-unsafe-parser-override",
-              "id": "csharp.lang.security.xxe.xmlreadersettings-unsafe-parser-override.xmlreadersettings-unsafe-parser-override",
-              "name": "csharp.lang.security.xxe.xmlreadersettings-unsafe-parser-override.xmlreadersettings-unsafe-parser-override",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.xxe.xmlreadersettings-unsafe-parser-override.xmlreadersettings-unsafe-parser-override"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.crypto.use-of-md5.use-of-md5",
+              "name": "java.lang.security.audit.crypto.use-of-md5.use-of-md5",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-md5.use-of-md5"
               },
-              "fullDescription": {
-                "text": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks and therefore sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library."
+              "full_description": {
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-md5.use-of-md5",
               "help": {
-                "markdown": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks and therefore sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-open.path-traversal-open)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n",
-                "text": "Found request data in a call to 'open'. Ensure the request data is validated or sanitized, otherwise it could result in path traversal attacks and therefore sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or the pathlib library.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-md5.use-of-md5)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.path-traversal.path-traversal-open.path-traversal-open",
-              "id": "python.django.security.injection.path-traversal.path-traversal-open.path-traversal-open",
-              "name": "python.django.security.injection.path-traversal.path-traversal-open.path-traversal-open",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "CWE-328: Use of Weak Hash",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.path-traversal.path-traversal-open.path-traversal-open"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.go-stdlib.http-request.http-request",
+              "name": "problem-based-packs.insecure-transport.go-stdlib.http-request.http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.http-request.http-request"
               },
-              "fullDescription": {
-                "text": "Checks for disabling of TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks."
+              "full_description": {
+                "text": "Checks for requests sent via http.$FUNC to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.http-request.http-request",
               "help": {
-                "markdown": "Checks for disabling of TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification)\n - [https://stackoverflow.com/questions/12122159/how-to-do-a-https-request-with-bad-certificate](https://stackoverflow.com/questions/12122159/how-to-do-a-https-request-with-bad-certificate)\n",
-                "text": "Checks for disabling of TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests sent via http.$FUNC to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests sent via http.$FUNC to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.http-request.http-request)\n - [https://golang.org/pkg/net/http/#Get](https://golang.org/pkg/net/http/#Get)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification",
-              "id": "problem-based-packs.insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification",
-              "name": "problem-based-packs.insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -26424,47 +27666,26 @@
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "multiprocessing.Process.kill() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use terminate()."
-              },
-              "help": {
-                "markdown": "multiprocessing.Process.kill() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use terminate().\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-multiprocess2)\n",
-                "text": "multiprocessing.Process.kill() is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use terminate().\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "id": "python.lang.security.deserialization.pickle.avoid-dill",
+              "name": "python.lang.security.deserialization.pickle.avoid-dill",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.deserialization.pickle.avoid-dill"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-multiprocess2",
-              "id": "python.lang.compatibility.python37.python37-compatibility-multiprocess2",
-              "name": "python.lang.compatibility.python37.python37-compatibility-multiprocess2",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
+              "full_description": {
+                "text": "Avoid using `dill`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-multiprocess2"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "Avoid using `cPickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
-              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-dill",
               "help": {
-                "markdown": "Avoid using `cPickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-cPickle)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n",
-                "text": "Avoid using `cPickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoid using `dill`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoid using `dill`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-dill)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-cPickle",
-              "id": "python.lang.security.deserialization.pickle.avoid-cPickle",
-              "name": "python.lang.security.deserialization.pickle.avoid-cPickle",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -26474,406 +27695,386 @@
                   "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.deserialization.pickle.avoid-cPickle"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http",
+              "name": "python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http"
               },
-              "fullDescription": {
-                "text": "When using `System.Text.RegularExpressions` to process untrusted input, pass a timeout.  A malicious user can provide input to `RegularExpressions` that abuses the backtracking behaviour of this regular expression engine. This will lead to excessive CPU usage, causing a Denial-of-Service attack"
+              "full_description": {
+                "text": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http",
               "help": {
-                "markdown": "When using `System.Text.RegularExpressions` to process untrusted input, pass a timeout.  A malicious user can provide input to `RegularExpressions` that abuses the backtracking behaviour of this regular expression engine. This will lead to excessive CPU usage, causing a Denial-of-Service attack\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.regular-expression-dos.regular-expression-dos.regular-expression-dos)\n - [https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)\n - [https://docs.microsoft.com/en-us/dotnet/standard/base-types/regular-expressions#regular-expression-examples](https://docs.microsoft.com/en-us/dotnet/standard/base-types/regular-expressions#regular-expression-examples)\n",
-                "text": "When using `System.Text.RegularExpressions` to process untrusted input, pass a timeout.  A malicious user can provide input to `RegularExpressions` that abuses the backtracking behaviour of this regular expression engine. This will lead to excessive CPU usage, causing a Denial-of-Service attack\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.regular-expression-dos.regular-expression-dos.regular-expression-dos",
-              "id": "csharp.lang.security.regular-expression-dos.regular-expression-dos.regular-expression-dos",
-              "name": "csharp.lang.security.regular-expression-dos.regular-expression-dos.regular-expression-dos",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1333: Inefficient Regular Expression Complexity",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.regular-expression-dos.regular-expression-dos.regular-expression-dos"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.grpc.security.grpc-server-insecure-connection.grpc-server-insecure-connection",
+              "name": "go.grpc.security.grpc-server-insecure-connection.grpc-server-insecure-connection",
+              "short_description": {
+                "text": "Semgrep Finding: go.grpc.security.grpc-server-insecure-connection.grpc-server-insecure-connection"
               },
-              "fullDescription": {
-                "text": "Use of $window.location.href can lead to open-redirect if user input is used for redirection."
+              "full_description": {
+                "text": "Found an insecure gRPC server without 'grpc.Creds()' or options with credentials. This allows for a connection without encryption to this server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Include credentials derived from an SSL certificate in order to create a secure gRPC connection. You can create credentials using 'credentials.NewServerTLSFromFile(\"cert.pem\", \"cert.key\")'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/go.grpc.security.grpc-server-insecure-connection.grpc-server-insecure-connection",
               "help": {
-                "markdown": "Use of $window.location.href can lead to open-redirect if user input is used for redirection.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-open-redirect.detect-angular-open-redirect)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsJs](https://docs.angularjs.org/api/ng/service/$sce#trustAsJs)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "Use of $window.location.href can lead to open-redirect if user input is used for redirection.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found an insecure gRPC server without 'grpc.Creds()' or options with credentials. This allows for a connection without encryption to this server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Include credentials derived from an SSL certificate in order to create a secure gRPC connection. You can create credentials using 'credentials.NewServerTLSFromFile(\"cert.pem\", \"cert.key\")'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found an insecure gRPC server without 'grpc.Creds()' or options with credentials. This allows for a connection without encryption to this server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Include credentials derived from an SSL certificate in order to create a secure gRPC connection. You can create credentials using 'credentials.NewServerTLSFromFile(\"cert.pem\", \"cert.key\")'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.grpc.security.grpc-server-insecure-connection.grpc-server-insecure-connection)\n - [https://blog.gopheracademy.com/advent-2019/go-grps-and-tls/#connection-without-encryption](https://blog.gopheracademy.com/advent-2019/go-grps-and-tls/#connection-without-encryption)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-open-redirect.detect-angular-open-redirect",
-              "id": "javascript.angular.security.detect-angular-open-redirect.detect-angular-open-redirect",
-              "name": "javascript.angular.security.detect-angular-open-redirect.detect-angular-open-redirect",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-300: Channel Accessible by Non-Endpoint",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-open-redirect.detect-angular-open-redirect"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Potentially sensitive data was observed to be stored in UserDefaults, which is not adequate protection of sensitive information. For data of a sensitive nature, applications should leverage the Keychain."
-              },
-              "help": {
-                "markdown": "Potentially sensitive data was observed to be stored in UserDefaults, which is not adequate protection of sensitive information. For data of a sensitive nature, applications should leverage the Keychain.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/swift.lang.storage.sensitive-storage-userdefaults.swift-user-defaults)\n - [https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/Articles/ValidatingInput.html](https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/Articles/ValidatingInput.html)\n - [https://mas.owasp.org/MASVS/controls/MASVS-STORAGE-1/](https://mas.owasp.org/MASVS/controls/MASVS-STORAGE-1/)\n",
-                "text": "Potentially sensitive data was observed to be stored in UserDefaults, which is not adequate protection of sensitive information. For data of a sensitive nature, applications should leverage the Keychain.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "id": "java.lang.security.audit.sqli.hibernate-sqli.hibernate-sqli",
+              "name": "java.lang.security.audit.sqli.hibernate-sqli.hibernate-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.sqli.hibernate-sqli.hibernate-sqli"
               },
-              "helpUri": "https://semgrep.dev/r/swift.lang.storage.sensitive-storage-userdefaults.swift-user-defaults",
-              "id": "swift.lang.storage.sensitive-storage-userdefaults.swift-user-defaults",
-              "name": "swift.lang.storage.sensitive-storage-userdefaults.swift-user-defaults",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
-                  "security"
-                ]
+              "full_description": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: swift.lang.storage.sensitive-storage-userdefaults.swift-user-defaults"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "warning"
               },
-              "fullDescription": {
-                "text": "The top level wildcard bindings $PREFIX leaves your application open to security vulnerabilities and give attackers more control over where traffic is routed. If you must use wildcards, consider using subdomain wildcard binding. For example, you can use \"*.asdf.gov\" if you own all of \"asdf.gov\"."
-              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.sqli.hibernate-sqli.hibernate-sqli",
               "help": {
-                "markdown": "The top level wildcard bindings $PREFIX leaves your application open to security vulnerabilities and give attackers more control over where traffic is routed. If you must use wildcards, consider using subdomain wildcard binding. For example, you can use \"*.asdf.gov\" if you own all of \"asdf.gov\".\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.http.http-listener-wildcard-bindings.http-listener-wildcard-bindings)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.net.httplistener?view=net-6.0](https://docs.microsoft.com/en-us/dotnet/api/system.net.httplistener?view=net-6.0)\n",
-                "text": "The top level wildcard bindings $PREFIX leaves your application open to security vulnerabilities and give attackers more control over where traffic is routed. If you must use wildcards, consider using subdomain wildcard binding. For example, you can use \"*.asdf.gov\" if you own all of \"asdf.gov\".\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.hibernate-sqli.hibernate-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.http.http-listener-wildcard-bindings.http-listener-wildcard-bindings",
-              "id": "csharp.lang.security.http.http-listener-wildcard-bindings.http-listener-wildcard-bindings",
-              "name": "csharp.lang.security.http.http-listener-wildcard-bindings.http-listener-wildcard-bindings",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-706: Use of Incorrectly-Resolved Name or Reference",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.http.http-listener-wildcard-bindings.http-listener-wildcard-bindings"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.flask.security.dangerous-template-string.dangerous-template-string",
+              "name": "python.flask.security.dangerous-template-string.dangerous-template-string",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.dangerous-template-string.dangerous-template-string"
               },
-              "fullDescription": {
-                "text": "Calling `$WG.Add` inside of an anonymous goroutine may result in `$WG.Wait`\nwaiting for more or less calls to `$WG.Done()` than expected\n"
+              "full_description": {
+                "text": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.dangerous-template-string.dangerous-template-string",
               "help": {
-                "markdown": "Calling `$WG.Add` inside of an anonymous goroutine may result in `$WG.Wait`\nwaiting for more or less calls to `$WG.Done()` than expected\n\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.waitgroup-add-called-inside-goroutine.waitgroup-add-called-inside-goroutine)\n - [https://go101.org/article/concurrent-common-mistakes.html](https://go101.org/article/concurrent-common-mistakes.html)\n",
-                "text": "Calling `$WG.Add` inside of an anonymous goroutine may result in `$WG.Wait`\nwaiting for more or less calls to `$WG.Done()` than expected\n\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.dangerous-template-string.dangerous-template-string)\n - [https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html](https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html)\n - [https://pequalsnp-team.github.io/cheatsheet/flask-jinja2-ssti](https://pequalsnp-team.github.io/cheatsheet/flask-jinja2-ssti)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.waitgroup-add-called-inside-goroutine.waitgroup-add-called-inside-goroutine",
-              "id": "trailofbits.go.waitgroup-add-called-inside-goroutine.waitgroup-add-called-inside-goroutine",
-              "name": "trailofbits.go.waitgroup-add-called-inside-goroutine.waitgroup-add-called-inside-goroutine",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-667: Improper Locking",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.waitgroup-add-called-inside-goroutine.waitgroup-add-called-inside-goroutine"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_SECRET_KEY",
+              "name": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_SECRET_KEY",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_SECRET_KEY"
               },
-              "fullDescription": {
-                "text": "Usage of the insecure ECB mode detected. You should use an authenticated encryption mode instead, which is implemented by the classes AesGcm or ChaCha20Poly1305."
+              "full_description": {
+                "text": "Hardcoded variable `SECRET_KEY` detected. Use environment variables or config files instead"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_SECRET_KEY",
               "help": {
-                "markdown": "Usage of the insecure ECB mode detected. You should use an authenticated encryption mode instead, which is implemented by the classes AesGcm or ChaCha20Poly1305.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.use_ecb_mode.use_ecb_mode)\n - [https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.chacha20poly1305?view=net-6.0](https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.chacha20poly1305?view=net-6.0)\n - [https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.aesgcm?view=net-6.0](https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.aesgcm?view=net-6.0)\n - [https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.ciphermode?view=net-6.0](https://learn.microsoft.com/en-gb/dotnet/api/system.security.cryptography.ciphermode?view=net-6.0)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#cipher-modes](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#cipher-modes)\n",
-                "text": "Usage of the insecure ECB mode detected. You should use an authenticated encryption mode instead, which is implemented by the classes AesGcm or ChaCha20Poly1305.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Hardcoded variable `SECRET_KEY` detected. Use environment variables or config files instead\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Hardcoded variable `SECRET_KEY` detected. Use environment variables or config files instead\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_SECRET_KEY)\n - [https://bento.dev/checks/flask/avoid-hardcoded-config/](https://bento.dev/checks/flask/avoid-hardcoded-config/)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.dotnet.security.use_ecb_mode.use_ecb_mode",
-              "id": "csharp.dotnet.security.use_ecb_mode.use_ecb_mode",
-              "name": "csharp.dotnet.security.use_ecb_mode.use_ecb_mode",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-489: Active Debug Code",
+                  "LOW CONFIDENCE",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.dotnet.security.use_ecb_mode.use_ecb_mode"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.python.lxml-in-pandas.lxml-in-pandas",
+              "name": "trailofbits.python.lxml-in-pandas.lxml-in-pandas",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.python.lxml-in-pandas.lxml-in-pandas"
               },
-              "fullDescription": {
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              "full_description": {
+                "text": "Found usage of the `$FLAVOR` library, which is vulnerable to attacks such as XML external entity (XXE) attacks"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.python.lxml-in-pandas.lxml-in-pandas",
               "help": {
-                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.vertx-sqli.vertx-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found usage of the `$FLAVOR` library, which is vulnerable to attacks such as XML external entity (XXE) attacks\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found usage of the `$FLAVOR` library, which is vulnerable to attacks such as XML external entity (XXE) attacks\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.lxml-in-pandas.lxml-in-pandas)\n - [https://lxml.de/FAQ.html](https://lxml.de/FAQ.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.sqli.vertx-sqli.vertx-sqli",
-              "id": "java.lang.security.audit.sqli.vertx-sqli.vertx-sqli",
-              "name": "java.lang.security.audit.sqli.vertx-sqli.vertx-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.sqli.vertx-sqli.vertx-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "ruby.lang.security.force-ssl-false.force-ssl-false",
+              "name": "ruby.lang.security.force-ssl-false.force-ssl-false",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.force-ssl-false.force-ssl-false"
               },
-              "fullDescription": {
-                "text": "Detected user input entering a method which executes a system command. This could result in a command injection vulnerability, which allows an attacker to inject an arbitrary system command onto the server. The attacker could download malware onto or steal data from the server. Instead, use ProcessBuilder, separating the command into individual arguments, like this: `new ProcessBuilder(\"ls\", \"-al\", targetDirectory)`. Further, make sure you hardcode or allowlist the actual command so that attackers can't run arbitrary commands."
+              "full_description": {
+                "text": "Checks for configuration setting of force_ssl to false. Force_ssl forces usage of HTTPS, which could lead to network interception of unencrypted application traffic. To fix, set config.force_ssl = true."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.force-ssl-false.force-ssl-false",
               "help": {
-                "markdown": "Detected user input entering a method which executes a system command. This could result in a command injection vulnerability, which allows an attacker to inject an arbitrary system command onto the server. The attacker could download malware onto or steal data from the server. Instead, use ProcessBuilder, separating the command into individual arguments, like this: `new ProcessBuilder(\"ls\", \"-al\", targetDirectory)`. Further, make sure you hardcode or allowlist the actual command so that attackers can't run arbitrary commands.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.injection.tainted-system-command.tainted-system-command)\n - [https://www.stackhawk.com/blog/command-injection-java/](https://www.stackhawk.com/blog/command-injection-java/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/OS_Command_Injection_Defense_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/OS_Command_Injection_Defense_Cheat_Sheet.html)\n - [https://github.com/github/codeql/blob/main/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.java](https://github.com/github/codeql/blob/main/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.java)\n",
-                "text": "Detected user input entering a method which executes a system command. This could result in a command injection vulnerability, which allows an attacker to inject an arbitrary system command onto the server. The attacker could download malware onto or steal data from the server. Instead, use ProcessBuilder, separating the command into individual arguments, like this: `new ProcessBuilder(\"ls\", \"-al\", targetDirectory)`. Further, make sure you hardcode or allowlist the actual command so that attackers can't run arbitrary commands.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for configuration setting of force_ssl to false. Force_ssl forces usage of HTTPS, which could lead to network interception of unencrypted application traffic. To fix, set config.force_ssl = true.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for configuration setting of force_ssl to false. Force_ssl forces usage of HTTPS, which could lead to network interception of unencrypted application traffic. To fix, set config.force_ssl = true.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.force-ssl-false.force-ssl-false)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_force_ssl.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_force_ssl.rb)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.injection.tainted-system-command.tainted-system-command",
-              "id": "java.spring.security.injection.tainted-system-command.tainted-system-command",
-              "name": "java.spring.security.injection.tainted-system-command.tainted-system-command",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "CWE-311: Missing Encryption of Sensitive Data",
                   "HIGH CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.injection.tainted-system-command.tainted-system-command"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.express-phantom-injection.express-phantom-injection",
+              "name": "javascript.express.security.express-phantom-injection.express-phantom-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-phantom-injection.express-phantom-injection"
               },
-              "fullDescription": {
-                "text": "The package `net/http/cgi` is on the import blocklist.  The package is vulnerable to httpoxy attacks (CVE-2015-5386). It is recommended to use `net/http` or a web framework to build a web application instead."
+              "full_description": {
+                "text": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-phantom-injection.express-phantom-injection",
               "help": {
-                "markdown": "The package `net/http/cgi` is on the import blocklist.  The package is vulnerable to httpoxy attacks (CVE-2015-5386). It is recommended to use `net/http` or a web framework to build a web application instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.bad_imports.insecure-module-used)\n - [https://godoc.org/golang.org/x/crypto/sha3](https://godoc.org/golang.org/x/crypto/sha3)\n",
-                "text": "The package `net/http/cgi` is on the import blocklist.  The package is vulnerable to httpoxy attacks (CVE-2015-5386). It is recommended to use `net/http` or a web framework to build a web application instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-phantom-injection.express-phantom-injection)\n - [https://phantomjs.org/page-automation.html](https://phantomjs.org/page-automation.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.bad_imports.insecure-module-used",
-              "id": "go.lang.security.audit.crypto.bad_imports.insecure-module-used",
-              "name": "go.lang.security.audit.crypto.bad_imports.insecure-module-used",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.bad_imports.insecure-module-used"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.erc677-reentrancy.erc677-reentrancy",
+              "name": "solidity.security.erc677-reentrancy.erc677-reentrancy",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.erc677-reentrancy.erc677-reentrancy"
               },
-              "fullDescription": {
-                "text": "Ensure that IAM policies don't allow data exfiltration actions that are not resource-constrained. This can allow the user to read sensitive data they don't need to read. Instead, make sure that the user granted these privileges are given these permissions on specific resources."
+              "full_description": {
+                "text": "ERC677 callAfterTransfer() reentrancy"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/solidity.security.erc677-reentrancy.erc677-reentrancy",
               "help": {
-                "markdown": "Ensure that IAM policies don't allow data exfiltration actions that are not resource-constrained. This can allow the user to read sensitive data they don't need to read. Instead, make sure that the user granted these privileges are given these permissions on specific resources.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.iam.no-iam-data-exfiltration.no-iam-data-exfiltration)\n - [https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMDataExfiltration.py](https://github.com/bridgecrewio/checkov/blob/ca830e14745c2c8e1b941985f305abe985d7f1f9/checkov/terraform/checks/data/aws/IAMDataExfiltration.py)\n - [https://cloudsplaining.readthedocs.io/en/latest/glossary/data-exfiltration/](https://cloudsplaining.readthedocs.io/en/latest/glossary/data-exfiltration/)\n",
-                "text": "Ensure that IAM policies don't allow data exfiltration actions that are not resource-constrained. This can allow the user to read sensitive data they don't need to read. Instead, make sure that the user granted these privileges are given these permissions on specific resources.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "ERC677 callAfterTransfer() reentrancy\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "ERC677 callAfterTransfer() reentrancy\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.erc677-reentrancy.erc677-reentrancy)\n - [https://twitter.com/peckshield/status/1509431646818234369](https://twitter.com/peckshield/status/1509431646818234369)\n - [https://twitter.com/blocksecteam/status/1509466576848064512](https://twitter.com/blocksecteam/status/1509466576848064512)\n - [https://explorer.fuse.io/address/0x139Eb08579eec664d461f0B754c1F8B569044611](https://explorer.fuse.io/address/0x139Eb08579eec664d461f0B754c1F8B569044611)\n - [https://explorer.fuse.io/address/0x5De15b5543c178C111915d6B8ae929Af01a8cC58](https://explorer.fuse.io/address/0x5De15b5543c178C111915d6B8ae929Af01a8cC58)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.iam.no-iam-data-exfiltration.no-iam-data-exfiltration",
-              "id": "terraform.lang.security.iam.no-iam-data-exfiltration.no-iam-data-exfiltration",
-              "name": "terraform.lang.security.iam.no-iam-data-exfiltration.no-iam-data-exfiltration",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "CWE-841: Improper Enforcement of Behavioral Workflow",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.iam.no-iam-data-exfiltration.no-iam-data-exfiltration"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.compatibility.python37.python37-compatibility-ipv4network2",
+              "name": "python.lang.compatibility.python37.python37-compatibility-ipv4network2",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-ipv4network2"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`)."
+              "full_description": {
+                "text": "IPv4Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv4network2",
               "help": {
-                "markdown": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.html-templates.security.var-in-script-tag.var-in-script-tag)\n - [https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A](https://adamj.eu/tech/2020/02/18/safely-including-data-for-javascript-in-a-django-template/?utm_campaign=Django%2BNewsletter&utm_medium=rss&utm_source=Django_Newsletter_12A)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n",
-                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "IPv4Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "IPv4Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv4network2)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.html-templates.security.var-in-script-tag.var-in-script-tag",
-              "id": "generic.html-templates.security.var-in-script-tag.var-in-script-tag",
-              "name": "generic.html-templates.security.var-in-script-tag.var-in-script-tag",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.html-templates.security.var-in-script-tag.var-in-script-tag"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open.insecure-urlopener-open",
+              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open.insecure-urlopener-open",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open.insecure-urlopener-open"
               },
-              "fullDescription": {
-                "text": "Appending `$SLICE` from multiple goroutines is not concurrency safe"
+              "full_description": {
+                "text": "Detected an unsecured transmission channel. 'URLopener.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open.insecure-urlopener-open",
               "help": {
-                "markdown": "Appending `$SLICE` from multiple goroutines is not concurrency safe\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.racy-append-to-slice.racy-append-to-slice)\n - [https://go.dev/blog/maps#concurrency](https://go.dev/blog/maps#concurrency)\n",
-                "text": "Appending `$SLICE` from multiple goroutines is not concurrency safe\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an unsecured transmission channel. 'URLopener.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an unsecured transmission channel. 'URLopener.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open.insecure-urlopener-open)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.open](https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.open)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.racy-append-to-slice.racy-append-to-slice",
-              "id": "trailofbits.go.racy-append-to-slice.racy-append-to-slice",
-              "name": "trailofbits.go.racy-append-to-slice.racy-append-to-slice",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.racy-append-to-slice.racy-append-to-slice"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+              "name": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.django-no-csrf-token.django-no-csrf-token"
               },
-              "fullDescription": {
-                "text": "ERC721 onERC721Received() reentrancy"
+              "full_description": {
+                "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.django.security.django-no-csrf-token.django-no-csrf-token",
               "help": {
-                "markdown": "ERC721 onERC721Received() reentrancy\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.erc721-reentrancy.erc721-reentrancy)\n - [https://blocksecteam.medium.com/when-safemint-becomes-unsafe-lessons-from-the-hypebears-security-incident-2965209bda2a](https://blocksecteam.medium.com/when-safemint-becomes-unsafe-lessons-from-the-hypebears-security-incident-2965209bda2a)\n - [https://etherscan.io/address/0x14e0a1f310e2b7e321c91f58847e98b8c802f6ef](https://etherscan.io/address/0x14e0a1f310e2b7e321c91f58847e98b8c802f6ef)\n",
-                "text": "ERC721 onERC721Received() reentrancy\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.django-no-csrf-token.django-no-csrf-token)\n - [https://docs.djangoproject.com/en/4.2/howto/csrf/](https://docs.djangoproject.com/en/4.2/howto/csrf/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.erc721-reentrancy.erc721-reentrancy",
-              "id": "solidity.security.erc721-reentrancy.erc721-reentrancy",
-              "name": "solidity.security.erc721-reentrancy.erc721-reentrancy",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-841: Improper Enforcement of Behavioral Workflow",
-                  "HIGH CONFIDENCE",
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.erc721-reentrancy.erc721-reentrancy"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.missing-athena-workgroup-encryption.missing-athena-workgroup-encryption",
+              "name": "terraform.aws.security.missing-athena-workgroup-encryption.missing-athena-workgroup-encryption",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.missing-athena-workgroup-encryption.missing-athena-workgroup-encryption"
               },
-              "fullDescription": {
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              "full_description": {
+                "text": "The AWS Athena Workgroup is unencrypted. Encryption protects query results in your workgroup. To enable, add: `encryption_configuration { encryption_option = \"SSE_KMS\" kms_key_arn =  aws_kms_key.example.arn }` within `result_configuration { }` in your resource block,  where `encryption_option` is your chosen encryption method and `kms_key_arn`  is your KMS key ARN."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.missing-athena-workgroup-encryption.missing-athena-workgroup-encryption",
               "help": {
-                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-jwt-hardcoded-secret.express-jwt-hardcoded-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n",
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The AWS Athena Workgroup is unencrypted. Encryption protects query results in your workgroup. To enable, add: `encryption_configuration { encryption_option = \"SSE_KMS\" kms_key_arn =  aws_kms_key.example.arn }` within `result_configuration { }` in your resource block,  where `encryption_option` is your chosen encryption method and `kms_key_arn`  is your KMS key ARN.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The AWS Athena Workgroup is unencrypted. Encryption protects query results in your workgroup. To enable, add: `encryption_configuration { encryption_option = \"SSE_KMS\" kms_key_arn =  aws_kms_key.example.arn }` within `result_configuration { }` in your resource block,  where `encryption_option` is your chosen encryption method and `kms_key_arn`  is your KMS key ARN.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.missing-athena-workgroup-encryption.missing-athena-workgroup-encryption)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-jwt-hardcoded-secret.express-jwt-hardcoded-secret",
-              "id": "javascript.express.security.express-jwt-hardcoded-secret.express-jwt-hardcoded-secret",
-              "name": "javascript.express.security.express-jwt-hardcoded-secret.express-jwt-hardcoded-secret",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-320: CWE CATEGORY: Key Management Errors",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-jwt-hardcoded-secret.express-jwt-hardcoded-secret"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.express-expat-xxe.express-expat-xxe",
+              "name": "javascript.express.security.express-expat-xxe.express-expat-xxe",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-expat-xxe.express-expat-xxe"
               },
-              "fullDescription": {
-                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data."
+              "full_description": {
+                "text": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-expat-xxe.express-expat-xxe",
               "help": {
-                "markdown": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.xxe.xmldocument-unsafe-parser-override.xmldocument-unsafe-parser-override)\n - [https://www.jardinesoftware.net/2016/05/26/xxe-and-net/](https://www.jardinesoftware.net/2016/05/26/xxe-and-net/)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks)\n",
-                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-expat-xxe.express-expat-xxe)\n - [https://github.com/astro/node-expat](https://github.com/astro/node-expat)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.xxe.xmldocument-unsafe-parser-override.xmldocument-unsafe-parser-override",
-              "id": "csharp.lang.security.xxe.xmldocument-unsafe-parser-override.xmldocument-unsafe-parser-override",
-              "name": "csharp.lang.security.xxe.xmldocument-unsafe-parser-override.xmldocument-unsafe-parser-override",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -26883,1471 +28084,1494 @@
                   "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.xxe.xmldocument-unsafe-parser-override.xmldocument-unsafe-parser-override"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag",
+              "name": "javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag"
               },
-              "fullDescription": {
-                "text": "Checks for requests to http (unencrypted) sites using grequests, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network."
+              "full_description": {
+                "text": "Cannot determine what '$UNK' is and it is used with a '<script>' tag. This could be susceptible to cross-site scripting (XSS). Ensure '$UNK' is not externally controlled, or sanitize this data."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag",
               "help": {
-                "markdown": "Checks for requests to http (unencrypted) sites using grequests, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.grequests-http-request.grequests-http-request)\n - [https://godoc.org/github.com/levigross/grequests#DoRegularRequest](https://godoc.org/github.com/levigross/grequests#DoRegularRequest)\n - [https://github.com/levigross/grequests](https://github.com/levigross/grequests)\n",
-                "text": "Checks for requests to http (unencrypted) sites using grequests, a popular HTTP client library. This is dangerous because it could result in plaintext PII being passed around the network.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Cannot determine what '$UNK' is and it is used with a '<script>' tag. This could be susceptible to cross-site scripting (XSS). Ensure '$UNK' is not externally controlled, or sanitize this data.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Cannot determine what '$UNK' is and it is used with a '<script>' tag. This could be susceptible to cross-site scripting (XSS). Ensure '$UNK' is not externally controlled, or sanitize this data.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag)\n - [https://www.developsec.com/2017/11/09/xss-in-a-script-tag/](https://www.developsec.com/2017/11/09/xss-in-a-script-tag/)\n - [https://github.com/juice-shop/juice-shop/blob/1ceb8751e986dacd3214a618c37e7411be6bc11a/routes/videoHandler.ts#L68](https://github.com/juice-shop/juice-shop/blob/1ceb8751e986dacd3214a618c37e7411be6bc11a/routes/videoHandler.ts#L68)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.grequests-http-request.grequests-http-request",
-              "id": "problem-based-packs.insecure-transport.go-stdlib.grequests-http-request.grequests-http-request",
-              "name": "problem-based-packs.insecure-transport.go-stdlib.grequests-http-request.grequests-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.grequests-http-request.grequests-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "javascript.express.security.audit.express-session-hardcoded-secret.express-session-hardcoded-secret",
+              "name": "javascript.express.security.audit.express-session-hardcoded-secret.express-session-hardcoded-secret",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.audit.express-session-hardcoded-secret.express-session-hardcoded-secret"
               },
-              "fullDescription": {
-                "text": "blockhash(block.number) and blockhash(block.number + N) always returns 0."
+              "full_description": {
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.audit.express-session-hardcoded-secret.express-session-hardcoded-secret",
               "help": {
-                "markdown": "blockhash(block.number) and blockhash(block.number + N) always returns 0.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.incorrect-use-of-blockhash.incorrect-use-of-blockhash)\n - [https://blog.positive.com/predicting-random-numbers-in-ethereum-smart-contracts-e5358c6b8620](https://blog.positive.com/predicting-random-numbers-in-ethereum-smart-contracts-e5358c6b8620)\n",
-                "text": "blockhash(block.number) and blockhash(block.number + N) always returns 0.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-session-hardcoded-secret.express-session-hardcoded-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.incorrect-use-of-blockhash.incorrect-use-of-blockhash",
-              "id": "solidity.security.incorrect-use-of-blockhash.incorrect-use-of-blockhash",
-              "name": "solidity.security.incorrect-use-of-blockhash.incorrect-use-of-blockhash",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-341: Predictable from Observable State",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "HIGH CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.incorrect-use-of-blockhash.incorrect-use-of-blockhash"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "trailofbits.go.sync-mutex-value-copied.sync-mutex-value-copied",
+              "name": "trailofbits.go.sync-mutex-value-copied.sync-mutex-value-copied",
+              "short_description": {
+                "text": "Semgrep Finding: trailofbits.go.sync-mutex-value-copied.sync-mutex-value-copied"
               },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a pg Ruby SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized queries like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])` And you can use prepared statements with `exec_prepared`."
+              "full_description": {
+                "text": "A `sync.Mutex` is copied in function `$FUNC` given that `$T` is value receiver.  As a result, the struct `$T` may not be locked as intended"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/trailofbits.go.sync-mutex-value-copied.sync-mutex-value-copied",
               "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a pg Ruby SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized queries like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])` And you can use prepared statements with `exec_prepared`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.sqli.ruby-pg-sqli.ruby-pg-sqli)\n - [https://www.rubydoc.info/gems/pg/PG/Connection](https://www.rubydoc.info/gems/pg/PG/Connection)\n",
-                "text": "Detected string concatenation with a non-literal variable in a pg Ruby SQL statement. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized queries like so: `conn.exec_params('SELECT $1 AS a, $2 AS b, $3 AS c', [1, 2, nil])` And you can use prepared statements with `exec_prepared`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "A `sync.Mutex` is copied in function `$FUNC` given that `$T` is value receiver.  As a result, the struct `$T` may not be locked as intended\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "A `sync.Mutex` is copied in function `$FUNC` given that `$T` is value receiver.  As a result, the struct `$T` may not be locked as intended\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.sync-mutex-value-copied.sync-mutex-value-copied)\n - [https://go101.org/article/concurrent-common-mistakes.html](https://go101.org/article/concurrent-common-mistakes.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.sqli.ruby-pg-sqli.ruby-pg-sqli",
-              "id": "ruby.rails.security.audit.sqli.ruby-pg-sqli.ruby-pg-sqli",
-              "name": "ruby.rails.security.audit.sqli.ruby-pg-sqli.ruby-pg-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-688: Function Call With Incorrect Variable or Reference as Argument",
+                  "HIGH CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.sqli.ruby-pg-sqli.ruby-pg-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.bluebird.security.audit.tofastproperties-code-execution.tofastproperties-code-execution",
+              "name": "javascript.bluebird.security.audit.tofastproperties-code-execution.tofastproperties-code-execution",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.bluebird.security.audit.tofastproperties-code-execution.tofastproperties-code-execution"
               },
-              "fullDescription": {
-                "text": "Possibility of prototype polluting function detected. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf). Possible mitigations might be: freezing the object prototype, using an object without prototypes (via Object.create(null) ), blocking modifications of attributes that resolve to object prototype, using Map instead of object."
+              "full_description": {
+                "text": "Potential arbitrary code execution, whatever is provided to `toFastProperties` is sent straight to eval()"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/javascript.bluebird.security.audit.tofastproperties-code-execution.tofastproperties-code-execution",
               "help": {
-                "markdown": "Possibility of prototype polluting function detected. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf). Possible mitigations might be: freezing the object prototype, using an object without prototypes (via Object.create(null) ), blocking modifications of attributes that resolve to object prototype, using Map instead of object.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop)\n - [https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf](https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf)\n",
-                "text": "Possibility of prototype polluting function detected. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf). Possible mitigations might be: freezing the object prototype, using an object without prototypes (via Object.create(null) ), blocking modifications of attributes that resolve to object prototype, using Map instead of object.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Potential arbitrary code execution, whatever is provided to `toFastProperties` is sent straight to eval()\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Potential arbitrary code execution, whatever is provided to `toFastProperties` is sent straight to eval()\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.bluebird.security.audit.tofastproperties-code-execution.tofastproperties-code-execution)\n - [http://bluebirdjs.com/docs/getting-started.html](http://bluebirdjs.com/docs/getting-started.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop",
-              "id": "javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop",
-              "name": "javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.bad-deserialization.bad-deserialization",
+              "name": "ruby.lang.security.bad-deserialization.bad-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.bad-deserialization.bad-deserialization"
               },
-              "fullDescription": {
-                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP."
+              "full_description": {
+                "text": "Checks for unsafe deserialization. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of load and object_load can cause remote code execution. Loading user input with MARSHAL or CSV can potentially be dangerous. Use JSON in a secure fashion instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.bad-deserialization.bad-deserialization",
               "help": {
-                "markdown": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.ldap-bind-without-password.ldap-bind-without-password)\n - [https://www.php.net/manual/en/function.ldap-bind.php](https://www.php.net/manual/en/function.ldap-bind.php)\n",
-                "text": "Detected anonymous LDAP bind. This permits anonymous users to execute LDAP statements. Consider enforcing authentication for LDAP.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for unsafe deserialization. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of load and object_load can cause remote code execution. Loading user input with MARSHAL or CSV can potentially be dangerous. Use JSON in a secure fashion instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for unsafe deserialization. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of load and object_load can cause remote code execution. Loading user input with MARSHAL or CSV can potentially be dangerous. Use JSON in a secure fashion instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.bad-deserialization.bad-deserialization)\n - [https://groups.google.com/g/rubyonrails-security/c/61bkgvnSGTQ/m/nehwjA8tQ8EJ](https://groups.google.com/g/rubyonrails-security/c/61bkgvnSGTQ/m/nehwjA8tQ8EJ)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_deserialize.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_deserialize.rb)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.ldap-bind-without-password.ldap-bind-without-password",
-              "id": "php.lang.security.ldap-bind-without-password.ldap-bind-without-password",
-              "name": "php.lang.security.ldap-bind-without-password.ldap-bind-without-password",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-287: Improper Authentication",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.ldap-bind-without-password.ldap-bind-without-password"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.rails.security.audit.avoid-tainted-file-access.avoid-tainted-file-access",
+              "name": "ruby.rails.security.audit.avoid-tainted-file-access.avoid-tainted-file-access",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.rails.security.audit.avoid-tainted-file-access.avoid-tainted-file-access"
               },
-              "fullDescription": {
-                "text": "Detected a dynamic value being used with urllib. urllib supports 'file://' schemes, so a dynamic value controlled by a malicious actor may allow them to read arbitrary files. Audit uses of urllib calls to ensure user data cannot control the URLs, or consider using the 'requests' library instead."
+              "full_description": {
+                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-file-access.avoid-tainted-file-access",
               "help": {
-                "markdown": "Detected a dynamic value being used with urllib. urllib supports 'file://' schemes, so a dynamic value controlled by a malicious actor may allow them to read arbitrary files. Audit uses of urllib calls to ensure user data cannot control the URLs, or consider using the 'requests' library instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected)\n - [https://cwe.mitre.org/data/definitions/939.html](https://cwe.mitre.org/data/definitions/939.html)\n",
-                "text": "Detected a dynamic value being used with urllib. urllib supports 'file://' schemes, so a dynamic value controlled by a malicious actor may allow them to read arbitrary files. Audit uses of urllib calls to ensure user data cannot control the URLs, or consider using the 'requests' library instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-file-access.avoid-tainted-file-access)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected",
-              "id": "python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected",
-              "name": "python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-939: Improper Authorization in Handler for Custom URL Scheme",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.github-actions.security.allowed-unsecure-commands.allowed-unsecure-commands",
+              "name": "yaml.github-actions.security.allowed-unsecure-commands.allowed-unsecure-commands",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.github-actions.security.allowed-unsecure-commands.allowed-unsecure-commands"
               },
-              "fullDescription": {
-                "text": "The `func ($O *$CODEC) ReadRequestBody($ARG $TYPE) error` function does not handle `nil` argument, as the `ServerCodec` interface requires. An incorrect implementation could lead to denial of service"
+              "full_description": {
+                "text": "The environment variable `ACTIONS_ALLOW_UNSECURE_COMMANDS` grants this workflow permissions to use the `set-env` and `add-path` commands. There is a vulnerability in these commands that could result in environment variables being modified by an attacker. Depending on the use of the environment variable, this could enable an attacker to, at worst, modify the system path to run a different command than intended, resulting in arbitrary code execution. This could result in stolen code or secrets. Don't use `ACTIONS_ALLOW_UNSECURE_COMMANDS`. Instead, use Environment Files. See https://github.com/actions/toolkit/blob/main/docs/commands.md#environment-files for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.github-actions.security.allowed-unsecure-commands.allowed-unsecure-commands",
               "help": {
-                "markdown": "The `func ($O *$CODEC) ReadRequestBody($ARG $TYPE) error` function does not handle `nil` argument, as the `ServerCodec` interface requires. An incorrect implementation could lead to denial of service\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.servercodec-readrequestbody-unhandled-nil.servercodec-readrequestbody-unhandled-nil)\n - [https://github.com/golang/go/blob/go1.15.2/src/net/rpc/server.go#L643-L658](https://github.com/golang/go/blob/go1.15.2/src/net/rpc/server.go#L643-L658)\n",
-                "text": "The `func ($O *$CODEC) ReadRequestBody($ARG $TYPE) error` function does not handle `nil` argument, as the `ServerCodec` interface requires. An incorrect implementation could lead to denial of service\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "The environment variable `ACTIONS_ALLOW_UNSECURE_COMMANDS` grants this workflow permissions to use the `set-env` and `add-path` commands. There is a vulnerability in these commands that could result in environment variables being modified by an attacker. Depending on the use of the environment variable, this could enable an attacker to, at worst, modify the system path to run a different command than intended, resulting in arbitrary code execution. This could result in stolen code or secrets. Don't use `ACTIONS_ALLOW_UNSECURE_COMMANDS`. Instead, use Environment Files. See https://github.com/actions/toolkit/blob/main/docs/commands.md#environment-files for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "The environment variable `ACTIONS_ALLOW_UNSECURE_COMMANDS` grants this workflow permissions to use the `set-env` and `add-path` commands. There is a vulnerability in these commands that could result in environment variables being modified by an attacker. Depending on the use of the environment variable, this could enable an attacker to, at worst, modify the system path to run a different command than intended, resulting in arbitrary code execution. This could result in stolen code or secrets. Don't use `ACTIONS_ALLOW_UNSECURE_COMMANDS`. Instead, use Environment Files. See https://github.com/actions/toolkit/blob/main/docs/commands.md#environment-files for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.allowed-unsecure-commands.allowed-unsecure-commands)\n - [https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/](https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/)\n - [https://github.com/actions/toolkit/security/advisories/GHSA-mfwh-5m23-j46w](https://github.com/actions/toolkit/security/advisories/GHSA-mfwh-5m23-j46w)\n - [https://github.com/actions/toolkit/blob/main/docs/commands.md#environment-files](https://github.com/actions/toolkit/blob/main/docs/commands.md#environment-files)\n"
               },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.servercodec-readrequestbody-unhandled-nil.servercodec-readrequestbody-unhandled-nil",
-              "id": "trailofbits.go.servercodec-readrequestbody-unhandled-nil.servercodec-readrequestbody-unhandled-nil",
-              "name": "trailofbits.go.servercodec-readrequestbody-unhandled-nil.servercodec-readrequestbody-unhandled-nil",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-476: NULL Pointer Dereference",
-                  "HIGH CONFIDENCE",
+                  "CWE-749: Exposed Dangerous Method or Function",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A06:2017 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.servercodec-readrequestbody-unhandled-nil.servercodec-readrequestbody-unhandled-nil"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.injection.email.xss-html-email-body.xss-html-email-body",
+              "name": "python.django.security.injection.email.xss-html-email-body.xss-html-email-body",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.injection.email.xss-html-email-body.xss-html-email-body"
               },
-              "fullDescription": {
-                "text": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements."
+              "full_description": {
+                "text": "Found request data in an EmailMessage that is set to use HTML. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.injection.email.xss-html-email-body.xss-html-email-body",
               "help": {
-                "markdown": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sqlalchemy.security.sqlalchemy-sql-injection.sqlalchemy-sql-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Distinct, Having, Group_by, Order_by, and Filter in SQLAlchemy can cause sql injections if the developer inputs raw SQL into the before-mentioned clauses. This pattern captures relevant cases in which the developer inputs raw SQL into the distinct, having, group_by, order_by or filter clauses and injects user-input into the raw SQL with any function besides \"bindparams\". Use bindParams to securely bind user-input to SQL statements.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found request data in an EmailMessage that is set to use HTML. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found request data in an EmailMessage that is set to use HTML. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.email.xss-html-email-body.xss-html-email-body)\n - [https://www.damonkohler.com/2008/12/email-injection.html](https://www.damonkohler.com/2008/12/email-injection.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.sqlalchemy.security.sqlalchemy-sql-injection.sqlalchemy-sql-injection",
-              "id": "python.sqlalchemy.security.sqlalchemy-sql-injection.sqlalchemy-sql-injection",
-              "name": "python.sqlalchemy.security.sqlalchemy-sql-injection.sqlalchemy-sql-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.sqlalchemy.security.sqlalchemy-sql-injection.sqlalchemy-sql-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.lang.security.weak-hashes-md5.weak-hashes-md5",
+              "name": "ruby.lang.security.weak-hashes-md5.weak-hashes-md5",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.lang.security.weak-hashes-md5.weak-hashes-md5"
               },
-              "fullDescription": {
-                "text": "Ensure ImageBuilder component is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Should not use md5 to generate hashes. md5 is proven to be vulnerable through the use of brute-force attacks. Could also result in collisions, leading to potential collision attacks. Use SHA256 or other hashing functions instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.lang.security.weak-hashes-md5.weak-hashes-md5",
               "help": {
-                "markdown": "Ensure ImageBuilder component is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-imagebuilder-component-encrypted-with-cmk.aws-imagebuilder-component-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure ImageBuilder component is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Should not use md5 to generate hashes. md5 is proven to be vulnerable through the use of brute-force attacks. Could also result in collisions, leading to potential collision attacks. Use SHA256 or other hashing functions instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Should not use md5 to generate hashes. md5 is proven to be vulnerable through the use of brute-force attacks. Could also result in collisions, leading to potential collision attacks. Use SHA256 or other hashing functions instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.weak-hashes-md5.weak-hashes-md5)\n - [https://www.ibm.com/support/pages/security-bulletin-vulnerability-md5-signature-and-hash-algorithm-affects-sterling-integrator-and-sterling-file-gateway-cve-2015-7575](https://www.ibm.com/support/pages/security-bulletin-vulnerability-md5-signature-and-hash-algorithm-affects-sterling-integrator-and-sterling-file-gateway-cve-2015-7575)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-imagebuilder-component-encrypted-with-cmk.aws-imagebuilder-component-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-imagebuilder-component-encrypted-with-cmk.aws-imagebuilder-component-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-imagebuilder-component-encrypted-with-cmk.aws-imagebuilder-component-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
+                  "CWE-328: Use of Weak Hash",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-imagebuilder-component-encrypted-with-cmk.aws-imagebuilder-component-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Found 'importlib.resources', which is a module only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Use importlib_resources instead for older Python versions."
-              },
-              "help": {
-                "markdown": "Found 'importlib.resources', which is a module only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Use importlib_resources instead for older Python versions.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib2)\n",
-                "text": "Found 'importlib.resources', which is a module only available on Python 3.7+. This does not work in lower versions, and therefore is not backwards compatible. Use importlib_resources instead for older Python versions.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "id": "scala.slick.security.scala-slick-overridesql-literal.scala-slick-overrideSql-literal",
+              "name": "scala.slick.security.scala-slick-overridesql-literal.scala-slick-overrideSql-literal",
+              "short_description": {
+                "text": "Semgrep Finding: scala.slick.security.scala-slick-overridesql-literal.scala-slick-overrideSql-literal"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib2",
-              "id": "python.lang.compatibility.python37.python37-compatibility-importlib2",
-              "name": "python.lang.compatibility.python37.python37-compatibility-importlib2",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
+              "full_description": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using non literal values in `overrideSql(...)`."
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-importlib2"
-              }
-            },
-            {
-              "defaultConfiguration": {
+              "default_configuration": {
+                "enabled": true,
                 "level": "error"
               },
-              "fullDescription": {
-                "text": "math.remainder is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use math.fmod() or calculate $X - n* $Y."
-              },
+              "help_uri": "https://semgrep.dev/r/scala.slick.security.scala-slick-overridesql-literal.scala-slick-overrideSql-literal",
               "help": {
-                "markdown": "math.remainder is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use math.fmod() or calculate $X - n* $Y.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-math1)\n",
-                "text": "math.remainder is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use math.fmod() or calculate $X - n* $Y.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using non literal values in `overrideSql(...)`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using non literal values in `overrideSql(...)`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.slick.security.scala-slick-overridesql-literal.scala-slick-overrideSql-literal)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-math1",
-              "id": "python.lang.compatibility.python37.python37-compatibility-math1",
-              "name": "python.lang.compatibility.python37.python37-compatibility-math1",
               "properties": {
                 "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-math1"
+                "tags": [
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
+                  "security"
+                ]
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token",
+              "name": "generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token",
+              "short_description": {
+                "text": "Semgrep Finding: generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token"
               },
-              "fullDescription": {
-                "text": "The use of $sce.trustAsHtml can be dangerous if unsanitized user input flows through this API."
+              "full_description": {
+                "text": "Google OAuth Access Token detected"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token",
               "help": {
-                "markdown": "The use of $sce.trustAsHtml can be dangerous if unsanitized user input flows through this API.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-html-method.detect-angular-trust-as-html-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsHtml](https://docs.angularjs.org/api/ng/service/$sce#trustAsHtml)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "The use of $sce.trustAsHtml can be dangerous if unsanitized user input flows through this API.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Google OAuth Access Token detected\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Google OAuth Access Token detected\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-html-method.detect-angular-trust-as-html-method",
-              "id": "javascript.angular.security.detect-angular-trust-as-html-method.detect-angular-trust-as-html-method",
-              "name": "javascript.angular.security.detect-angular-trust-as-html-method.detect-angular-trust-as-html-method",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "CWE-798: Use of Hard-coded Credentials",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-html-method.detect-angular-trust-as-html-method"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.do-privileged-use.do-privileged-use",
+              "name": "java.lang.security.do-privileged-use.do-privileged-use",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.do-privileged-use.do-privileged-use"
               },
-              "fullDescription": {
-                "text": "Detected 'urllib.urlopen()' using 'ftp://'. This request will not be encrypted. Consider using SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP."
+              "full_description": {
+                "text": "Marking code as privileged enables a piece of trusted code to temporarily enable access to more resources than are available directly to the code that called it. Be very careful in your use of the privileged construct, and always remember to make the privileged code section as small as possible."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.do-privileged-use.do-privileged-use",
               "help": {
-                "markdown": "Detected 'urllib.urlopen()' using 'ftp://'. This request will not be encrypted. Consider using SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopen-ftp.insecure-urlopen-ftp)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.urlopen](https://docs.python.org/3/library/urllib.request.html#urllib.request.urlopen)\n",
-                "text": "Detected 'urllib.urlopen()' using 'ftp://'. This request will not be encrypted. Consider using SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Marking code as privileged enables a piece of trusted code to temporarily enable access to more resources than are available directly to the code that called it. Be very careful in your use of the privileged construct, and always remember to make the privileged code section as small as possible.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Marking code as privileged enables a piece of trusted code to temporarily enable access to more resources than are available directly to the code that called it. Be very careful in your use of the privileged construct, and always remember to make the privileged code section as small as possible.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.do-privileged-use.do-privileged-use)\n - [https://docs.oracle.com/javase/8/docs/technotes/guides/security/doprivileged.html](https://docs.oracle.com/javase/8/docs/technotes/guides/security/doprivileged.html)\n - [https://wiki.sei.cmu.edu/confluence/display/java/Privilege+Escalation](https://wiki.sei.cmu.edu/confluence/display/java/Privilege+Escalation)\n - [http://phrack.org/papers/escaping_the_java_sandbox.html](http://phrack.org/papers/escaping_the_java_sandbox.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopen-ftp.insecure-urlopen-ftp",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopen-ftp.insecure-urlopen-ftp",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopen-ftp.insecure-urlopen-ftp",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "CWE-269: Improper Privilege Management",
                   "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopen-ftp.insecure-urlopen-ftp"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode",
+              "name": "ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode",
+              "short_description": {
+                "text": "Semgrep Finding: ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode"
               },
-              "fullDescription": {
-                "text": "Detected an insecure redirect in this nginx configuration. If no scheme is specified, nginx will forward the request with the incoming scheme. This could result in unencrypted communications. To fix this, include the 'https' scheme."
+              "full_description": {
+                "text": "'open_out' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_out_bin' or 'open_out_gen [Open_binary]'. If you really want LF-to-CRLF translations to take place when running on Windows, use 'open_out_gen [Open_text]'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode",
               "help": {
-                "markdown": "Detected an insecure redirect in this nginx configuration. If no scheme is specified, nginx will forward the request with the incoming scheme. This could result in unencrypted communications. To fix this, include the 'https' scheme.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.insecure-redirect.insecure-redirect)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected an insecure redirect in this nginx configuration. If no scheme is specified, nginx will forward the request with the incoming scheme. This could result in unencrypted communications. To fix this, include the 'https' scheme.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'open_out' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_out_bin' or 'open_out_gen [Open_binary]'. If you really want LF-to-CRLF translations to take place when running on Windows, use 'open_out_gen [Open_text]'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'open_out' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_out_bin' or 'open_out_gen [Open_binary]'. If you really want LF-to-CRLF translations to take place when running on Windows, use 'open_out_gen [Open_text]'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.nginx.security.insecure-redirect.insecure-redirect",
-              "id": "generic.nginx.security.insecure-redirect.insecure-redirect",
-              "name": "generic.nginx.security.insecure-redirect.insecure-redirect",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.nginx.security.insecure-redirect.insecure-redirect"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode",
+              "name": "ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode",
+              "short_description": {
+                "text": "Semgrep Finding: ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode"
               },
-              "fullDescription": {
-                "text": "The use of $sce.trustAsUrl can be dangerous if unsanitized user input flows through this API."
+              "full_description": {
+                "text": "'open_in' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_in_bin' or 'open_in_gen [Open_binary]'. If you really want CRLF-to-LF translations to take place when running on Windows, use 'open_in_gen [Open_text]'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode",
               "help": {
-                "markdown": "The use of $sce.trustAsUrl can be dangerous if unsanitized user input flows through this API.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-url-method.detect-angular-trust-as-url-method)\n - [https://docs.angularjs.org/api/ng/service/$sce#trustAsUrl](https://docs.angularjs.org/api/ng/service/$sce#trustAsUrl)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "The use of $sce.trustAsUrl can be dangerous if unsanitized user input flows through this API.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "'open_in' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_in_bin' or 'open_in_gen [Open_binary]'. If you really want CRLF-to-LF translations to take place when running on Windows, use 'open_in_gen [Open_text]'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "'open_in' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_in_bin' or 'open_in_gen [Open_binary]'. If you really want CRLF-to-LF translations to take place when running on Windows, use 'open_in_gen [Open_text]'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-trust-as-url-method.detect-angular-trust-as-url-method",
-              "id": "javascript.angular.security.detect-angular-trust-as-url-method.detect-angular-trust-as-url-method",
-              "name": "javascript.angular.security.detect-angular-trust-as-url-method.detect-angular-trust-as-url-method",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-trust-as-url-method.detect-angular-trust-as-url-method"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.aws-lambda.security.activerecord-sqli.activerecord-sqli",
+              "name": "ruby.aws-lambda.security.activerecord-sqli.activerecord-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.aws-lambda.security.activerecord-sqli.activerecord-sqli"
               },
-              "fullDescription": {
-                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `Example.find_by_sql [\"SELECT title FROM posts WHERE author = ? AND created > ?\", author_id, start_date]`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/ruby.aws-lambda.security.activerecord-sqli.activerecord-sqli",
               "help": {
-                "markdown": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.xxe.xmltextreader-unsafe-defaults.xmltextreader-unsafe-defaults)\n - [https://www.jardinesoftware.net/2016/05/26/xxe-and-net/](https://www.jardinesoftware.net/2016/05/26/xxe-and-net/)\n - [https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks](https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks)\n",
-                "text": "XmlReaderSettings found with DtdProcessing.Parse on an XmlReader handling a string argument from a public method. Enabling Document Type Definition (DTD) parsing may cause XML External Entity (XXE) injection if supplied with user-controllable data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `Example.find_by_sql [\"SELECT title FROM posts WHERE author = ? AND created > ?\", author_id, start_date]`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `Example.find_by_sql [\"SELECT title FROM posts WHERE author = ? AND created > ?\", author_id, start_date]`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.activerecord-sqli.activerecord-sqli)\n - [https://guides.rubyonrails.org/active_record_querying.html#finding-by-sql](https://guides.rubyonrails.org/active_record_querying.html#finding-by-sql)\n"
               },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.xxe.xmltextreader-unsafe-defaults.xmltextreader-unsafe-defaults",
-              "id": "csharp.lang.security.xxe.xmltextreader-unsafe-defaults.xmltextreader-unsafe-defaults",
-              "name": "csharp.lang.security.xxe.xmltextreader-unsafe-defaults.xmltextreader-unsafe-defaults",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.xxe.xmltextreader-unsafe-defaults.xmltextreader-unsafe-defaults"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "ruby.jwt.security.jwt-exposed-credentials.ruby-jwt-exposed-credentials",
+              "name": "ruby.jwt.security.jwt-exposed-credentials.ruby-jwt-exposed-credentials",
+              "short_description": {
+                "text": "Semgrep Finding: ruby.jwt.security.jwt-exposed-credentials.ruby-jwt-exposed-credentials"
               },
-              "fullDescription": {
-                "text": "Document Builder being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality."
+              "full_description": {
+                "text": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/ruby.jwt.security.jwt-exposed-credentials.ruby-jwt-exposed-credentials",
               "help": {
-                "markdown": "Document Builder being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.documentbuilder-dtd-enabled.documentbuilder-dtd-enabled)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n",
-                "text": "Document Builder being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Document builder can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.jwt.security.jwt-exposed-credentials.ruby-jwt-exposed-credentials)\n - [https://cwe.mitre.org/data/definitions/522.html](https://cwe.mitre.org/data/definitions/522.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.documentbuilder-dtd-enabled.documentbuilder-dtd-enabled",
-              "id": "scala.lang.security.audit.documentbuilder-dtd-enabled.documentbuilder-dtd-enabled",
-              "name": "scala.lang.security.audit.documentbuilder-dtd-enabled.documentbuilder-dtd-enabled",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+                  "CWE-522: Insufficiently Protected Credentials",
+                  "LOW CONFIDENCE",
+                  "OWASP-A02:2017 - Broken Authentication",
+                  "OWASP-A04:2021 - Insecure Design",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.documentbuilder-dtd-enabled.documentbuilder-dtd-enabled"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.httpget-http-request.httpget-http-request",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.httpget-http-request.httpget-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.httpget-http-request.httpget-http-request"
               },
-              "fullDescription": {
-                "text": "SendGrid API Key detected"
+              "full_description": {
+                "text": "Detected an HTTP request sent via HttpGet. This could lead to sensitive information being sent  over an insecure channel. Instead, it is recommended to send requests over HTTPS."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpget-http-request.httpget-http-request",
               "help": {
-                "markdown": "SendGrid API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-sendgrid-api-key.detected-sendgrid-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "SendGrid API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected an HTTP request sent via HttpGet. This could lead to sensitive information being sent  over an insecure channel. Instead, it is recommended to send requests over HTTPS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected an HTTP request sent via HttpGet. This could lead to sensitive information being sent  over an insecure channel. Instead, it is recommended to send requests over HTTPS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpget-http-request.httpget-http-request)\n - [https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URLConnection.html](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URLConnection.html)\n - [https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URL.html#openConnection()](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URL.html#openConnection())\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-sendgrid-api-key.detected-sendgrid-api-key",
-              "id": "generic.secrets.security.detected-sendgrid-api-key.detected-sendgrid-api-key",
-              "name": "generic.secrets.security.detected-sendgrid-api-key.detected-sendgrid-api-key",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-sendgrid-api-key.detected-sendgrid-api-key"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.express.security.express-vm-injection.express-vm-injection",
+              "name": "javascript.express.security.express-vm-injection.express-vm-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.express.security.express-vm-injection.express-vm-injection"
               },
-              "fullDescription": {
-                "text": "Detected a `$IMPORT` SQL statement that comes from a function argument. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements."
+              "full_description": {
+                "text": "Make sure that unverified user data can not reach `$VM`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.express.security.express-vm-injection.express-vm-injection",
               "help": {
-                "markdown": "Detected a `$IMPORT` SQL statement that comes from a function argument. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-mysql-sqli.node-mysql-sqli)\n - [https://www.npmjs.com/package/mysql2](https://www.npmjs.com/package/mysql2)\n - [https://www.npmjs.com/package/mysql](https://www.npmjs.com/package/mysql)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n",
-                "text": "Detected a `$IMPORT` SQL statement that comes from a function argument. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Make sure that unverified user data can not reach `$VM`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Make sure that unverified user data can not reach `$VM`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-vm-injection.express-vm-injection)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.sqli.node-mysql-sqli.node-mysql-sqli",
-              "id": "javascript.lang.security.audit.sqli.node-mysql-sqli.node-mysql-sqli",
-              "name": "javascript.lang.security.audit.sqli.node-mysql-sqli.node-mysql-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.sqli.node-mysql-sqli.node-mysql-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "generic.visualforce.security.ncino.html.usesriforcdns.use-SRI-for-CDNs",
+              "name": "generic.visualforce.security.ncino.html.usesriforcdns.use-SRI-for-CDNs",
+              "short_description": {
+                "text": "Semgrep Finding: generic.visualforce.security.ncino.html.usesriforcdns.use-SRI-for-CDNs"
               },
-              "fullDescription": {
-                "text": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your function app resource block"
+              "full_description": {
+                "text": "Consuming CDNs without including a SubResource Integrity (SRI) can expose your application and its users to compromised code. SRIs allow you to consume specific versions of content where if even a single byte is compromised, the resource will not be loaded. Add an integrity attribute to your <script> and <link> tags pointing to CDN content to ensure the resources have not been compromised. A crossorigin attribute should also be added. For a more thorough explanation along with explicit instructions on remediating, follow the directions from Mozilla here: https://developer.mozilla.org/en-US/blog/securing-cdn-using-sri-why-how/"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/generic.visualforce.security.ncino.html.usesriforcdns.use-SRI-for-CDNs",
               "help": {
-                "markdown": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your function app resource block\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.functionapp.functionapp-enable-http2.functionapp-enable-http2)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#http2_enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#http2_enabled)\n",
-                "text": "Use the latest version of HTTP to ensure you are benefiting from security fixes. Add `http2_enabled = true` to your function app resource block\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Consuming CDNs without including a SubResource Integrity (SRI) can expose your application and its users to compromised code. SRIs allow you to consume specific versions of content where if even a single byte is compromised, the resource will not be loaded. Add an integrity attribute to your <script> and <link> tags pointing to CDN content to ensure the resources have not been compromised. A crossorigin attribute should also be added. For a more thorough explanation along with explicit instructions on remediating, follow the directions from Mozilla here: https://developer.mozilla.org/en-US/blog/securing-cdn-using-sri-why-how/\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Consuming CDNs without including a SubResource Integrity (SRI) can expose your application and its users to compromised code. SRIs allow you to consume specific versions of content where if even a single byte is compromised, the resource will not be loaded. Add an integrity attribute to your <script> and <link> tags pointing to CDN content to ensure the resources have not been compromised. A crossorigin attribute should also be added. For a more thorough explanation along with explicit instructions on remediating, follow the directions from Mozilla here: https://developer.mozilla.org/en-US/blog/securing-cdn-using-sri-why-how/\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.visualforce.security.ncino.html.usesriforcdns.use-SRI-for-CDNs)\n - [https://cwe.mitre.org/data/definitions/352.html](https://cwe.mitre.org/data/definitions/352.html)\n - [https://developer.mozilla.org/en-US/blog/securing-cdn-using-sri-why-how/](https://developer.mozilla.org/en-US/blog/securing-cdn-using-sri-why-how/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.functionapp.functionapp-enable-http2.functionapp-enable-http2",
-              "id": "terraform.azure.security.functionapp.functionapp-enable-http2.functionapp-enable-http2",
-              "name": "terraform.azure.security.functionapp.functionapp-enable-http2.functionapp-enable-http2",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "CWE-346: Origin Validation Error",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.functionapp.functionapp-enable-http2.functionapp-enable-http2"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.mako-templates-detected.mako-templates-detected",
+              "name": "python.lang.security.audit.mako-templates-detected.mako-templates-detected",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.mako-templates-detected.mako-templates-detected"
               },
-              "fullDescription": {
-                "text": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
+              "full_description": {
+                "text": "Mako templates do not provide a global HTML escaping mechanism. This means you must escape all sensitive data in your templates using '| u' for URL escaping or '| h' for HTML escaping. If you are using Mako to serve web content, consider using a system such as Jinja2 which enables global escaping."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "note"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.mako-templates-detected.mako-templates-detected",
               "help": {
-                "markdown": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-fsx-lustre-filesystem-encrypted-with-cmk.aws-fsx-lustre-filesystem-encrypted-with-cmk)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Ensure FSX Lustre file system is encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Mako templates do not provide a global HTML escaping mechanism. This means you must escape all sensitive data in your templates using '| u' for URL escaping or '| h' for HTML escaping. If you are using Mako to serve web content, consider using a system such as Jinja2 which enables global escaping.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Mako templates do not provide a global HTML escaping mechanism. This means you must escape all sensitive data in your templates using '| u' for URL escaping or '| h' for HTML escaping. If you are using Mako to serve web content, consider using a system such as Jinja2 which enables global escaping.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.mako-templates-detected.mako-templates-detected)\n - [https://docs.makotemplates.org/en/latest/syntax.html#expression-escaping](https://docs.makotemplates.org/en/latest/syntax.html#expression-escaping)\n - [https://jinja.palletsprojects.com/en/2.11.x/intro/#](https://jinja.palletsprojects.com/en/2.11.x/intro/#)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-fsx-lustre-filesystem-encrypted-with-cmk.aws-fsx-lustre-filesystem-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-fsx-lustre-filesystem-encrypted-with-cmk.aws-fsx-lustre-filesystem-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-fsx-lustre-filesystem-encrypted-with-cmk.aws-fsx-lustre-filesystem-encrypted-with-cmk",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-fsx-lustre-filesystem-encrypted-with-cmk.aws-fsx-lustre-filesystem-encrypted-with-cmk"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing",
+              "name": "java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing"
               },
-              "fullDescription": {
-                "text": "Checks for requests to http (unencrypted) sites using some of ruby's most popular REST/HTTP libraries, including httparty and restclient."
+              "full_description": {
+                "text": "DOCTYPE declarations are enabled for this DocumentBuilderFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing",
               "help": {
-                "markdown": "Checks for requests to http (unencrypted) sites using some of ruby's most popular REST/HTTP libraries, including httparty and restclient.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.http-client-requests.http-client-requests)\n - [https://github.com/rest-client/rest-client](https://github.com/rest-client/rest-client)\n - [https://github.com/jnunemaker/httparty/tree/master/docs](https://github.com/jnunemaker/httparty/tree/master/docs)\n",
-                "text": "Checks for requests to http (unencrypted) sites using some of ruby's most popular REST/HTTP libraries, including httparty and restclient.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "DOCTYPE declarations are enabled for this DocumentBuilderFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "DOCTYPE declarations are enabled for this DocumentBuilderFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n - [https://xerces.apache.org/xerces2-j/features.html](https://xerces.apache.org/xerces2-j/features.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.http-client-requests.http-client-requests",
-              "id": "problem-based-packs.insecure-transport.ruby-stdlib.http-client-requests.http-client-requests",
-              "name": "problem-based-packs.insecure-transport.ruby-stdlib.http-client-requests.http-client-requests",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.ruby-stdlib.http-client-requests.http-client-requests"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.aws-lambda.security.sqlalchemy-sqli.sqlalchemy-sqli",
+              "name": "python.aws-lambda.security.sqlalchemy-sqli.sqlalchemy-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: python.aws-lambda.security.sqlalchemy-sqli.sqlalchemy-sqli"
               },
-              "fullDescription": {
-                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token."
+              "full_description": {
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = ?', 'active')`"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.aws-lambda.security.sqlalchemy-sqli.sqlalchemy-sqli",
               "help": {
-                "markdown": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.jsonwebtoken.security.audit.jwt-decode-without-verify.jwt-decode-without-verify)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n",
-                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims. Call '.verify()' before using the token.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = ?', 'active')`\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = ?', 'active')`\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.sqlalchemy-sqli.sqlalchemy-sqli)\n - [https://docs.sqlalchemy.org/en/14/core/connections.html#sqlalchemy.engine.Connection.execute](https://docs.sqlalchemy.org/en/14/core/connections.html#sqlalchemy.engine.Connection.execute)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.jsonwebtoken.security.audit.jwt-decode-without-verify.jwt-decode-without-verify",
-              "id": "javascript.jsonwebtoken.security.audit.jwt-decode-without-verify.jwt-decode-without-verify",
-              "name": "javascript.jsonwebtoken.security.audit.jwt-decode-without-verify.jwt-decode-without-verify",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-345: Insufficient Verification of Data Authenticity",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.jsonwebtoken.security.audit.jwt-decode-without-verify.jwt-decode-without-verify"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "csharp.lang.security.insecure-deserialization.newtonsoft.insecure-newtonsoft-deserialization",
+              "name": "csharp.lang.security.insecure-deserialization.newtonsoft.insecure-newtonsoft-deserialization",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.newtonsoft.insecure-newtonsoft-deserialization"
               },
-              "fullDescription": {
-                "text": "DOCTYPE declarations are enabled for javax.xml.parsers.SAXParserFactory. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false."
+              "full_description": {
+                "text": "TypeNameHandling $TYPEHANDLER is unsafe and can lead to arbitrary code execution in the context of the process. Use a custom SerializationBinder whenever using a setting other than TypeNameHandling.None."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.newtonsoft.insecure-newtonsoft-deserialization",
               "help": {
-                "markdown": "DOCTYPE declarations are enabled for javax.xml.parsers.SAXParserFactory. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://xerces.apache.org/xerces2-j/features.html](https://xerces.apache.org/xerces2-j/features.html)\n",
-                "text": "DOCTYPE declarations are enabled for javax.xml.parsers.SAXParserFactory. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "TypeNameHandling $TYPEHANDLER is unsafe and can lead to arbitrary code execution in the context of the process. Use a custom SerializationBinder whenever using a setting other than TypeNameHandling.None.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "TypeNameHandling $TYPEHANDLER is unsafe and can lead to arbitrary code execution in the context of the process. Use a custom SerializationBinder whenever using a setting other than TypeNameHandling.None.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.newtonsoft.insecure-newtonsoft-deserialization)\n - [https://www.newtonsoft.com/json/help/html/T_Newtonsoft_Json_TypeNameHandling.htm#remarks](https://www.newtonsoft.com/json/help/html/T_Newtonsoft_Json_TypeNameHandling.htm#remarks)\n"
               },
-              "helpUri": "https://semgrep.dev/r/clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe",
-              "id": "clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe",
-              "name": "clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
+              "properties": {
+                "precision": "very-high",
+                "tags": [
+                  "CWE-502: Deserialization of Untrusted Data",
+                  "LOW CONFIDENCE",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "javascript.puppeteer.security.audit.puppeteer-setcontent-injection.puppeteer-setcontent-injection",
+              "name": "javascript.puppeteer.security.audit.puppeteer-setcontent-injection.puppeteer-setcontent-injection",
+              "short_description": {
+                "text": "Semgrep Finding: javascript.puppeteer.security.audit.puppeteer-setcontent-injection.puppeteer-setcontent-injection"
               },
-              "fullDescription": {
-                "text": "The ECR Repository isn't configured to scan images on push"
+              "full_description": {
+                "text": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-setcontent-injection.puppeteer-setcontent-injection",
               "help": {
-                "markdown": "The ECR Repository isn't configured to scan images on push\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.lang.security.ecr-image-scan-on-push.ecr-image-scan-on-push)\n - [https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components](https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components)\n",
-                "text": "The ECR Repository isn't configured to scan images on push\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-setcontent-injection.puppeteer-setcontent-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.lang.security.ecr-image-scan-on-push.ecr-image-scan-on-push",
-              "id": "terraform.lang.security.ecr-image-scan-on-push.ecr-image-scan-on-push",
-              "name": "terraform.lang.security.ecr-image-scan-on-push.ecr-image-scan-on-push",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-1104: Use of Unmaintained Third Party Components",
+                  "CWE-918: Server-Side Request Forgery (SSRF)",
                   "LOW CONFIDENCE",
-                  "OWASP-A06:2021 - Vulnerable and Outdated Components",
+                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.lang.security.ecr-image-scan-on-push.ecr-image-scan-on-push"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.crypto.insecure_ssh.avoid-ssh-insecure-ignore-host-key",
+              "name": "go.lang.security.audit.crypto.insecure_ssh.avoid-ssh-insecure-ignore-host-key",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.insecure_ssh.avoid-ssh-insecure-ignore-host-key"
               },
-              "fullDescription": {
-                "text": "Function borrowFresh() in Compound performs state update after doTransferOut()"
+              "full_description": {
+                "text": "Disabled host key verification detected. This allows man-in-the-middle attacks. Use the 'golang.org/x/crypto/ssh/knownhosts' package to do host key verification. See https://skarlso.github.io/2019/02/17/go-ssh-with-host-key-verification/ to learn more about the problem and how to fix it."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.insecure_ssh.avoid-ssh-insecure-ignore-host-key",
               "help": {
-                "markdown": "Function borrowFresh() in Compound performs state update after doTransferOut()\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.compound-borrowfresh-reentrancy.compound-borrowfresh-reentrancy)\n - [https://twitter.com/peckshield/status/1509431646818234369](https://twitter.com/peckshield/status/1509431646818234369)\n - [https://twitter.com/blocksecteam/status/1509466576848064512](https://twitter.com/blocksecteam/status/1509466576848064512)\n - [https://slowmist.medium.com/another-day-another-reentrancy-attack-5cde10bbb2b4](https://slowmist.medium.com/another-day-another-reentrancy-attack-5cde10bbb2b4)\n - [https://explorer.fuse.io/address/0x139Eb08579eec664d461f0B754c1F8B569044611](https://explorer.fuse.io/address/0x139Eb08579eec664d461f0B754c1F8B569044611)\n",
-                "text": "Function borrowFresh() in Compound performs state update after doTransferOut()\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Disabled host key verification detected. This allows man-in-the-middle attacks. Use the 'golang.org/x/crypto/ssh/knownhosts' package to do host key verification. See https://skarlso.github.io/2019/02/17/go-ssh-with-host-key-verification/ to learn more about the problem and how to fix it.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Disabled host key verification detected. This allows man-in-the-middle attacks. Use the 'golang.org/x/crypto/ssh/knownhosts' package to do host key verification. See https://skarlso.github.io/2019/02/17/go-ssh-with-host-key-verification/ to learn more about the problem and how to fix it.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.insecure_ssh.avoid-ssh-insecure-ignore-host-key)\n - [https://skarlso.github.io/2019/02/17/go-ssh-with-host-key-verification/](https://skarlso.github.io/2019/02/17/go-ssh-with-host-key-verification/)\n - [https://gist.github.com/Skarlso/34321a230cf0245018288686c9e70b2d](https://gist.github.com/Skarlso/34321a230cf0245018288686c9e70b2d)\n"
               },
-              "helpUri": "https://semgrep.dev/r/solidity.security.compound-borrowfresh-reentrancy.compound-borrowfresh-reentrancy",
-              "id": "solidity.security.compound-borrowfresh-reentrancy.compound-borrowfresh-reentrancy",
-              "name": "solidity.security.compound-borrowfresh-reentrancy.compound-borrowfresh-reentrancy",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-841: Improper Enforcement of Behavioral Workflow",
-                  "HIGH CONFIDENCE",
+                  "CWE-322: Key Exchange without Entity Authentication",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.compound-borrowfresh-reentrancy.compound-borrowfresh-reentrancy"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.crypto.math_random.math-random-used",
+              "name": "go.lang.security.audit.crypto.math_random.math-random-used",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.math_random.math-random-used"
               },
-              "fullDescription": {
-                "text": "Make sure that unverified user data can not reach `sandbox`."
+              "full_description": {
+                "text": "Do not use `math/rand`. Use `crypto/rand` instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.math_random.math-random-used",
               "help": {
-                "markdown": "Make sure that unverified user data can not reach `sandbox`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-sandbox-injection.express-sandbox-code-injection)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)\n",
-                "text": "Make sure that unverified user data can not reach `sandbox`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Do not use `math/rand`. Use `crypto/rand` instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Do not use `math/rand`. Use `crypto/rand` instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.math_random.math-random-used)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#secure-random-number-generation](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#secure-random-number-generation)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-sandbox-injection.express-sandbox-code-injection",
-              "id": "javascript.express.security.express-sandbox-injection.express-sandbox-code-injection",
-              "name": "javascript.express.security.express-sandbox-injection.express-sandbox-code-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
+                  "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-sandbox-injection.express-sandbox-code-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse",
+              "name": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse",
+              "short_description": {
+                "text": "Semgrep Finding: python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse"
               },
-              "fullDescription": {
-                "text": "A parameter being passed directly into `Http` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
+              "full_description": {
+                "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse",
               "help": {
-                "markdown": "A parameter being passed directly into `Http` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.scalaj-http-ssrf.scalaj-http-ssrf)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n - [https://github.com/scalaj/scalaj-http#simplified-http](https://github.com/scalaj/scalaj-http#simplified-http)\n",
-                "text": "A parameter being passed directly into `Http` most likely lead to SSRF. This could allow an attacker to send data to their own server, potentially exposing sensitive data sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse)\n - [https://docs.djangoproject.com/en/3.1/intro/tutorial03/#a-shortcut-render](https://docs.djangoproject.com/en/3.1/intro/tutorial03/#a-shortcut-render)\n - [https://docs.djangoproject.com/en/3.1/topics/http/shortcuts/#render](https://docs.djangoproject.com/en/3.1/topics/http/shortcuts/#render)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.scalaj-http-ssrf.scalaj-http-ssrf",
-              "id": "scala.lang.security.audit.scalaj-http-ssrf.scalaj-http-ssrf",
-              "name": "scala.lang.security.audit.scalaj-http-ssrf.scalaj-http-ssrf",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.scalaj-http-ssrf.scalaj-http-ssrf"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml",
+              "name": "typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml",
+              "short_description": {
+                "text": "Semgrep Finding: typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml"
               },
-              "fullDescription": {
-                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to."
+              "full_description": {
+                "text": "Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml",
               "help": {
-                "markdown": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-http-request.avoid-tainted-http-request)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown)\n",
-                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml)\n - [https://react.dev/reference/react-dom/components/common#dangerously-setting-the-inner-html](https://react.dev/reference/react-dom/components/common#dangerously-setting-the-inner-html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-http-request.avoid-tainted-http-request",
-              "id": "ruby.rails.security.audit.avoid-tainted-http-request.avoid-tainted-http-request",
-              "name": "ruby.rails.security.audit.avoid-tainted-http-request.avoid-tainted-http-request",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
+                  "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.avoid-tainted-http-request.avoid-tainted-http-request"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.lang.security.audit.insecure-file-permissions.insecure-file-permissions",
+              "name": "python.lang.security.audit.insecure-file-permissions.insecure-file-permissions",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.insecure-file-permissions.insecure-file-permissions"
               },
-              "fullDescription": {
-                "text": "This location block contains a 'proxy_pass' directive but does not contain the 'internal' directive. The 'internal' directive restricts access to this location to internal requests. Without 'internal', an attacker could use your server for server-side request forgeries (SSRF). Include the 'internal' directive in this block to limit exposure."
+              "full_description": {
+                "text": "These permissions `$BITS` are widely permissive and grant access to more people than may be necessary. A good default is `0o644` which gives read and write access to yourself and read access to everyone else."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.insecure-file-permissions.insecure-file-permissions",
               "help": {
-                "markdown": "This location block contains a 'proxy_pass' directive but does not contain the 'internal' directive. The 'internal' directive restricts access to this location to internal requests. Without 'internal', an attacker could use your server for server-side request forgeries (SSRF). Include the 'internal' directive in this block to limit exposure.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.missing-internal.missing-internal)\n - [https://github.com/yandex/gixy/blob/master/docs/en/plugins/ssrf.md](https://github.com/yandex/gixy/blob/master/docs/en/plugins/ssrf.md)\n - [https://nginx.org/en/docs/http/ngx_http_core_module.html#internal](https://nginx.org/en/docs/http/ngx_http_core_module.html#internal)\n",
-                "text": "This location block contains a 'proxy_pass' directive but does not contain the 'internal' directive. The 'internal' directive restricts access to this location to internal requests. Without 'internal', an attacker could use your server for server-side request forgeries (SSRF). Include the 'internal' directive in this block to limit exposure.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "These permissions `$BITS` are widely permissive and grant access to more people than may be necessary. A good default is `0o644` which gives read and write access to yourself and read access to everyone else.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "These permissions `$BITS` are widely permissive and grant access to more people than may be necessary. A good default is `0o644` which gives read and write access to yourself and read access to everyone else.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-file-permissions.insecure-file-permissions)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.nginx.security.missing-internal.missing-internal",
-              "id": "generic.nginx.security.missing-internal.missing-internal",
-              "name": "generic.nginx.security.missing-internal.missing-internal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-16: CWE CATEGORY: Configuration",
-                  "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
+                  "CWE-276: Incorrect Default Permissions",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.nginx.security.missing-internal.missing-internal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.sqlalchemy.performance.performance-improvements.len-all-count",
+              "name": "python.sqlalchemy.performance.performance-improvements.len-all-count",
+              "short_description": {
+                "text": "Semgrep Finding: python.sqlalchemy.performance.performance-improvements.len-all-count"
               },
-              "fullDescription": {
-                "text": "Detected user data flowing into eval. This is code injection and should be avoided."
+              "full_description": {
+                "text": "Using QUERY.count() instead of len(QUERY.all()) sends less data to the client since the SQLAlchemy method is performed server-side."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.sqlalchemy.performance.performance-improvements.len-all-count",
               "help": {
-                "markdown": "Detected user data flowing into eval. This is code injection and should be avoided.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.injection.user-eval.eval-injection)\n - [https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html](https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html)\n",
-                "text": "Detected user data flowing into eval. This is code injection and should be avoided.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using QUERY.count() instead of len(QUERY.all()) sends less data to the client since the SQLAlchemy method is performed server-side.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using QUERY.count() instead of len(QUERY.all()) sends less data to the client since the SQLAlchemy method is performed server-side.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sqlalchemy.performance.performance-improvements.len-all-count)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.injection.user-eval.eval-injection",
-              "id": "python.flask.security.injection.user-eval.eval-injection",
-              "name": "python.flask.security.injection.user-eval.eval-injection",
               "properties": {
                 "precision": "very-high",
-                "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.injection.user-eval.eval-injection"
+                "tags": []
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.crypto.no-static-initialization-vector.no-static-initialization-vector",
+              "name": "java.lang.security.audit.crypto.no-static-initialization-vector.no-static-initialization-vector",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.crypto.no-static-initialization-vector.no-static-initialization-vector"
               },
-              "fullDescription": {
-                "text": "Bucket $X is not set to enforce encryption-in-transit, if not explictly setting this on the bucket policy - the property \"enforceSSL\" should be set to true"
+              "full_description": {
+                "text": "Initialization Vectors (IVs) for block ciphers should be randomly generated each time they are used. Using a static IV means the same plaintext encrypts to the same ciphertext every time, weakening the strength of the encryption."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.crypto.no-static-initialization-vector.no-static-initialization-vector",
               "help": {
-                "markdown": "Bucket $X is not set to enforce encryption-in-transit, if not explictly setting this on the bucket policy - the property \"enforceSSL\" should be set to true\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-bucket-enforcessl.aws-cdk-bucket-enforcessl)\n - [https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html](https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html)\n",
-                "text": "Bucket $X is not set to enforce encryption-in-transit, if not explictly setting this on the bucket policy - the property \"enforceSSL\" should be set to true\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Initialization Vectors (IVs) for block ciphers should be randomly generated each time they are used. Using a static IV means the same plaintext encrypts to the same ciphertext every time, weakening the strength of the encryption.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Initialization Vectors (IVs) for block ciphers should be randomly generated each time they are used. Using a static IV means the same plaintext encrypts to the same ciphertext every time, weakening the strength of the encryption.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.no-static-initialization-vector.no-static-initialization-vector)\n - [https://cwe.mitre.org/data/definitions/329.html](https://cwe.mitre.org/data/definitions/329.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/typescript.aws-cdk.security.audit.awscdk-bucket-enforcessl.aws-cdk-bucket-enforcessl",
-              "id": "typescript.aws-cdk.security.audit.awscdk-bucket-enforcessl.aws-cdk-bucket-enforcessl",
-              "name": "typescript.aws-cdk.security.audit.awscdk-bucket-enforcessl.aws-cdk-bucket-enforcessl",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-329: Generation of Predictable IV with CBC Mode",
+                  "HIGH CONFIDENCE",
                   "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.aws-cdk.security.audit.awscdk-bucket-enforcessl.aws-cdk-bucket-enforcessl"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-DES",
+              "name": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-DES",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.crypto.use_of_weak_crypto.use-of-DES"
               },
-              "fullDescription": {
-                "text": "Insecure HostnameVerifier implementation detected. This will accept any SSL certificate with any hostname, which creates the possibility for man-in-the-middle attacks."
+              "full_description": {
+                "text": "Detected DES cipher algorithm which is insecure. The algorithm is considered weak and has been deprecated. Use AES instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-DES",
               "help": {
-                "markdown": "Insecure HostnameVerifier implementation detected. This will accept any SSL certificate with any hostname, which creates the possibility for man-in-the-middle attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.insecure-hostname-verifier.insecure-hostname-verifier)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Insecure HostnameVerifier implementation detected. This will accept any SSL certificate with any hostname, which creates the possibility for man-in-the-middle attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected DES cipher algorithm which is insecure. The algorithm is considered weak and has been deprecated. Use AES instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected DES cipher algorithm which is insecure. The algorithm is considered weak and has been deprecated. Use AES instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-DES)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.insecure-hostname-verifier.insecure-hostname-verifier",
-              "id": "java.lang.security.audit.crypto.ssl.insecure-hostname-verifier.insecure-hostname-verifier",
-              "name": "java.lang.security.audit.crypto.ssl.insecure-hostname-verifier.insecure-hostname-verifier",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-295: Improper Certificate Validation",
-                  "LOW CONFIDENCE",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.ssl.insecure-hostname-verifier.insecure-hostname-verifier"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query",
+              "name": "python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query",
+              "short_description": {
+                "text": "Semgrep Finding: python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query"
               },
-              "fullDescription": {
-                "text": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize."
+              "full_description": {
+                "text": "Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query",
               "help": {
-                "markdown": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.angular.security.detect-angular-element-taint.detect-angular-element-taint)\n - [https://docs.angularjs.org/api/ng/function/angular.element](https://docs.angularjs.org/api/ng/function/angular.element)\n - [https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf](https://owasp.org/www-chapter-london/assets/slides/OWASPLondon20170727_AngularJS.pdf)\n",
-                "text": "Use of angular.element can lead to XSS if user-input is treated as part of the HTML element within `$SINK`. It is recommended to contextually output encode user-input, before inserting into `$SINK`. If the HTML needs to be preserved it is recommended to sanitize the input using $sce.getTrustedHTML or $sanitize.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query)\n - [https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql](https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql)\n - [https://www.tutorialspoint.com/sqlalchemy/sqlalchemy_quick_guide.htm](https://www.tutorialspoint.com/sqlalchemy/sqlalchemy_quick_guide.htm)\n - [https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-more-specific-text-with-table-expression-literal-column-and-expression-column](https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-more-specific-text-with-table-expression-literal-column-and-expression-column)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.angular.security.detect-angular-element-taint.detect-angular-element-taint",
-              "id": "javascript.angular.security.detect-angular-element-taint.detect-angular-element-taint",
-              "name": "javascript.angular.security.detect-angular-element-taint.detect-angular-element-taint",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.angular.security.detect-angular-element-taint.detect-angular-element-taint"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "php.lang.security.md5-used-as-password.md5-used-as-password",
+              "name": "php.lang.security.md5-used-as-password.md5-used-as-password",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.md5-used-as-password.md5-used-as-password"
               },
-              "fullDescription": {
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using `#$variable` and use `$variable` in `sql\"...\"` strings instead."
+              "full_description": {
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use `password_hash($PASSWORD, PASSWORD_BCRYPT, $OPTIONS);`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.md5-used-as-password.md5-used-as-password",
               "help": {
-                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using `#$variable` and use `$variable` in `sql\"...\"` strings instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.slick.security.scala-slick-sql-non-literal.scala-slick-sql-non-literal)\n - [https://scala-slick.org/doc/3.3.3/sql.html#splicing-literal-values](https://scala-slick.org/doc/3.3.3/sql.html#splicing-literal-values)\n",
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using `#$variable` and use `$variable` in `sql\"...\"` strings instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use `password_hash($PASSWORD, PASSWORD_BCRYPT, $OPTIONS);`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use `password_hash($PASSWORD, PASSWORD_BCRYPT, $OPTIONS);`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/html/rfc6151](https://tools.ietf.org/html/rfc6151)\n - [https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision](https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision)\n - [https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n - [https://www.php.net/password_hash](https://www.php.net/password_hash)\n"
               },
-              "helpUri": "https://semgrep.dev/r/scala.slick.security.scala-slick-sql-non-literal.scala-slick-sql-non-literal",
-              "id": "scala.slick.security.scala-slick-sql-non-literal.scala-slick-sql-non-literal",
-              "name": "scala.slick.security.scala-slick-sql-non-literal.scala-slick-sql-non-literal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.slick.security.scala-slick-sql-non-literal.scala-slick-sql-non-literal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.curl-ssl-verifypeer-off.curl-ssl-verifypeer-off",
+              "name": "php.lang.security.curl-ssl-verifypeer-off.curl-ssl-verifypeer-off",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.curl-ssl-verifypeer-off.curl-ssl-verifypeer-off"
               },
-              "fullDescription": {
-                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI."
+              "full_description": {
+                "text": "SSL verification is disabled but should not be (currently CURLOPT_SSL_VERIFYPEER= $IS_VERIFIED)"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.curl-ssl-verifypeer-off.curl-ssl-verifypeer-off",
               "help": {
-                "markdown": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.xss.pug.var-in-script-tag.var-in-script-tag)\n - [https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough](https://www.veracode.com/blog/secure-development/nodejs-template-engines-why-default-encoders-are-not-enough)\n - [https://github.com/ESAPI/owasp-esapi-js](https://github.com/ESAPI/owasp-esapi-js)\n",
-                "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "SSL verification is disabled but should not be (currently CURLOPT_SSL_VERIFYPEER= $IS_VERIFIED)\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "SSL verification is disabled but should not be (currently CURLOPT_SSL_VERIFYPEER= $IS_VERIFIED)\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.curl-ssl-verifypeer-off.curl-ssl-verifypeer-off)\n - [https://www.saotn.org/dont-turn-off-curlopt_ssl_verifypeer-fix-php-configuration/](https://www.saotn.org/dont-turn-off-curlopt_ssl_verifypeer-fix-php-configuration/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.xss.pug.var-in-script-tag.var-in-script-tag",
-              "id": "javascript.express.security.audit.xss.pug.var-in-script-tag.var-in-script-tag",
-              "name": "javascript.express.security.audit.xss.pug.var-in-script-tag.var-in-script-tag",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.xss.pug.var-in-script-tag.var-in-script-tag"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.flask.security.xss.audit.template-autoescape-off.template-autoescape-off",
+              "name": "python.flask.security.xss.audit.template-autoescape-off.template-autoescape-off",
+              "short_description": {
+                "text": "Semgrep Finding: python.flask.security.xss.audit.template-autoescape-off.template-autoescape-off"
               },
-              "fullDescription": {
-                "text": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands."
+              "full_description": {
+                "text": "Detected a segment of a Flask template where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability, or turn autoescape on."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.flask.security.xss.audit.template-autoescape-off.template-autoescape-off",
               "help": {
-                "markdown": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.command.subprocess-injection.subprocess-injection)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n",
-                "text": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a segment of a Flask template where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability, or turn autoescape on.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a segment of a Flask template where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability, or turn autoescape on.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.xss.audit.template-autoescape-off.template-autoescape-off)\n - [https://flask.palletsprojects.com/en/1.1.x/templating/#controlling-autoescaping](https://flask.palletsprojects.com/en/1.1.x/templating/#controlling-autoescaping)\n - [https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup](https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.command.subprocess-injection.subprocess-injection",
-              "id": "python.django.security.injection.command.subprocess-injection.subprocess-injection",
-              "name": "python.django.security.injection.command.subprocess-injection.subprocess-injection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                  "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.command.subprocess-injection.subprocess-injection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "python.lang.security.audit.weak-ssl-version.weak-ssl-version",
+              "name": "python.lang.security.audit.weak-ssl-version.weak-ssl-version",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.audit.weak-ssl-version.weak-ssl-version"
               },
-              "fullDescription": {
-                "text": "Running `socket.bind` to 0.0.0.0, or empty string could unexpectedly expose the server publicly as it binds to all available interfaces. Consider instead getting correct address from an environment variable or configuration file."
+              "full_description": {
+                "text": "An insecure SSL version was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use 'ssl.PROTOCOL_TLSv1_2' or higher."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.audit.weak-ssl-version.weak-ssl-version",
               "help": {
-                "markdown": "Running `socket.bind` to 0.0.0.0, or empty string could unexpectedly expose the server publicly as it binds to all available interfaces. Consider instead getting correct address from an environment variable or configuration file.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.network.bind.avoid-bind-to-all-interfaces)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Running `socket.bind` to 0.0.0.0, or empty string could unexpectedly expose the server publicly as it binds to all available interfaces. Consider instead getting correct address from an environment variable or configuration file.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "An insecure SSL version was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use 'ssl.PROTOCOL_TLSv1_2' or higher.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "An insecure SSL version was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use 'ssl.PROTOCOL_TLSv1_2' or higher.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.weak-ssl-version.weak-ssl-version)\n - [https://tools.ietf.org/html/rfc7568](https://tools.ietf.org/html/rfc7568)\n - [https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html](https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html)\n - [https://docs.python.org/3/library/ssl.html#ssl.PROTOCOL_TLSv1_2](https://docs.python.org/3/library/ssl.html#ssl.PROTOCOL_TLSv1_2)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.network.bind.avoid-bind-to-all-interfaces",
-              "id": "python.lang.security.audit.network.bind.avoid-bind-to-all-interfaces",
-              "name": "python.lang.security.audit.network.bind.avoid-bind-to-all-interfaces",
               "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                "precision": "very-high",
+                "tags": [
+                  "CWE-326: Inadequate Encryption Strength",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.network.bind.avoid-bind-to-all-interfaces"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.sqli.turbine-sqli.turbine-sqli",
+              "name": "java.lang.security.audit.sqli.turbine-sqli.turbine-sqli",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.sqli.turbine-sqli.turbine-sqli"
               },
-              "fullDescription": {
-                "text": "Detected controller which does not enable cross-site request forgery protections using 'protect_from_forgery'. Add 'protect_from_forgery :with => :exception' to your controller class."
+              "full_description": {
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.sqli.turbine-sqli.turbine-sqli",
               "help": {
-                "markdown": "Detected controller which does not enable cross-site request forgery protections using 'protect_from_forgery'. Add 'protect_from_forgery :with => :exception' to your controller class.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.missing-csrf-protection.missing-csrf-protection)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Detected controller which does not enable cross-site request forgery protections using 'protect_from_forgery'. Add 'protect_from_forgery :with => :exception' to your controller class.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.turbine-sqli.turbine-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.missing-csrf-protection.missing-csrf-protection",
-              "id": "ruby.lang.security.missing-csrf-protection.missing-csrf-protection",
-              "name": "ruby.lang.security.missing-csrf-protection.missing-csrf-protection",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                   "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.missing-csrf-protection.missing-csrf-protection"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.lang.security.insecure-deserialization.data-contract-resolver.data-contract-resolver",
+              "name": "csharp.lang.security.insecure-deserialization.data-contract-resolver.data-contract-resolver",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.data-contract-resolver.data-contract-resolver"
               },
-              "fullDescription": {
-                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions."
+              "full_description": {
+                "text": "Only use DataContractResolver if you are completely sure of what information is being serialized. Malicious types can cause unexpected behavior."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.data-contract-resolver.data-contract-resolver",
               "help": {
-                "markdown": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.php-permissive-cors.php-permissive-cors)\n - [https://developer.mozilla.org/ru/docs/Web/HTTP/Headers/Access-Control-Allow-Origin](https://developer.mozilla.org/ru/docs/Web/HTTP/Headers/Access-Control-Allow-Origin)\n",
-                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Only use DataContractResolver if you are completely sure of what information is being serialized. Malicious types can cause unexpected behavior.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Only use DataContractResolver if you are completely sure of what information is being serialized. Malicious types can cause unexpected behavior.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.data-contract-resolver.data-contract-resolver)\n - [https://docs.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide](https://docs.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide)\n"
               },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.php-permissive-cors.php-permissive-cors",
-              "id": "php.lang.security.php-permissive-cors.php-permissive-cors",
-              "name": "php.lang.security.php-permissive-cors.php-permissive-cors",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-346: Origin Validation Error",
+                  "CWE-502: Deserialization of Untrusted Data",
                   "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A08:2017 - Insecure Deserialization",
+                  "OWASP-A08:2021 - Software and Data Integrity Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.php-permissive-cors.php-permissive-cors"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.audit.xxe.transformerfactory-dtds-not-disabled.transformerfactory-dtds-not-disabled",
+              "name": "java.lang.security.audit.xxe.transformerfactory-dtds-not-disabled.transformerfactory-dtds-not-disabled",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.xxe.transformerfactory-dtds-not-disabled.transformerfactory-dtds-not-disabled"
               },
-              "fullDescription": {
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
+              "full_description": {
+                "text": "DOCTYPE declarations are enabled for this TransformerFactory. This is vulnerable to XML external entity attacks. Disable this by setting the attributes \"accessExternalDTD\" and \"accessExternalStylesheet\" to \"\"."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.xxe.transformerfactory-dtds-not-disabled.transformerfactory-dtds-not-disabled",
               "help": {
-                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-lambda-environment-credentials.aws-lambda-environment-credentials)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n",
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "DOCTYPE declarations are enabled for this TransformerFactory. This is vulnerable to XML external entity attacks. Disable this by setting the attributes \"accessExternalDTD\" and \"accessExternalStylesheet\" to \"\".\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "DOCTYPE declarations are enabled for this TransformerFactory. This is vulnerable to XML external entity attacks. Disable this by setting the attributes \"accessExternalDTD\" and \"accessExternalStylesheet\" to \"\".\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.transformerfactory-dtds-not-disabled.transformerfactory-dtds-not-disabled)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n - [https://xerces.apache.org/xerces2-j/features.html](https://xerces.apache.org/xerces2-j/features.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-lambda-environment-credentials.aws-lambda-environment-credentials",
-              "id": "terraform.aws.security.aws-lambda-environment-credentials.aws-lambda-environment-credentials",
-              "name": "terraform.aws.security.aws-lambda-environment-credentials.aws-lambda-environment-credentials",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-lambda-environment-credentials.aws-lambda-environment-credentials"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "solidity.security.sense-missing-oracle-access-control.sense-missing-oracle-access-control",
+              "name": "solidity.security.sense-missing-oracle-access-control.sense-missing-oracle-access-control",
+              "short_description": {
+                "text": "Semgrep Finding: solidity.security.sense-missing-oracle-access-control.sense-missing-oracle-access-control"
               },
-              "fullDescription": {
-                "text": "Found potentially unsafe handling of redirect behavior $X. Do not pass `params` to `redirect_to` without the `:only_path => true` hash value."
+              "full_description": {
+                "text": "Oracle update is not restricted in $F()"
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/solidity.security.sense-missing-oracle-access-control.sense-missing-oracle-access-control",
               "help": {
-                "markdown": "Found potentially unsafe handling of redirect behavior $X. Do not pass `params` to `redirect_to` without the `:only_path => true` hash value.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.brakeman.check-redirect-to.check-redirect-to)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)\n",
-                "text": "Found potentially unsafe handling of redirect behavior $X. Do not pass `params` to `redirect_to` without the `:only_path => true` hash value.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Oracle update is not restricted in $F()\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Oracle update is not restricted in $F()\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.sense-missing-oracle-access-control.sense-missing-oracle-access-control)\n - [https://medium.com/immunefi/sense-finance-access-control-issue-bugfix-review-32e0c806b1a0](https://medium.com/immunefi/sense-finance-access-control-issue-bugfix-review-32e0c806b1a0)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.brakeman.check-redirect-to.check-redirect-to",
-              "id": "ruby.rails.security.brakeman.check-redirect-to.check-redirect-to",
-              "name": "ruby.rails.security.brakeman.check-redirect-to.check-redirect-to",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
+                  "CWE-284: Improper Access Control",
                   "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.brakeman.check-redirect-to.check-redirect-to"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "go.lang.security.audit.net.use-tls.use-tls",
+              "name": "go.lang.security.audit.net.use-tls.use-tls",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.net.use-tls.use-tls"
               },
-              "fullDescription": {
-                "text": "Using a non-primitive class with Java RMI may be an insecure deserialization vulnerability. Depending on the underlying implementation. This object could be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON."
+              "full_description": {
+                "text": "Found an HTTP server without TLS. Use 'http.ListenAndServeTLS' instead. See https://golang.org/pkg/net/http/#ListenAndServeTLS for more information."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.net.use-tls.use-tls",
               "help": {
-                "markdown": "Using a non-primitive class with Java RMI may be an insecure deserialization vulnerability. Depending on the underlying implementation. This object could be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.rmi.security.server-dangerous-class-deserialization.server-dangerous-class-deserialization)\n - [https://mogwailabs.de/blog/2019/03/attacking-java-rmi-services-after-jep-290/](https://mogwailabs.de/blog/2019/03/attacking-java-rmi-services-after-jep-290/)\n",
-                "text": "Using a non-primitive class with Java RMI may be an insecure deserialization vulnerability. Depending on the underlying implementation. This object could be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Found an HTTP server without TLS. Use 'http.ListenAndServeTLS' instead. See https://golang.org/pkg/net/http/#ListenAndServeTLS for more information.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Found an HTTP server without TLS. Use 'http.ListenAndServeTLS' instead. See https://golang.org/pkg/net/http/#ListenAndServeTLS for more information.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.use-tls.use-tls)\n - [https://golang.org/pkg/net/http/#ListenAndServeTLS](https://golang.org/pkg/net/http/#ListenAndServeTLS)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.rmi.security.server-dangerous-class-deserialization.server-dangerous-class-deserialization",
-              "id": "java.rmi.security.server-dangerous-class-deserialization.server-dangerous-class-deserialization",
-              "name": "java.rmi.security.server-dangerous-class-deserialization.server-dangerous-class-deserialization",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-319: Cleartext Transmission of Sensitive Information",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.rmi.security.server-dangerous-class-deserialization.server-dangerous-class-deserialization"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping",
+              "name": "java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping",
+              "short_description": {
+                "text": "Semgrep Finding: java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping"
               },
-              "fullDescription": {
-                "text": "Detected MD4 hash algorithm which is considered insecure. MD4 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
+              "full_description": {
+                "text": "Detected a method annotated with 'RequestMapping' that does not specify the HTTP method. CSRF protections are not enabled for GET, HEAD, TRACE, or OPTIONS, and by default all HTTP methods are allowed when the HTTP method is not explicitly specified. This means that a method that performs state changes could be vulnerable to CSRF attacks. To mitigate, add the 'method' field and specify the HTTP method (such as 'RequestMethod.POST')."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping",
               "help": {
-                "markdown": "Detected MD4 hash algorithm which is considered insecure. MD4 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md4.insecure-hash-algorithm-md4)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n",
-                "text": "Detected MD4 hash algorithm which is considered insecure. MD4 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a method annotated with 'RequestMapping' that does not specify the HTTP method. CSRF protections are not enabled for GET, HEAD, TRACE, or OPTIONS, and by default all HTTP methods are allowed when the HTTP method is not explicitly specified. This means that a method that performs state changes could be vulnerable to CSRF attacks. To mitigate, add the 'method' field and specify the HTTP method (such as 'RequestMethod.POST').\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a method annotated with 'RequestMapping' that does not specify the HTTP method. CSRF protections are not enabled for GET, HEAD, TRACE, or OPTIONS, and by default all HTTP methods are allowed when the HTTP method is not explicitly specified. This means that a method that performs state changes could be vulnerable to CSRF attacks. To mitigate, add the 'method' field and specify the HTTP method (such as 'RequestMethod.POST').\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping)\n - [https://find-sec-bugs.github.io/bugs.htm#SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING](https://find-sec-bugs.github.io/bugs.htm#SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insecure-hash-algorithm-md4.insecure-hash-algorithm-md4",
-              "id": "python.pycryptodome.security.insecure-hash-algorithm-md4.insecure-hash-algorithm-md4",
-              "name": "python.pycryptodome.security.insecure-hash-algorithm-md4.insecure-hash-algorithm-md4",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
+                  "CWE-352: Cross-Site Request Forgery (CSRF)",
+                  "LOW CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insecure-hash-algorithm-md4.insecure-hash-algorithm-md4"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "terraform.aws.security.aws-transfer-server-is-public.aws-transfer-server-is-public",
+              "name": "terraform.aws.security.aws-transfer-server-is-public.aws-transfer-server-is-public",
+              "short_description": {
+                "text": "Semgrep Finding: terraform.aws.security.aws-transfer-server-is-public.aws-transfer-server-is-public"
               },
-              "fullDescription": {
-                "text": "The HTTPSConnection API has changed frequently with minor releases of Python. Ensure you are using the API for your version of Python securely. For example, Python 3 versions prior to 3.4.3 will not verify SSL certificates by default. See https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection for more information."
+              "full_description": {
+                "text": "Transfer Server endpoint type should not have public or null configured in order to block public access. To fix this, set your `endpoint_type` to `\"VPC\"`."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/terraform.aws.security.aws-transfer-server-is-public.aws-transfer-server-is-public",
               "help": {
-                "markdown": "The HTTPSConnection API has changed frequently with minor releases of Python. Ensure you are using the API for your version of Python securely. For example, Python 3 versions prior to 3.4.3 will not verify SSL certificates by default. See https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.httpsconnection-detected.httpsconnection-detected)\n - [https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection](https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection)\n",
-                "text": "The HTTPSConnection API has changed frequently with minor releases of Python. Ensure you are using the API for your version of Python securely. For example, Python 3 versions prior to 3.4.3 will not verify SSL certificates by default. See https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Transfer Server endpoint type should not have public or null configured in order to block public access. To fix this, set your `endpoint_type` to `\"VPC\"`.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Transfer Server endpoint type should not have public or null configured in order to block public access. To fix this, set your `endpoint_type` to `\"VPC\"`.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-transfer-server-is-public.aws-transfer-server-is-public)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.httpsconnection-detected.httpsconnection-detected",
-              "id": "python.lang.security.audit.httpsconnection-detected.httpsconnection-detected",
-              "name": "python.lang.security.audit.httpsconnection-detected.httpsconnection-detected",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-295: Improper Certificate Validation",
+                  "CWE-284: Improper Access Control",
                   "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
+                  "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.httpsconnection-detected.httpsconnection-detected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
+              "id": "java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-false.documentbuilderfactory-disallow-doctype-decl-false",
+              "name": "java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-false.documentbuilderfactory-disallow-doctype-decl-false",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-false.documentbuilderfactory-disallow-doctype-decl-false"
               },
-              "fullDescription": {
-                "text": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text."
+              "full_description": {
+                "text": "DOCTYPE declarations are enabled for $DBFACTORY. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-false.documentbuilderfactory-disallow-doctype-decl-false",
               "help": {
-                "markdown": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.template-translate-as-no-escape.template-translate-as-no-escape)\n - [https://edx.readthedocs.io/projects/edx-developer-guide/en/latest/preventing_xss/preventing_xss_in_django_templates.html#html-escaping-translations-in-django-templates](https://edx.readthedocs.io/projects/edx-developer-guide/en/latest/preventing_xss/preventing_xss_in_django_templates.html#html-escaping-translations-in-django-templates)\n - [https://docs.djangoproject.com/en/3.1/topics/i18n/translation/#internationalization-in-template-code](https://docs.djangoproject.com/en/3.1/topics/i18n/translation/#internationalization-in-template-code)\n",
-                "text": "Translated strings will not be escaped when rendered in a template. This leads to a vulnerability where translators could include malicious script tags in their translations. Consider using `force_escape` to explicitly escape a translated text.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "DOCTYPE declarations are enabled for $DBFACTORY. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "DOCTYPE declarations are enabled for $DBFACTORY. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-false.documentbuilderfactory-disallow-doctype-decl-false)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n - [https://xerces.apache.org/xerces2-j/features.html](https://xerces.apache.org/xerces2-j/features.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.template-translate-as-no-escape.template-translate-as-no-escape",
-              "id": "python.django.security.audit.xss.template-translate-as-no-escape.template-translate-as-no-escape",
-              "name": "python.django.security.audit.xss.template-translate-as-no-escape.template-translate-as-no-escape",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
+                  "CWE-611: Improper Restriction of XML External Entity Reference",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A04:2017 - XML External Entities (XXE)",
+                  "OWASP-A05:2021 - Security Misconfiguration",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.template-translate-as-no-escape.template-translate-as-no-escape"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "yaml.github-actions.security.run-shell-injection.run-shell-injection",
+              "name": "yaml.github-actions.security.run-shell-injection.run-shell-injection",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.github-actions.security.run-shell-injection.run-shell-injection"
               },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use sanitize statements like so: `escaped = client.escape(user_input)`"
+              "full_description": {
+                "text": "Using variable interpolation `${{...}}` with `github` context data in a `run:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\"."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/yaml.github-actions.security.run-shell-injection.run-shell-injection",
               "help": {
-                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use sanitize statements like so: `escaped = client.escape(user_input)`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.mysql2-sqli.mysql2-sqli)\n - [https://github.com/brianmario/mysql2](https://github.com/brianmario/mysql2)\n",
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use sanitize statements like so: `escaped = client.escape(user_input)`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Using variable interpolation `${{...}}` with `github` context data in a `run:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\".\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Using variable interpolation `${{...}}` with `github` context data in a `run:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\".\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.run-shell-injection.run-shell-injection)\n - [https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections](https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections)\n - [https://securitylab.github.com/research/github-actions-untrusted-input/](https://securitylab.github.com/research/github-actions-untrusted-input/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/ruby.aws-lambda.security.mysql2-sqli.mysql2-sqli",
-              "id": "ruby.aws-lambda.security.mysql2-sqli.mysql2-sqli",
-              "name": "ruby.aws-lambda.security.mysql2-sqli.mysql2-sqli",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
+                  "HIGH CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.aws-lambda.security.mysql2-sqli.mysql2-sqli"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration",
+              "name": "csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration",
+              "short_description": {
+                "text": "Semgrep Finding: csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration"
               },
-              "fullDescription": {
-                "text": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability,  where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first."
+              "full_description": {
+                "text": "You are using an insecure random number generator (RNG) to create a cryptographic key. System.Random must never be used for cryptographic purposes. Use System.Security.Cryptography.RandomNumberGenerator instead."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration",
               "help": {
-                "markdown": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability,  where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal)\n - [https://owasp.org/www-community/attacks/Path_Traversal](https://owasp.org/www-community/attacks/Path_Traversal)\n",
-                "text": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability,  where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "You are using an insecure random number generator (RNG) to create a cryptographic key. System.Random must never be used for cryptographic purposes. Use System.Security.Cryptography.RandomNumberGenerator instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "You are using an insecure random number generator (RNG) to create a cryptographic key. System.Random must never be used for cryptographic purposes. Use System.Security.Cryptography.RandomNumberGenerator instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration)\n - [https://learn.microsoft.com/en-us/dotnet/api/system.random?view=net-6.0#remarks](https://learn.microsoft.com/en-us/dotnet/api/system.random?view=net-6.0#remarks)\n - [https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.randomnumbergenerator?view=net-6.0](https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.randomnumbergenerator?view=net-6.0)\n - [https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.aesgcm?view=net-6.0#constructors](https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.aesgcm?view=net-6.0#constructors)\n - [https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.symmetricalgorithm.key?view=net-6.0#system-security-cryptography-symmetricalgorithm-key](https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.symmetricalgorithm.key?view=net-6.0#system-security-cryptography-symmetricalgorithm-key)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal",
-              "id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal",
-              "name": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
+                  "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
+                  "HIGH CONFIDENCE",
+                  "OWASP-A02:2021 - Cryptographic Failures",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.doctrine.security.audit.doctrine-orm-dangerous-query.doctrine-orm-dangerous-query",
+              "name": "php.doctrine.security.audit.doctrine-orm-dangerous-query.doctrine-orm-dangerous-query",
+              "short_description": {
+                "text": "Semgrep Finding: php.doctrine.security.audit.doctrine-orm-dangerous-query.doctrine-orm-dangerous-query"
               },
-              "fullDescription": {
-                "text": "Avoid using `jsonpickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data using `json` module."
+              "full_description": {
+                "text": "`$QUERY` Detected string concatenation with a non-literal variable in a Doctrine QueryBuilder method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.doctrine.security.audit.doctrine-orm-dangerous-query.doctrine-orm-dangerous-query",
               "help": {
-                "markdown": "Avoid using `jsonpickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data using `json` module.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.avoid-jsonpickle.avoid-jsonpickle)\n - [https://github.com/jsonpickle/jsonpickle#jsonpickle](https://github.com/jsonpickle/jsonpickle#jsonpickle)\n - [https://www.exploit-db.com/exploits/49585](https://www.exploit-db.com/exploits/49585)\n",
-                "text": "Avoid using `jsonpickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data using `json` module.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "`$QUERY` Detected string concatenation with a non-literal variable in a Doctrine QueryBuilder method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "`$QUERY` Detected string concatenation with a non-literal variable in a Doctrine QueryBuilder method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.doctrine.security.audit.doctrine-orm-dangerous-query.doctrine-orm-dangerous-query)\n - [https://www.doctrine-project.org/projects/doctrine-dbal/en/current/reference/query-builder.html#security-safely-preventing-sql-injection](https://www.doctrine-project.org/projects/doctrine-dbal/en/current/reference/query-builder.html#security-safely-preventing-sql-injection)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.deserialization.avoid-jsonpickle.avoid-jsonpickle",
-              "id": "python.lang.security.deserialization.avoid-jsonpickle.avoid-jsonpickle",
-              "name": "python.lang.security.deserialization.avoid-jsonpickle.avoid-jsonpickle",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
+                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2017 - Injection",
+                  "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.deserialization.avoid-jsonpickle.avoid-jsonpickle"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "java.lang.security.httpservlet-path-traversal.httpservlet-path-traversal",
+              "name": "java.lang.security.httpservlet-path-traversal.httpservlet-path-traversal",
+              "short_description": {
+                "text": "Semgrep Finding: java.lang.security.httpservlet-path-traversal.httpservlet-path-traversal"
               },
-              "fullDescription": {
-                "text": "'reflect.MakeFunc' detected. This will sidestep protections that are normally afforded by Go's type system. Audit this call and be sure that user input cannot be used to affect the code generated by MakeFunc; otherwise, you will have a serious security vulnerability."
+              "full_description": {
+                "text": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
               },
+              "help_uri": "https://semgrep.dev/r/java.lang.security.httpservlet-path-traversal.httpservlet-path-traversal",
               "help": {
-                "markdown": "'reflect.MakeFunc' detected. This will sidestep protections that are normally afforded by Go's type system. Audit this call and be sure that user input cannot be used to affect the code generated by MakeFunc; otherwise, you will have a serious security vulnerability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.reflect-makefunc.reflect-makefunc)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "'reflect.MakeFunc' detected. This will sidestep protections that are normally afforded by Go's type system. Audit this call and be sure that user input cannot be used to affect the code generated by MakeFunc; otherwise, you will have a serious security vulnerability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.httpservlet-path-traversal.httpservlet-path-traversal)\n - [https://www.owasp.org/index.php/Path_Traversal](https://www.owasp.org/index.php/Path_Traversal)\n"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.reflect-makefunc.reflect-makefunc",
-              "id": "go.lang.security.audit.reflect-makefunc.reflect-makefunc",
-              "name": "go.lang.security.audit.reflect-makefunc.reflect-makefunc",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-913: Improper Control of Dynamically-Managed Code Resources",
-                  "LOW CONFIDENCE",
+                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
+                  "MEDIUM CONFIDENCE",
                   "OWASP-A01:2021 - Broken Access Control",
+                  "OWASP-A05:2017 - Broken Access Control",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.reflect-makefunc.reflect-makefunc"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "go.lang.security.audit.xss.template-html-does-not-escape.unsafe-template-type",
+              "name": "go.lang.security.audit.xss.template-html-does-not-escape.unsafe-template-type",
+              "short_description": {
+                "text": "Semgrep Finding: go.lang.security.audit.xss.template-html-does-not-escape.unsafe-template-type"
               },
-              "fullDescription": {
-                "text": "Using 'locals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'locals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead."
+              "full_description": {
+                "text": "Semgrep could not determine that the argument to 'template.HTML()' is a constant. 'template.HTML()' and similar does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability. Instead, do not use this function and use 'template.Execute()'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "help_uri": "https://semgrep.dev/r/go.lang.security.audit.xss.template-html-does-not-escape.unsafe-template-type",
               "help": {
-                "markdown": "Using 'locals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'locals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.locals-as-template-context.locals-as-template-context)\n - [https://docs.djangoproject.com/en/3.2/ref/settings/#templates](https://docs.djangoproject.com/en/3.2/ref/settings/#templates)\n - [https://docs.djangoproject.com/en/3.2/topics/templates/#django.template.backends.django.DjangoTemplates](https://docs.djangoproject.com/en/3.2/topics/templates/#django.template.backends.django.DjangoTemplates)\n - [https://docs.djangoproject.com/en/3.2/ref/templates/api/#rendering-a-context](https://docs.djangoproject.com/en/3.2/ref/templates/api/#rendering-a-context)\n",
-                "text": "Using 'locals()' as a context to 'render(...)' is extremely dangerous. This exposes Python functions to the template that were not meant to be exposed. An attacker could use these functions to execute code that was not intended to run and could compromise the application. (This is server-side template injection (SSTI)). Do not use 'locals()'. Instead, specify each variable in a dictionary or 'django.template.Context' object, like '{\"var1\": \"hello\"}' and use that instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Semgrep could not determine that the argument to 'template.HTML()' is a constant. 'template.HTML()' and similar does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability. Instead, do not use this function and use 'template.Execute()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Semgrep could not determine that the argument to 'template.HTML()' is a constant. 'template.HTML()' and similar does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability. Instead, do not use this function and use 'template.Execute()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.template-html-does-not-escape.unsafe-template-type)\n - [https://golang.org/pkg/html/template/#HTML](https://golang.org/pkg/html/template/#HTML)\n - [https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/vulnerability/xss/xss.go#L33](https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/vulnerability/xss/xss.go#L33)\n"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.locals-as-template-context.locals-as-template-context",
-              "id": "python.django.security.locals-as-template-context.locals-as-template-context",
-              "name": "python.django.security.locals-as-template-context.locals-as-template-context",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
+                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                   "LOW CONFIDENCE",
                   "OWASP-A03:2021 - Injection",
+                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.locals-as-template-context.locals-as-template-context"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "yaml.kubernetes.security.privileged-container.privileged-container",
+              "name": "yaml.kubernetes.security.privileged-container.privileged-container",
+              "short_description": {
+                "text": "Semgrep Finding: yaml.kubernetes.security.privileged-container.privileged-container"
               },
-              "fullDescription": {
-                "text": "JWT token detected"
+              "full_description": {
+                "text": "Container or pod is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/yaml.kubernetes.security.privileged-container.privileged-container",
               "help": {
-                "markdown": "JWT token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-jwt-token.detected-jwt-token)\n - [https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/](https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/)\n",
-                "text": "JWT token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Container or pod is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Container or pod is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.privileged-container.privileged-container)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privileged](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privileged)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html)\n"
               },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-jwt-token.detected-jwt-token",
-              "id": "generic.secrets.security.detected-jwt-token.detected-jwt-token",
-              "name": "generic.secrets.security.detected-jwt-token.detected-jwt-token",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-321: Use of Hard-coded Cryptographic Key",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
+                  "CWE-250: Execution with Unnecessary Privileges",
+                  "MEDIUM CONFIDENCE",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-jwt-token.detected-jwt-token"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "id": "python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use",
+              "name": "python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use",
+              "short_description": {
+                "text": "Semgrep Finding: python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use"
               },
-              "fullDescription": {
-                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library."
+              "full_description": {
+                "text": "Detected subprocess function '$FUNC' with user controlled data. A malicious actor could leverage this to perform command injection. You may consider using 'shlex.escape()'."
               },
+              "default_configuration": {
+                "enabled": true,
+                "level": "error"
+              },
+              "help_uri": "https://semgrep.dev/r/python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use",
               "help": {
-                "markdown": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://docs.oracle.com/javase/7/docs/api/java/sql/PreparedStatement.html](https://docs.oracle.com/javase/7/docs/api/java/sql/PreparedStatement.html)\n",
-                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`connection.PreparedStatement`) or a safe library.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Detected subprocess function '$FUNC' with user controlled data. A malicious actor could leverage this to perform command injection. You may consider using 'shlex.escape()'.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Detected subprocess function '$FUNC' with user controlled data. A malicious actor could leverage this to perform command injection. You may consider using 'shlex.escape()'.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use)\n - [https://stackoverflow.com/questions/3172470/actual-meaning-of-shell-true-in-subprocess](https://stackoverflow.com/questions/3172470/actual-meaning-of-shell-true-in-subprocess)\n - [https://docs.python.org/3/library/subprocess.html](https://docs.python.org/3/library/subprocess.html)\n - [https://docs.python.org/3/library/shlex.html](https://docs.python.org/3/library/shlex.html)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n"
               },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.injection.tainted-sql-string.tainted-sql-string",
-              "id": "java.spring.security.injection.tainted-sql-string.tainted-sql-string",
-              "name": "java.spring.security.injection.tainted-sql-string.tainted-sql-string",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
+                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                   "MEDIUM CONFIDENCE",
                   "OWASP-A01:2017 - Injection",
                   "OWASP-A03:2021 - Injection",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.injection.tainted-sql-string.tainted-sql-string"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "problem-based-packs.insecure-transport.java-stdlib.unirest-http-request.unirest-http-request",
+              "name": "problem-based-packs.insecure-transport.java-stdlib.unirest-http-request.unirest-http-request",
+              "short_description": {
+                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.unirest-http-request.unirest-http-request"
               },
-              "fullDescription": {
-                "text": "Checks for redefinitions of the checkServerTrusted function in the X509TrustManager class that disables TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks."
+              "full_description": {
+                "text": "Checks for requests sent via Unirest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.unirest-http-request.unirest-http-request",
               "help": {
-                "markdown": "Checks for redefinitions of the checkServerTrusted function in the X509TrustManager class that disables TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.bypass-tls-verification.bypass-tls-verification)\n - [https://riptutorial.com/java/example/16517/temporarily-disable-ssl-verification--for-testing-purposes-](https://riptutorial.com/java/example/16517/temporarily-disable-ssl-verification--for-testing-purposes-)\n - [https://stackoverflow.com/questions/35530558/how-to-fix-unsafe-implementation-of-x509trustmanager-in-android-app?rq=1](https://stackoverflow.com/questions/35530558/how-to-fix-unsafe-implementation-of-x509trustmanager-in-android-app?rq=1)\n",
-                "text": "Checks for redefinitions of the checkServerTrusted function in the X509TrustManager class that disables TLS/SSL certificate verification. This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Checks for requests sent via Unirest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Checks for requests sent via Unirest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.unirest-http-request.unirest-http-request)\n - [https://kong.github.io/unirest-java/#requests](https://kong.github.io/unirest-java/#requests)\n"
               },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.bypass-tls-verification.bypass-tls-verification",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.bypass-tls-verification.bypass-tls-verification",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.bypass-tls-verification.bypass-tls-verification",
               "properties": {
                 "precision": "very-high",
                 "tags": [
@@ -28356,3473 +29580,3384 @@
                   "OWASP-A03:2017 - Sensitive Data Exposure",
                   "security"
                 ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.bypass-tls-verification.bypass-tls-verification"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "id": "php.lang.security.injection.tainted-session.tainted-session",
+              "name": "php.lang.security.injection.tainted-session.tainted-session",
+              "short_description": {
+                "text": "Semgrep Finding: php.lang.security.injection.tainted-session.tainted-session"
               },
-              "fullDescription": {
-                "text": "The `eval()` function evaluates JavaScript code represented as a string. Executing JavaScript from a string is an enormous security risk. It is far too easy for a bad actor to run arbitrary code when you use `eval()`. Ensure evaluated content is not definable by external sources."
+              "full_description": {
+                "text": "Session key based on user input risks session poisoning. The user can determine the key used for the session, and thus write any session variable. Session variables are typically trusted to be set only by the application, and manipulating the session can result in access control issues."
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
               },
+              "help_uri": "https://semgrep.dev/r/php.lang.security.injection.tainted-session.tainted-session",
               "help": {
-                "markdown": "The `eval()` function evaluates JavaScript code represented as a string. Executing JavaScript from a string is an enormous security risk. It is far too easy for a bad actor to run arbitrary code when you use `eval()`. Ensure evaluated content is not definable by external sources.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.aws-lambda.security.tainted-eval.tainted-eval)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "The `eval()` function evaluates JavaScript code represented as a string. Executing JavaScript from a string is an enormous security risk. It is far too easy for a bad actor to run arbitrary code when you use `eval()`. Ensure evaluated content is not definable by external sources.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+                "text": "Session key based on user input risks session poisoning. The user can determine the key used for the session, and thus write any session variable. Session variables are typically trusted to be set only by the application, and manipulating the session can result in access control issues.\n💎 Enable cross-file analysis and Pro rules for free at sg.run/pro",
+                "markdown": "Session key based on user input risks session poisoning. The user can determine the key used for the session, and thus write any session variable. Session variables are typically trusted to be set only by the application, and manipulating the session can result in access control issues.\n\n#### 💎 Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.injection.tainted-session.tainted-session)\n - [https://en.wikipedia.org/wiki/Session_poisoning](https://en.wikipedia.org/wiki/Session_poisoning)\n"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.aws-lambda.security.tainted-eval.tainted-eval",
-              "id": "javascript.aws-lambda.security.tainted-eval.tainted-eval",
-              "name": "javascript.aws-lambda.security.tainted-eval.tainted-eval",
               "properties": {
                 "precision": "very-high",
                 "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
+                  "CWE-284: Improper Access Control",
+                  "MEDIUM CONFIDENCE",
+                  "OWASP-A01:2021 - Broken Access Control",
                   "security"
                 ]
+              }
+            }
+          ]
+        }
+      },
+      "invocations": [
+        {
+          "execution_successful": true,
+          "toolExecutionNotifications": [
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.aws-lambda.security.tainted-eval.tainted-eval"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/XSS/xss_lab_3.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "fullDescription": {
-                "text": "The AWS EBS volume is unencrypted. The volume, the disk I/O and any derived snapshots could be read if compromised. Volumes should be encrypted to ensure sensitive data is stored securely."
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/AUTH/auth_lab_login.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "help": {
-                "markdown": "The AWS EBS volume is unencrypted. The volume, the disk I/O and any derived snapshots could be read if compromised. Volumes should be encrypted to ensure sensitive data is stored securely.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-ebs-volume-unencrypted.aws-ebs-volume-unencrypted)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n - [https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume#encrypted](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume#encrypted)\n - [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html)\n",
-                "text": "The AWS EBS volume is unencrypted. The volume, the disk I/O and any derived snapshots could be read if compromised. Volumes should be encrypted to ensure sensitive data is stored securely.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/csrf_dashboard.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-ebs-volume-unencrypted.aws-ebs-volume-unencrypted",
-              "id": "terraform.aws.security.aws-ebs-volume-unencrypted.aws-ebs-volume-unencrypted",
-              "name": "terraform.aws.security.aws-ebs-volume-unencrypted.aws-ebs-volume-unencrypted",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
-                  "security"
-                ]
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/A11/a11.html:1:\n `{% extends 'introduction/base.html' %} {% block content %} {% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-ebs-volume-unencrypted.aws-ebs-volume-unencrypted"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/A10/a10.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "fullDescription": {
-                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF), which could result in attackers gaining access to private organization data. To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request."
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A7_auth_failure/lab3.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "help": {
-                "markdown": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF), which could result in attackers gaining access to private organization data. To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.ssrf.ssrf-injection-urllib.ssrf-injection-urllib)\n - [https://owasp.org/www-community/attacks/Server_Side_Request_Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n",
-                "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF), which could result in attackers gaining access to private organization data. To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/A9/a9.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.ssrf.ssrf-injection-urllib.ssrf-injection-urllib",
-              "id": "python.django.security.injection.ssrf.ssrf-injection-urllib.ssrf-injection-urllib",
-              "name": "python.django.security.injection.ssrf.ssrf-injection-urllib.ssrf-injection-urllib",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
-                  "security"
-                ]
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/playground/A9/index.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.ssrf.ssrf-injection-urllib.ssrf-injection-urllib"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/DataExp/data_exp.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "fullDescription": {
-                "text": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity."
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_top17.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "help": {
-                "markdown": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.curl-eval.curl-eval)\n - [https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections](https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections)\n",
-                "text": "Data is being eval'd from a `curl` command. An attacker with control of the server in the `curl` command could inject malicious code into the `eval`, resulting in a system comrpomise. Avoid eval'ing untrusted data if you can. If you must do this, consider checking the SHA sum of the content returned by the server to verify its integrity.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A3_Injection/ssti_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "helpUri": "https://semgrep.dev/r/yaml.github-actions.security.curl-eval.curl-eval",
-              "id": "yaml.github-actions.security.curl-eval.curl-eval",
-              "name": "yaml.github-actions.security.curl-eval.curl-eval",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/ssrf/ssrf.html:1:\n `{% extends 'introduction/base.html' %} {% block content %} {% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.github-actions.security.curl-eval.curl-eval"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/A9/a9_lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "fullDescription": {
-                "text": "Network ACLs allow you to reduce your exposure to risk by limiting what can access your key vault. The default action of the Network ACL should be set to deny for when IPs are not matched. Azure services can be allowed to bypass."
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/desc.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "help": {
-                "markdown": "Network ACLs allow you to reduce your exposure to risk by limiting what can access your key vault. The default action of the Network ACL should be set to deny for when IPs are not matched. Azure services can be allowed to bypass.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-specify-network-acl.keyvault-specify-network-acl)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault#network_acls](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault#network_acls)\n - [https://docs.microsoft.com/en-us/azure/key-vault/general/network-security](https://docs.microsoft.com/en-us/azure/key-vault/general/network-security)\n",
-                "text": "Network ACLs allow you to reduce your exposure to risk by limiting what can access your key vault. The default action of the Network ACL should be set to deny for when IPs are not matched. Azure services can be allowed to bypass.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/XXE/xxe.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.keyvault.keyvault-specify-network-acl.keyvault-specify-network-acl",
-              "id": "terraform.azure.security.keyvault.keyvault-specify-network-acl.keyvault-specify-network-acl",
-              "name": "terraform.azure.security.keyvault.keyvault-specify-network-acl.keyvault-specify-network-acl",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-284: Improper Access Control",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
-                  "security"
-                ]
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/CMD/cmd.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
+              },
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A7_auth_failure/a7.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
+              },
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/introduction/base.html:2:\n `{% load static %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
+              },
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/sec_mis/sec_mis_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.keyvault.keyvault-specify-network-acl.keyvault-specify-network-acl"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "AWS Secret Access Key detected"
-              },
-              "help": {
-                "markdown": "AWS Secret Access Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-aws-secret-access-key.detected-aws-secret-access-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "AWS Secret Access Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-aws-secret-access-key.detected-aws-secret-access-key",
-              "id": "generic.secrets.security.detected-aws-secret-access-key.detected-aws-secret-access-key",
-              "name": "generic.secrets.security.detected-aws-secret-access-key.detected-aws-secret-access-key",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-aws-secret-access-key.detected-aws-secret-access-key"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'."
-              },
-              "help": {
-                "markdown": "Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n",
-                "text": "Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter",
-              "id": "go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter",
-              "name": "go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/XXE/xxe_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "By default, AWS DynamoDB Table is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your data in the DynamoDB table. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so."
-              },
-              "help": {
-                "markdown": "By default, AWS DynamoDB Table is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your data in the DynamoDB table. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-dynamodb-table-unencrypted.aws-dynamodb-table-unencrypted)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "By default, AWS DynamoDB Table is encrypted using AWS-managed keys. However, for added security, it's recommended to configure your own AWS KMS encryption key to protect your data in the DynamoDB table. You can either create a new aws_kms_key resource or use the ARN of an existing key in your AWS account to do so.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-dynamodb-table-unencrypted.aws-dynamodb-table-unencrypted",
-              "id": "terraform.aws.security.aws-dynamodb-table-unencrypted.aws-dynamodb-table-unencrypted",
-              "name": "terraform.aws.security.aws-dynamodb-table-unencrypted.aws-dynamodb-table-unencrypted",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-dynamodb-table-unencrypted.aws-dynamodb-table-unencrypted"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/CMD/cmd_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Found a request argument passed to an `ignore()` definition in a Rule constraint. This can lead to SQL injection."
-              },
-              "help": {
-                "markdown": "Found a request argument passed to an `ignore()` definition in a Rule constraint. This can lead to SQL injection.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.laravel.security.laravel-unsafe-validator.laravel-unsafe-validator)\n - [https://laravel.com/docs/9.x/validation#rule-unique](https://laravel.com/docs/9.x/validation#rule-unique)\n",
-                "text": "Found a request argument passed to an `ignore()` definition in a Rule constraint. This can lead to SQL injection.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/php.laravel.security.laravel-unsafe-validator.laravel-unsafe-validator",
-              "id": "php.laravel.security.laravel-unsafe-validator.laravel-unsafe-validator",
-              "name": "php.laravel.security.laravel-unsafe-validator.laravel-unsafe-validator",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.laravel.security.laravel-unsafe-validator.laravel-unsafe-validator"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/XSS/xss_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Seam Logging API support an expression language to introduce bean property to log messages. The expression language can also be the source to unwanted code execution. In this context, an expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
-              },
-              "help": {
-                "markdown": "Seam Logging API support an expression language to introduce bean property to log messages. The expression language can also be the source to unwanted code execution. In this context, an expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.jboss.security.seam-log-injection.seam-log-injection)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Seam Logging API support an expression language to introduce bean property to log messages. The expression language can also be the source to unwanted code execution. In this context, an expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.jboss.security.seam-log-injection.seam-log-injection",
-              "id": "java.jboss.security.seam-log-injection.seam-log-injection",
-              "name": "java.jboss.security.seam-log-injection.seam-log-injection",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.jboss.security.seam-log-injection.seam-log-injection"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure.html:1:\n `{% extends 'introduction/base.html' %} {% block content %} {% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "$VAULT.getPoolTokens() call on a Balancer pool is not protected from the read-only reentrancy."
-              },
-              "help": {
-                "markdown": "$VAULT.getPoolTokens() call on a Balancer pool is not protected from the read-only reentrancy.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.balancer-readonly-reentrancy-getpooltokens.balancer-readonly-reentrancy-getpooltokens)\n - [https://quillaudits.medium.com/decoding-sentiment-protocols-1-million-exploit-quillaudits-f36bee77d376](https://quillaudits.medium.com/decoding-sentiment-protocols-1-million-exploit-quillaudits-f36bee77d376)\n - [https://hackmd.io/@sentimentxyz/SJCySo1z2](https://hackmd.io/@sentimentxyz/SJCySo1z2)\n",
-                "text": "$VAULT.getPoolTokens() call on a Balancer pool is not protected from the read-only reentrancy.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/solidity.security.balancer-readonly-reentrancy-getpooltokens.balancer-readonly-reentrancy-getpooltokens",
-              "id": "solidity.security.balancer-readonly-reentrancy-getpooltokens.balancer-readonly-reentrancy-getpooltokens",
-              "name": "solidity.security.balancer-readonly-reentrancy-getpooltokens.balancer-readonly-reentrancy-getpooltokens",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-841: Improper Enforcement of Behavioral Workflow",
-                  "HIGH CONFIDENCE",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.balancer-readonly-reentrancy-getpooltokens.balancer-readonly-reentrancy-getpooltokens"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/AUTH/auth_lab_signup.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "'content_tag' exhibits unintuitive escaping behavior and may accidentally expose your application to cross-site scripting. If using Rails 2, only attribute values are escaped. If using Rails 3, content and attribute values are escaped. Tag and attribute names are never escaped. Because of this, it is recommended to use 'html_safe' if you must render raw HTML data."
-              },
-              "help": {
-                "markdown": "'content_tag' exhibits unintuitive escaping behavior and may accidentally expose your application to cross-site scripting. If using Rails 2, only attribute values are escaped. If using Rails 3, content and attribute values are escaped. Tag and attribute names are never escaped. Because of this, it is recommended to use 'html_safe' if you must render raw HTML data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-content-tag.avoid-content-tag)\n - [https://brakemanscanner.org/docs/warning_types/content_tag/](https://brakemanscanner.org/docs/warning_types/content_tag/)\n",
-                "text": "'content_tag' exhibits unintuitive escaping behavior and may accidentally expose your application to cross-site scripting. If using Rails 2, only attribute values are escaped. If using Rails 3, content and attribute values are escaped. Tag and attribute names are never escaped. Because of this, it is recommended to use 'html_safe' if you must render raw HTML data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.xss.templates.avoid-content-tag.avoid-content-tag",
-              "id": "ruby.rails.security.audit.xss.templates.avoid-content-tag.avoid-content-tag",
-              "name": "ruby.rails.security.audit.xss.templates.avoid-content-tag.avoid-content-tag",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.xss.templates.avoid-content-tag.avoid-content-tag"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/A9/a9_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted."
-              },
-              "help": {
-                "markdown": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-telnet-request.net-telnet-request)\n - [https://docs.ruby-lang.org/en/2.2.0/Net/Telnet.html](https://docs.ruby-lang.org/en/2.2.0/Net/Telnet.html)\n - [https://www.rubydoc.info/gems/net-ssh-telnet2/0.1.0/Net/SSH/Telnet](https://www.rubydoc.info/gems/net-ssh-telnet2/0.1.0/Net/SSH/Telnet)\n",
-                "text": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-telnet-request.net-telnet-request",
-              "id": "problem-based-packs.insecure-transport.ruby-stdlib.net-telnet-request.net-telnet-request",
-              "name": "problem-based-packs.insecure-transport.ruby-stdlib.net-telnet-request.net-telnet-request",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.ruby-stdlib.net-telnet-request.net-telnet-request"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/A10/a10_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Executing non-constant commands. This can lead to command injection."
-              },
-              "help": {
-                "markdown": "Executing non-constant commands. This can lead to command injection.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.exec-use.exec-use)\n - [https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/SystemExecFunctionsSniff.php](https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/SystemExecFunctionsSniff.php)\n",
-                "text": "Executing non-constant commands. This can lead to command injection.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.exec-use.exec-use",
-              "id": "php.lang.security.exec-use.exec-use",
-              "name": "php.lang.security.exec-use.exec-use",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.exec-use.exec-use"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/BrokenAccess/ba_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader."
-              },
-              "help": {
-                "markdown": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib3)\n",
-                "text": "Found usage of 'importlib.abc.ResourceReader'. This module is only available on Python 3.7+ and is therefore not backwards compatible. Instead, use another loader.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-importlib3",
-              "id": "python.lang.compatibility.python37.python37-compatibility-importlib3",
-              "name": "python.lang.compatibility.python37.python37-compatibility-importlib3",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-importlib3"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_lab_25.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `addInitScript` method it can result in Server-Side Request Forgery vulnerabilities"
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "help": {
-                "markdown": "If unverified user data can reach the `addInitScript` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.playwright.security.audit.playwright-addinitscript-code-injection.playwright-addinitscript-code-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `addInitScript` method it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_top9.html:1:\n `{% extends \"introduction/base.html\" %} \n{% load static %} \n{% block content %} \n{%block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "helpUri": "https://semgrep.dev/r/javascript.playwright.security.audit.playwright-addinitscript-code-injection.playwright-addinitscript-code-injection",
-              "id": "javascript.playwright.security.audit.playwright-addinitscript-code-injection.playwright-addinitscript-code-injection",
-              "name": "javascript.playwright.security.audit.playwright-addinitscript-code-injection.playwright-addinitscript-code-injection",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
-                  "security"
-                ]
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_top8.html:1:\n `{% extends \"introduction/base.html\" %} \n{% load static %} \n{% block content %} \n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.playwright.security.audit.playwright-addinitscript-code-injection.playwright-addinitscript-code-injection"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/A11/a11_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
-              },
-              "fullDescription": {
-                "text": "GCM detected, please check that IV/nonce is not reused, an Initialization Vector (IV) is a nonce used to randomize the encryption, so that even if multiple messages with identical plaintext are encrypted, the generated corresponding ciphertexts are different.Unlike the Key, the IV usually does not need to be secret, rather it is important that it is random and unique. Certain encryption schemes the IV is exchanged in public as part of the ciphertext. Reusing same Initialization Vector with the same Key to encrypt multiple plaintext blocks allows an attacker to compare the ciphertexts and then, with some assumptions on the content of the messages, to gain important information about the data being encrypted."
-              },
-              "help": {
-                "markdown": "GCM detected, please check that IV/nonce is not reused, an Initialization Vector (IV) is a nonce used to randomize the encryption, so that even if multiple messages with identical plaintext are encrypted, the generated corresponding ciphertexts are different.Unlike the Key, the IV usually does not need to be secret, rather it is important that it is random and unique. Certain encryption schemes the IV is exchanged in public as part of the ciphertext. Reusing same Initialization Vector with the same Key to encrypt multiple plaintext blocks allows an attacker to compare the ciphertexts and then, with some assumptions on the content of the messages, to gain important information about the data being encrypted.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/kotlin.lang.security.gcm-detection.gcm-detection)\n - [https://cwe.mitre.org/data/definitions/323.html](https://cwe.mitre.org/data/definitions/323.html)\n",
-                "text": "GCM detected, please check that IV/nonce is not reused, an Initialization Vector (IV) is a nonce used to randomize the encryption, so that even if multiple messages with identical plaintext are encrypted, the generated corresponding ciphertexts are different.Unlike the Key, the IV usually does not need to be secret, rather it is important that it is random and unique. Certain encryption schemes the IV is exchanged in public as part of the ciphertext. Reusing same Initialization Vector with the same Key to encrypt multiple plaintext blocks allows an attacker to compare the ciphertexts and then, with some assumptions on the content of the messages, to gain important information about the data being encrypted.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/kotlin.lang.security.gcm-detection.gcm-detection",
-              "id": "kotlin.lang.security.gcm-detection.gcm-detection",
-              "name": "kotlin.lang.security.gcm-detection.gcm-detection",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-323: Reusing a Nonce, Key Pair in Encryption",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: kotlin.lang.security.gcm-detection.gcm-detection"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/AUTH/auth_home.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Checks for outgoing connections to ftp servers with the 'net/ftp' package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol."
-              },
-              "help": {
-                "markdown": "Checks for outgoing connections to ftp servers with the 'net/ftp' package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-ftp-request.net-ftp-request)\n - [https://docs.ruby-lang.org/en/2.0.0/Net/FTP.html](https://docs.ruby-lang.org/en/2.0.0/Net/FTP.html)\n",
-                "text": "Checks for outgoing connections to ftp servers with the 'net/ftp' package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.ruby-stdlib.net-ftp-request.net-ftp-request",
-              "id": "problem-based-packs.insecure-transport.ruby-stdlib.net-ftp-request.net-ftp-request",
-              "name": "problem-based-packs.insecure-transport.ruby-stdlib.net-ftp-request.net-ftp-request",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.ruby-stdlib.net-ftp-request.net-ftp-request"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_top21.html:1:\n `{% extends \"introduction/base.html\" %}\n {% load static %} \n {% block content %} \n {% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Variable `$X` is likely modified and later used on error. In some cases this could result  in panics due to a nil dereference"
-              },
-              "help": {
-                "markdown": "Variable `$X` is likely modified and later used on error. In some cases this could result  in panics due to a nil dereference\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.invalid-usage-of-modified-variable.invalid-usage-of-modified-variable)\n - [https://blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/](https://blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/)\n",
-                "text": "Variable `$X` is likely modified and later used on error. In some cases this could result  in panics due to a nil dereference\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.invalid-usage-of-modified-variable.invalid-usage-of-modified-variable",
-              "id": "trailofbits.go.invalid-usage-of-modified-variable.invalid-usage-of-modified-variable",
-              "name": "trailofbits.go.invalid-usage-of-modified-variable.invalid-usage-of-modified-variable",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-665: Improper Initialization",
-                  "HIGH CONFIDENCE",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.invalid-usage-of-modified-variable.invalid-usage-of-modified-variable"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/playground/A7/index.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "The application processes user-input, this is passed to res.sendFile which can allow an attacker to arbitrarily read files on the system through path traversal. It is recommended to perform input validation in addition to canonicalizing the path. This allows you to validate the path against the intended directory it should be accessing."
-              },
-              "help": {
-                "markdown": "The application processes user-input, this is passed to res.sendFile which can allow an attacker to arbitrarily read files on the system through path traversal. It is recommended to perform input validation in addition to canonicalizing the path. This allows you to validate the path against the intended directory it should be accessing.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-res-sendfile.express-res-sendfile)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html)\n",
-                "text": "The application processes user-input, this is passed to res.sendFile which can allow an attacker to arbitrarily read files on the system through path traversal. It is recommended to perform input validation in addition to canonicalizing the path. This allows you to validate the path against the intended directory it should be accessing.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-res-sendfile.express-res-sendfile",
-              "id": "javascript.express.security.audit.express-res-sendfile.express-res-sendfile",
-              "name": "javascript.express.security.audit.express-res-sendfile.express-res-sendfile",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-73: External Control of File Name or Path",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-res-sendfile.express-res-sendfile"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/A10/a10_lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Generic API Key detected"
-              },
-              "help": {
-                "markdown": "Generic API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-generic-api-key.detected-generic-api-key)\n - [https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json](https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json)\n",
-                "text": "Generic API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-generic-api-key.detected-generic-api-key",
-              "id": "generic.secrets.security.detected-generic-api-key.detected-generic-api-key",
-              "name": "generic.secrets.security.detected-generic-api-key.detected-generic-api-key",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-generic-api-key.detected-generic-api-key"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A7_auth_failure/lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted."
-              },
-              "help": {
-                "markdown": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.telnet-request.telnet-request)\n - [https://www.npmjs.com/package/telnet](https://www.npmjs.com/package/telnet)\n - [https://www.npmjs.com/package/telnet-client](https://www.npmjs.com/package/telnet-client)\n",
-                "text": "Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.js-node.telnet-request.telnet-request",
-              "id": "problem-based-packs.insecure-transport.js-node.telnet-request.telnet-request",
-              "name": "problem-based-packs.insecure-transport.js-node.telnet-request.telnet-request",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.js-node.telnet-request.telnet-request"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_top3.html:1:\n `{% extends \"introduction/base.html\" %} \n{% load static %} \n{% block content %} \n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "note"
-              },
-              "fullDescription": {
-                "text": "Detected an AppService that was not configured to use a client certificate. Add `client_cert_enabled = true` in your resource block."
-              },
-              "help": {
-                "markdown": "Detected an AppService that was not configured to use a client certificate. Add `client_cert_enabled = true` in your resource block.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.azure.security.appservice.appservice-require-client-cert.appservice-require-client-cert)\n - [https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#client_cert_enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#client_cert_enabled)\n",
-                "text": "Detected an AppService that was not configured to use a client certificate. Add `client_cert_enabled = true` in your resource block.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/terraform.azure.security.appservice.appservice-require-client-cert.appservice-require-client-cert",
-              "id": "terraform.azure.security.appservice.appservice-require-client-cert.appservice-require-client-cert",
-              "name": "terraform.azure.security.appservice.appservice-require-client-cert.appservice-require-client-cert",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-295: Improper Certificate Validation",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.azure.security.appservice.appservice-require-client-cert.appservice-require-client-cert"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A3_Injection/injection.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries."
-              },
-              "help": {
-                "markdown": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://owasp.org/www-community/attacks/SQL_Injection](https://owasp.org/www-community/attacks/SQL_Injection)\n",
-                "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.injection.tainted-sql-string.tainted-sql-string",
-              "id": "javascript.express.security.injection.tainted-sql-string.tainted-sql-string",
-              "name": "javascript.express.security.injection.tainted-sql-string.tainted-sql-string",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.injection.tainted-sql-string.tainted-sql-string"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/ssrf/ssrf_discussion.html:1:\n `{% extends 'introduction/base.html' %} {% block content %} {% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected a user-controlled `filename` that could flow to `flask.send_file()` function. This could lead to an attacker reading arbitrary file from the system, leaking private information. Make sure to properly sanitize filename or use `flask.send_from_directory`"
-              },
-              "help": {
-                "markdown": "Detected a user-controlled `filename` that could flow to `flask.send_file()` function. This could lead to an attacker reading arbitrary file from the system, leaking private information. Make sure to properly sanitize filename or use `flask.send_from_directory`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.secure-static-file-serve.avoid_send_file_without_path_sanitization)\n - [https://owasp.org/Top10/A04_2021-Insecure_Design](https://owasp.org/Top10/A04_2021-Insecure_Design)\n",
-                "text": "Detected a user-controlled `filename` that could flow to `flask.send_file()` function. This could lead to an attacker reading arbitrary file from the system, leaking private information. Make sure to properly sanitize filename or use `flask.send_from_directory`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.secure-static-file-serve.avoid_send_file_without_path_sanitization",
-              "id": "python.flask.security.secure-static-file-serve.avoid_send_file_without_path_sanitization",
-              "name": "python.flask.security.secure-static-file-serve.avoid_send_file_without_path_sanitization",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-73: External Control of File Name or Path",
-                  "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.secure-static-file-serve.avoid_send_file_without_path_sanitization"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_3.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Checks for outgoing connections to ftp servers via Spring plugin ftpSessionFactory. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network."
-              },
-              "help": {
-                "markdown": "Checks for outgoing connections to ftp servers via Spring plugin ftpSessionFactory. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.spring-ftp-request.spring-ftp-request)\n - [https://docs.spring.io/spring-integration/api/org/springframework/integration/ftp/session/AbstractFtpSessionFactory.html#setClientMode-int-](https://docs.spring.io/spring-integration/api/org/springframework/integration/ftp/session/AbstractFtpSessionFactory.html#setClientMode-int-)\n",
-                "text": "Checks for outgoing connections to ftp servers via Spring plugin ftpSessionFactory. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-spring.spring-ftp-request.spring-ftp-request",
-              "id": "problem-based-packs.insecure-transport.java-spring.spring-ftp-request.spring-ftp-request",
-              "name": "problem-based-packs.insecure-transport.java-spring.spring-ftp-request.spring-ftp-request",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-spring.spring-ftp-request.spring-ftp-request"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Using an arbitrary object ('$PARAMTYPE $PARAM') with Java RMI is an insecure deserialization vulnerability. This object can be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON."
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "help": {
-                "markdown": "Using an arbitrary object ('$PARAMTYPE $PARAM') with Java RMI is an insecure deserialization vulnerability. This object can be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.rmi.security.server-dangerous-object-deserialization.server-dangerous-object-deserialization)\n - [https://frohoff.github.io/appseccali-marshalling-pickles/](https://frohoff.github.io/appseccali-marshalling-pickles/)\n - [https://book.hacktricks.xyz/network-services-pentesting/1099-pentesting-java-rmi](https://book.hacktricks.xyz/network-services-pentesting/1099-pentesting-java-rmi)\n - [https://youtu.be/t_aw1mDNhzI](https://youtu.be/t_aw1mDNhzI)\n - [https://github.com/qtc-de/remote-method-guesser](https://github.com/qtc-de/remote-method-guesser)\n - [https://github.com/openjdk/jdk/blob/master/src/java.rmi/share/classes/sun/rmi/server/UnicastRef.java#L303C4-L331](https://github.com/openjdk/jdk/blob/master/src/java.rmi/share/classes/sun/rmi/server/UnicastRef.java#L303C4-L331)\n",
-                "text": "Using an arbitrary object ('$PARAMTYPE $PARAM') with Java RMI is an insecure deserialization vulnerability. This object can be manipulated by a malicious actor allowing them to execute code on your system. Instead, use an integer ID to look up your object, or consider alternative serialization schemes such as JSON.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/BrokenAuth/bau.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "helpUri": "https://semgrep.dev/r/java.rmi.security.server-dangerous-object-deserialization.server-dangerous-object-deserialization",
-              "id": "java.rmi.security.server-dangerous-object-deserialization.server-dangerous-object-deserialization",
-              "name": "java.rmi.security.server-dangerous-object-deserialization.server-dangerous-object-deserialization",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
-                  "security"
-                ]
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_top2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.rmi.security.server-dangerous-object-deserialization.server-dangerous-object-deserialization"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "the `encoding` argument to Popen is only available on Python 3.6+"
-              },
-              "help": {
-                "markdown": "the `encoding` argument to Popen is only available on Python 3.6+\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-Popen2)\n",
-                "text": "the `encoding` argument to Popen is only available on Python 3.6+\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python36.python36-compatibility-Popen2",
-              "id": "python.lang.compatibility.python36.python36-compatibility-Popen2",
-              "name": "python.lang.compatibility.python36.python36-compatibility-Popen2",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python36.python36-compatibility-Popen2"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/XSS/xss.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements."
-              },
-              "help": {
-                "markdown": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection)\n - [https://sequelize.org/docs/v6/core-concepts/raw-queries/#replacements](https://sequelize.org/docs/v6/core-concepts/raw-queries/#replacements)\n",
-                "text": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection",
-              "id": "javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection",
-              "name": "javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/DataExp/data_exp_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected a template block where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Turn autoescaping on to prevent cross-site scripting (XSS). If you must do this, consider instead, using `mark_safe` in Python code."
-              },
-              "help": {
-                "markdown": "Detected a template block where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Turn autoescaping on to prevent cross-site scripting (XSS). If you must do this, consider instead, using `mark_safe` in Python code.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.template-autoescape-off.template-autoescape-off)\n - [https://docs.djangoproject.com/en/3.1/ref/templates/builtins/#autoescape](https://docs.djangoproject.com/en/3.1/ref/templates/builtins/#autoescape)\n",
-                "text": "Detected a template block where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Turn autoescaping on to prevent cross-site scripting (XSS). If you must do this, consider instead, using `mark_safe` in Python code.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.template-autoescape-off.template-autoescape-off",
-              "id": "python.django.security.audit.xss.template-autoescape-off.template-autoescape-off",
-              "name": "python.django.security.audit.xss.template-autoescape-off.template-autoescape-off",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.template-autoescape-off.template-autoescape-off"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/BrokenAccess/ba.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detects direct creations of SSLConnectionSocketFactories that don't disallow SSL v2, SSL v3, and TLS v1. SSLSocketFactory can be used to validate the identity of the HTTPS server against a list of trusted certificates. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities."
-              },
-              "help": {
-                "markdown": "Detects direct creations of SSLConnectionSocketFactories that don't disallow SSL v2, SSL v3, and TLS v1. SSLSocketFactory can be used to validate the identity of the HTTPS server against a list of trusted certificates. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions1.disallow-old-tls-versions1)\n - [https://stackoverflow.com/questions/26429751/java-http-clients-and-poodle](https://stackoverflow.com/questions/26429751/java-http-clients-and-poodle)\n",
-                "text": "Detects direct creations of SSLConnectionSocketFactories that don't disallow SSL v2, SSL v3, and TLS v1. SSLSocketFactory can be used to validate the identity of the HTTPS server against a list of trusted certificates. These protocols are deprecated due to POODLE, man in the middle attacks, and other vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions1.disallow-old-tls-versions1",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions1.disallow-old-tls-versions1",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions1.disallow-old-tls-versions1",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.disallow-old-tls-versions1.disallow-old-tls-versions1"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/SQL/sql.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims."
-              },
-              "help": {
-                "markdown": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.jwt.security.audit.jwt-decode-without-verify.ruby-jwt-decode-without-verify)\n - [https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures](https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures)\n",
-                "text": "Detected the decoding of a JWT token without a verify step. JWT tokens must be verified before use, otherwise the token's integrity is unknown. This means a malicious actor could forge a JWT token with any claims.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/ruby.jwt.security.audit.jwt-decode-without-verify.ruby-jwt-decode-without-verify",
-              "id": "ruby.jwt.security.audit.jwt-decode-without-verify.ruby-jwt-decode-without-verify",
-              "name": "ruby.jwt.security.audit.jwt-decode-without-verify.ruby-jwt-decode-without-verify",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-345: Insufficient Verification of Data Authenticity",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.jwt.security.audit.jwt-decode-without-verify.ruby-jwt-decode-without-verify"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/ssrf/ssrf_lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "FTP does not encrypt communications by default. This can lead to sensitive data being exposed. Ensure use of FTP here does not expose sensitive data."
-              },
-              "help": {
-                "markdown": "FTP does not encrypt communications by default. This can lead to sensitive data being exposed. Ensure use of FTP here does not expose sensitive data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.ftplib.ftplib)\n - [https://docs.python.org/3/library/telnetlib.html](https://docs.python.org/3/library/telnetlib.html)\n",
-                "text": "FTP does not encrypt communications by default. This can lead to sensitive data being exposed. Ensure use of FTP here does not expose sensitive data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.ftplib.ftplib",
-              "id": "python.lang.security.audit.ftplib.ftplib",
-              "name": "python.lang.security.audit.ftplib.ftplib",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.ftplib.ftplib"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/sec_mis/sec_mis_lab3.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "By letting user input control CORS parameters, there is a risk that software does not properly verify that the source of data or communication is valid. Use literal values for CORS settings."
-              },
-              "help": {
-                "markdown": "By letting user input control CORS parameters, there is a risk that software does not properly verify that the source of data or communication is valid. Use literal values for CORS settings.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.cors-misconfiguration.cors-misconfiguration)\n - [https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)\n",
-                "text": "By letting user input control CORS parameters, there is a risk that software does not properly verify that the source of data or communication is valid. Use literal values for CORS settings.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.cors-misconfiguration.cors-misconfiguration",
-              "id": "javascript.express.security.cors-misconfiguration.cors-misconfiguration",
-              "name": "javascript.express.security.cors-misconfiguration.cors-misconfiguration",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-346: Origin Validation Error",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.cors-misconfiguration.cors-misconfiguration"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_top25.html:1:\n `{% extends \"introduction/base.html\" %} \n{% load static %} \n{% block content %}\n{%block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host."
-              },
-              "help": {
-                "markdown": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.tainted-url-host.tainted-url-host)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html)\n",
-                "text": "User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server runnig this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts hardcode the correct host.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.tainted-url-host.tainted-url-host",
-              "id": "python.django.security.injection.tainted-url-host.tainted-url-host",
-              "name": "python.django.security.injection.tainted-url-host.tainted-url-host",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.tainted-url-host.tainted-url-host"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A3_Injection/ssti.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications."
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "help": {
-                "markdown": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/clojure.lang.security.use-of-sha1.use-of-sha1)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)\n",
-                "text": "Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Instead, use PBKDF2 for password hashing or SHA256 or SHA512 for other hash function applications.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_lab_17.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "helpUri": "https://semgrep.dev/r/clojure.lang.security.use-of-sha1.use-of-sha1",
-              "id": "clojure.lang.security.use-of-sha1.use-of-sha1",
-              "name": "clojure.lang.security.use-of-sha1.use-of-sha1",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "CWE-328: Use of Weak Hash",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/ssrf/ssrf_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: clojure.lang.security.use-of-sha1.use-of-sha1"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/sec_mis/sec_mis.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "fullDescription": {
-                "text": "Detected 'io.WriteString()' writing directly to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users."
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_top4.html:1:\n `{% extends \"introduction/base.html\" %} {% load static %} {% block content %} \n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "help": {
-                "markdown": "Detected 'io.WriteString()' writing directly to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.no-io-writestring-to-responsewriter.no-io-writestring-to-responsewriter)\n - [https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/](https://blogtitle.github.io/robn-go-security-pearls-cross-site-scripting-xss/)\n - [https://golang.org/pkg/io/#WriteString](https://golang.org/pkg/io/#WriteString)\n",
-                "text": "Detected 'io.WriteString()' writing directly to 'http.ResponseWriter'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package to render data to users.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/AUTH/auth_success.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.xss.no-io-writestring-to-responsewriter.no-io-writestring-to-responsewriter",
-              "id": "go.lang.security.audit.xss.no-io-writestring-to-responsewriter.no-io-writestring-to-responsewriter",
-              "name": "go.lang.security.audit.xss.no-io-writestring-to-responsewriter.no-io-writestring-to-responsewriter",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/AUTH/auth_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.xss.no-io-writestring-to-responsewriter.no-io-writestring-to-responsewriter"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/registration/register.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %} \n\n{% load crispy_forms_tags %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
-              },
-              "help": {
-                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli",
-              "id": "java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli",
-              "name": "java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/CMD/cmd_lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Semgrep found a bash reverse shell"
-              },
-              "help": {
-                "markdown": "Semgrep found a bash reverse shell\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.ci.security.bash-reverse-shell.bash_reverse_shell)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Semgrep found a bash reverse shell\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/generic.ci.security.bash-reverse-shell.bash_reverse_shell",
-              "id": "generic.ci.security.bash-reverse-shell.bash_reverse_shell",
-              "name": "generic.ci.security.bash-reverse-shell.bash_reverse_shell",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.ci.security.bash-reverse-shell.bash_reverse_shell"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/BrokenAuth/bau_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Service '$SERVICE' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this."
-              },
-              "help": {
-                "markdown": "Service '$SERVICE' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.docker-compose.security.no-new-privileges.no-new-privileges)\n - [https://raesene.github.io/blog/2019/06/01/docker-capabilities-and-no-new-privs/](https://raesene.github.io/blog/2019/06/01/docker-capabilities-and-no-new-privs/)\n - [https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag)\n",
-                "text": "Service '$SERVICE' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/yaml.docker-compose.security.no-new-privileges.no-new-privileges",
-              "id": "yaml.docker-compose.security.no-new-privileges.no-new-privileges",
-              "name": "yaml.docker-compose.security.no-new-privileges.no-new-privileges",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-732: Incorrect Permission Assignment for Critical Resource",
-                  "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "OWASP-A06:2017 - Security Misconfiguration",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.docker-compose.security.no-new-privileges.no-new-privileges"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/lab2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "This server configuration is missing the 'ssl_protocols' directive. By default, this server will use 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2', and versions older than TLSv1.2 are known to be broken. Explicitly specify 'ssl_protocols TLSv1.2 TLSv1.3' to use secure TLS versions."
-              },
-              "help": {
-                "markdown": "This server configuration is missing the 'ssl_protocols' directive. By default, this server will use 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2', and versions older than TLSv1.2 are known to be broken. Explicitly specify 'ssl_protocols TLSv1.2 TLSv1.3' to use secure TLS versions.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.missing-ssl-version.missing-ssl-version)\n - [https://www.acunetix.com/blog/web-security-zone/hardening-nginx/](https://www.acunetix.com/blog/web-security-zone/hardening-nginx/)\n - [https://nginx.org/en/docs/http/configuring_https_servers.html](https://nginx.org/en/docs/http/configuring_https_servers.html)\n",
-                "text": "This server configuration is missing the 'ssl_protocols' directive. By default, this server will use 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2', and versions older than TLSv1.2 are known to be broken. Explicitly specify 'ssl_protocols TLSv1.2 TLSv1.3' to use secure TLS versions.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/generic.nginx.security.missing-ssl-version.missing-ssl-version",
-              "id": "generic.nginx.security.missing-ssl-version.missing-ssl-version",
-              "name": "generic.nginx.security.missing-ssl-version.missing-ssl-version",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.nginx.security.missing-ssl-version.missing-ssl-version"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/SQL/sql_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher."
-              },
-              "help": {
-                "markdown": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.pycryptodome.security.insufficient-rsa-key-size.insufficient-rsa-key-size)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n",
-                "text": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.pycryptodome.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
-              "id": "python.pycryptodome.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
-              "name": "python.pycryptodome.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.pycryptodome.security.insufficient-rsa-key-size.insufficient-rsa-key-size"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "warning"
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "fullDescription": {
-                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions."
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A3_Injection/sql_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "help": {
-                "markdown": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.symfony.security.audit.symfony-permissive-cors.symfony-permissive-cors)\n - [https://developer.mozilla.org/ru/docs/Web/HTTP/Headers/Access-Control-Allow-Origin](https://developer.mozilla.org/ru/docs/Web/HTTP/Headers/Access-Control-Allow-Origin)\n",
-                "text": "Access-Control-Allow-Origin response header is set to \"*\". This will disable CORS Same Origin Policy restrictions.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/registration/login.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% load crispy_forms_tags %}\n{% load socialaccount %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "helpUri": "https://semgrep.dev/r/php.symfony.security.audit.symfony-permissive-cors.symfony-permissive-cors",
-              "id": "php.symfony.security.audit.symfony-permissive-cors.symfony-permissive-cors",
-              "name": "php.symfony.security.audit.symfony-permissive-cors.symfony-permissive-cors",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-346: Origin Validation Error",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab3.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.symfony.security.audit.symfony-permissive-cors.symfony-permissive-cors"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/XSS/xss_lab_2.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
               }
             },
             {
-              "defaultConfiguration": {
-                "level": "error"
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "fullDescription": {
-                "text": "Cross-site scripting detected in HttpServletResponse writer with variable '$VAR'. User input was detected going directly from the HttpServletRequest into output. Ensure your data is properly encoded using org.owasp.encoder.Encode.forHtml: 'Encode.forHtml($VAR)'."
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/insec_des/insec_des.html:1:\n `{% extends 'introduction/base.html' %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "help": {
-                "markdown": "Cross-site scripting detected in HttpServletResponse writer with variable '$VAR'. User input was detected going directly from the HttpServletRequest into output. Ensure your data is properly encoded using org.owasp.encoder.Encode.forHtml: 'Encode.forHtml($VAR)'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.servletresponse-writer-xss.servletresponse-writer-xss)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Cross-site scripting detected in HttpServletResponse writer with variable '$VAR'. User input was detected going directly from the HttpServletRequest into output. Ensure your data is properly encoded using org.owasp.encoder.Encode.forHtml: 'Encode.forHtml($VAR)'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_top6.html:1:\n `{% extends \"introduction/base.html\" %} \n{% load static %} \n{% block content %} \n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.servletresponse-writer-xss.servletresponse-writer-xss",
-              "id": "java.lang.security.servletresponse-writer-xss.servletresponse-writer-xss",
-              "name": "java.lang.security.servletresponse-writer-xss.servletresponse-writer-xss",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/mitre/mitre_top14.html:1:\n `{% extends \"introduction/base.html\" %}\n{% load static %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            },
+            {
+              "descriptor": {
+                "id": "Syntax error"
               },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.servletresponse-writer-xss.servletresponse-writer-xss"
+              "level": "warning",
+              "message": {
+                "text": "Syntax error at line introduction/templates/Lab/insec_des/insec_des_lab.html:1:\n `{% extends \"introduction/base.html\" %}\n{% block content %}\n{% block title %}` was unexpected"
+              }
+            }
+          ]
+        }
+      ],
+      "results": [
+        {
+          "rule_id": "yaml.docker-compose.security.no-new-privileges.no-new-privileges",
+          "message": {
+            "text": "Service 'db' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "docker-compose.yml",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 4,
+                  "start_column": 3,
+                  "end_line": 4,
+                  "end_column": 5,
+                  "snippet": {
+                    "text": "  db:"
+                  }
+                }
+              }
+            }
+          ],
+          "guid": "b3a640be-1277-40c6-abea-7262503ef293",
+          "fingerprints": {
+            "matchBasedId/v1": "0b3b792daab2dc62fd32d3312b5f93adeaaf3cc56f473f8ee518dbf61d96ade648a3e2d21315c12e5e60c401facd36ad19f9c2d5785bd72732b6b486aa7254be_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service",
+          "message": {
+            "text": "Service 'db' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "docker-compose.yml",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 4,
+                  "start_column": 3,
+                  "end_line": 4,
+                  "end_column": 5,
+                  "snippet": {
+                    "text": "  db:"
+                  }
+                }
+              }
+            }
+          ],
+          "guid": "c28c5c39-0850-4511-9c8a-2931ba418d25",
+          "fingerprints": {
+            "matchBasedId/v1": "a4c9a5b5da893201bcf0908973bfd478af5ce99508d5c1313c871a7cd96bf620cc2c844d70e6da41d1f6e470eed9006460a3c74048353a89477dec781d9b1505_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "yaml.docker-compose.security.no-new-privileges.no-new-privileges",
+          "message": {
+            "text": "Service 'web' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "docker-compose.yml",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 12,
+                  "start_column": 3,
+                  "end_line": 12,
+                  "end_column": 6,
+                  "snippet": {
+                    "text": "  web:"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "9d542506-45d2-4838-8b4f-f40a8c8bca83",
+          "fingerprints": {
+            "matchBasedId/v1": "87736b9d8cef31303e2d599e7507f7bb57a34861c06065179e905e836b2b11e3b8602d15a33bdd67ab003bc51353aeff42e128d7b5524e0ccdb4ada621866678_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service",
+          "message": {
+            "text": "Service 'web' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead."
-              },
-              "help": {
-                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insecure-hash-algorithms-md5.insecure-hash-algorithm-md5)\n - [https://cryptography.io/en/latest/hazmat/primitives/cryptographic-hashes/#md5](https://cryptography.io/en/latest/hazmat/primitives/cryptographic-hashes/#md5)\n - [https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)\n - [https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability](https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability)\n - [http://2012.sharcs.org/slides/stevens.pdf](http://2012.sharcs.org/slides/stevens.pdf)\n - [https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html](https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html)\n",
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.cryptography.security.insecure-hash-algorithms-md5.insecure-hash-algorithm-md5",
-              "id": "python.cryptography.security.insecure-hash-algorithms-md5.insecure-hash-algorithm-md5",
-              "name": "python.cryptography.security.insecure-hash-algorithms-md5.insecure-hash-algorithm-md5",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.cryptography.security.insecure-hash-algorithms-md5.insecure-hash-algorithm-md5"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "docker-compose.yml",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 12,
+                  "start_column": 3,
+                  "end_line": 12,
+                  "end_column": 6,
+                  "snippet": {
+                    "text": "  web:"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "92e1e0dc-1234-45a3-95e4-123b13372c49",
+          "fingerprints": {
+            "matchBasedId/v1": "56fce689fc6a4b07a3924c13c3ea6690b223f4fd2486fd71d596bcef142827c266921a13c9b96a0fd52786ca62cb124d6b86b27361e81f6bc9c9b8756921e6e6_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "yaml.docker-compose.security.no-new-privileges.no-new-privileges",
+          "message": {
+            "text": "Service 'migration' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected use of an insecure SSL version. Secure SSL versions are TLSv1.2 and TLS1.3; older versions are known to be broken and are susceptible to attacks. Prefer use of TLSv1.2 or later."
-              },
-              "help": {
-                "markdown": "Detected use of an insecure SSL version. Secure SSL versions are TLSv1.2 and TLS1.3; older versions are known to be broken and are susceptible to attacks. Prefer use of TLSv1.2 or later.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.nginx.security.insecure-ssl-version.insecure-ssl-version)\n - [https://www.acunetix.com/blog/web-security-zone/hardening-nginx/](https://www.acunetix.com/blog/web-security-zone/hardening-nginx/)\n - [https://www.acunetix.com/blog/articles/tls-ssl-cipher-hardening/](https://www.acunetix.com/blog/articles/tls-ssl-cipher-hardening/)\n",
-                "text": "Detected use of an insecure SSL version. Secure SSL versions are TLSv1.2 and TLS1.3; older versions are known to be broken and are susceptible to attacks. Prefer use of TLSv1.2 or later.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/generic.nginx.security.insecure-ssl-version.insecure-ssl-version",
-              "id": "generic.nginx.security.insecure-ssl-version.insecure-ssl-version",
-              "name": "generic.nginx.security.insecure-ssl-version.insecure-ssl-version",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.nginx.security.insecure-ssl-version.insecure-ssl-version"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "docker-compose.yml",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 23,
+                  "start_column": 3,
+                  "end_line": 23,
+                  "end_column": 12,
+                  "snippet": {
+                    "text": "  migration:"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "f382d589-b078-44a0-93f8-8a92f77f71f2",
+          "fingerprints": {
+            "matchBasedId/v1": "23591327960ac4a8c9e6e4083739f90aba07d5e0f7cb69bf911ba42873c706a39fcbf591acefe665a018640dee047e1f58eefc5644b91d3969db5542fc9c42bb_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service",
+          "message": {
+            "text": "Service 'migration' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "XML processor being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Parsers can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality."
-              },
-              "help": {
-                "markdown": "XML processor being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Parsers can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.lang.security.audit.sax-dtd-enabled.sax-dtd-enabled)\n - [https://owasp.org/Top10/A05_2021-Security_Misconfiguration](https://owasp.org/Top10/A05_2021-Security_Misconfiguration)\n",
-                "text": "XML processor being instantiated without calling the `setFeature` functions that are generally used for disabling entity processing. User controlled data in XML Parsers can result in XML Internal Entity Processing vulnerabilities like the disclosure of confidential data, denial of service, Server Side Request Forgery (SSRF), port scanning. Make sure to disable entity processing functionality.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/scala.lang.security.audit.sax-dtd-enabled.sax-dtd-enabled",
-              "id": "scala.lang.security.audit.sax-dtd-enabled.sax-dtd-enabled",
-              "name": "scala.lang.security.audit.sax-dtd-enabled.sax-dtd-enabled",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.lang.security.audit.sax-dtd-enabled.sax-dtd-enabled"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "docker-compose.yml",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 23,
+                  "start_column": 3,
+                  "end_line": 23,
+                  "end_column": 12,
+                  "snippet": {
+                    "text": "  migration:"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "d7e1fc2e-ab9e-462e-a00b-0ec9dad9493b",
+          "fingerprints": {
+            "matchBasedId/v1": "983066f423cf6b5efbb7d4170512c6e7f27ec55f30b8b1d9abbaaf973915139eaca485929b450dc8adb04f90f0e65522a18973145462567a04914d940fdf484b_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`db.Query(\"SELECT * FROM t WHERE id = ?\", id)`) or a safe library."
-              },
-              "help": {
-                "markdown": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`db.Query(\"SELECT * FROM t WHERE id = ?\", id)`) or a safe library.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.injection.tainted-sql-string.tainted-sql-string)\n - [https://golang.org/doc/database/sql-injection](https://golang.org/doc/database/sql-injection)\n - [https://www.stackhawk.com/blog/golang-sql-injection-guide-examples-and-prevention/](https://www.stackhawk.com/blog/golang-sql-injection-guide-examples-and-prevention/)\n",
-                "text": "User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`db.Query(\"SELECT * FROM t WHERE id = ?\", id)`) or a safe library.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.injection.tainted-sql-string.tainted-sql-string",
-              "id": "go.lang.security.injection.tainted-sql-string.tainted-sql-string",
-              "name": "go.lang.security.injection.tainted-sql-string.tainted-sql-string",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.injection.tainted-sql-string.tainted-sql-string"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/apis.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 17,
+                  "start_column": 1,
+                  "end_line": 49,
+                  "end_column": 77,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef ssrf_code_checker(request):\n    if request.user.is_authenticated:\n        if request.method == 'POST':\n            python_code = request.POST['python_code']\n            html_code = request.POST['html_code']\n            if not (ssrf_code_converter(python_code)):\n                return JsonResponse({\"status\": \"error\", \"message\": \"Invalid code\"})\n            test_bench1 = ssrf_html_input_extractor(html_code)\n            \n            if (len(test_bench1) >4):\n                return JsonResponse({'message':'too many inputs in Html\\n Try again'},status = 400)\n            test_bench2 = ['secret.txt']\n            correct_output1 = [{\"blog\": \"blog1-passed\"}, {\"blog\": \"blog2-passed\"}, {\"blog\": \"blog3-passed\"}, {\"blog\": \"blog4-passed\"}]\n            outputs = []\n            for inputs in test_bench1:\n                outputs.append(main.ssrf_lab(inputs))\n            if outputs == correct_output1:\n                outputs = []\n            else:\n                return JsonResponse({'message':'Testbench failed, Code is not working\\n Try again'},status = 200)\n\n            correct_output2 = [{\"blog\": \"No blog found\"}]\n            for inputs in test_bench2:\n                outputs.append(main.ssrf_lab(inputs))\n            if outputs == correct_output2:\n                return JsonResponse({'message':'Congratulation, you have written a secure code.', 'passed':1}, status = 200)\n            \n            return JsonResponse({'message':'Test bench passed but the code is not secure'}, status = 200,safe = False)\n        else:\n            return JsonResponse({'message':'method not allowed'},status = 405)\n    else:\n        return JsonResponse({'message':'UnAuthenticated User'},status = 401)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "2827625b-cc55-4984-b1c0-7251b444ea0d",
+          "fingerprints": {
+            "matchBasedId/v1": "2d3b14853f00deaed8ccf36ecba7dcb9ac1f79dd8f9dfed4ce707078e2327b467ecd8b67f9da30d18f24c9dfcd59ec6b374479c7c00c5b11d59bd55591d592f7_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "The application exports an activity. Any application on the device can launch the exported activity which may compromise the integrity of your application or its data.  Ensure that any exported activities do not have privileged access to your application's control plane."
-              },
-              "help": {
-                "markdown": "The application exports an activity. Any application on the device can launch the exported activity which may compromise the integrity of your application or its data.  Ensure that any exported activities do not have privileged access to your application's control plane.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.android.security.exported_activity.exported_activity)\n - [https://cwe.mitre.org/data/definitions/926.html](https://cwe.mitre.org/data/definitions/926.html)\n",
-                "text": "The application exports an activity. Any application on the device can launch the exported activity which may compromise the integrity of your application or its data.  Ensure that any exported activities do not have privileged access to your application's control plane.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.android.security.exported_activity.exported_activity",
-              "id": "java.android.security.exported_activity.exported_activity",
-              "name": "java.android.security.exported_activity.exported_activity",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-926: Improper Export of Android Application Components",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A5:2021 Security Misconfiguration",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.android.security.exported_activity.exported_activity"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/apis.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 54,
+                  "start_column": 1,
+                  "end_line": 85,
+                  "end_column": 75,
+                  "snippet": {
+                    "text": "@csrf_exempt\n# @authentication_decorator\ndef log_function_checker(request):\n    if request.method == 'POST':\n        csrf_token = request.POST.get(\"csrfmiddlewaretoken\")\n        log_code = request.POST.get('log_code')\n        api_code = request.POST.get('api_code')\n        dirname = os.path.dirname(__file__)\n        log_filename = os.path.join(dirname, \"playground/A9/main.py\")\n        api_filename = os.path.join(dirname, \"playground/A9/api.py\")\n        f = open(log_filename,\"w\")\n        f.write(log_code)\n        f.close()\n        f = open(api_filename,\"w\")\n        f.write(api_code)\n        f.close()\n        # Clearing the log file before starting the test\n        f = open('test.log', 'w')\n        f.write(\"\")\n        f.close()\n        url = \"http://127.0.0.1:8000/2021/discussion/A9/target\"\n        payload={'csrfmiddlewaretoken': csrf_token }\n        requests.request(\"GET\", url)\n        requests.request(\"POST\", url)\n        requests.request(\"PATCH\", url, data=payload)\n        requests.request(\"DELETE\", url)\n        f = open('test.log', 'r')\n        lines = f.readlines()\n        f.close()\n        return JsonResponse({\"message\":\"success\", \"logs\": lines},status = 200)\n    else:\n        return JsonResponse({\"message\":\"method not allowed\"},status = 405)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "cefd2682-2733-48b1-9ae4-e54d1bfd0d2a",
+          "fingerprints": {
+            "matchBasedId/v1": "8bef469d6d835477cac185d6919da13bee63f0474dea5ad5a7e80ddb846a6bcbcffada06739a0503b965af22f8e3703864693d197c755a56b92285b175120465_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.request-data-write.request-data-write",
+          "message": {
+            "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "SoftLayer API Key detected"
-              },
-              "help": {
-                "markdown": "SoftLayer API Key detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-softlayer-api-key.detected-softlayer-api-key)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "SoftLayer API Key detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-softlayer-api-key.detected-softlayer-api-key",
-              "id": "generic.secrets.security.detected-softlayer-api-key.detected-softlayer-api-key",
-              "name": "generic.secrets.security.detected-softlayer-api-key.detected-softlayer-api-key",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-softlayer-api-key.detected-softlayer-api-key"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/apis.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 59,
+                  "start_column": 9,
+                  "end_line": 65,
+                  "end_column": 26,
+                  "snippet": {
+                    "text": "        log_code = request.POST.get('log_code')\n        api_code = request.POST.get('api_code')\n        dirname = os.path.dirname(__file__)\n        log_filename = os.path.join(dirname, \"playground/A9/main.py\")\n        api_filename = os.path.join(dirname, \"playground/A9/api.py\")\n        f = open(log_filename,\"w\")\n        f.write(log_code)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "7117984a-4667-4ee9-9831-0f635e614fc0",
+          "fingerprints": {
+            "matchBasedId/v1": "be4638bf4115ae8bafc33af11f84fbfbc7792f505c9091259a25a6d37937aa36a91d4af2ffcb34b4b70b6692d4c060db72aec0193b7c974a3531f187c67fab18_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.request-data-write.request-data-write",
+          "message": {
+            "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/apis.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 60,
+                  "start_column": 9,
+                  "end_line": 68,
+                  "end_column": 26,
+                  "snippet": {
+                    "text": "        api_code = request.POST.get('api_code')\n        dirname = os.path.dirname(__file__)\n        log_filename = os.path.join(dirname, \"playground/A9/main.py\")\n        api_filename = os.path.join(dirname, \"playground/A9/api.py\")\n        f = open(log_filename,\"w\")\n        f.write(log_code)\n        f.close()\n        f = open(api_filename,\"w\")\n        f.write(api_code)"
+                  }
+                }
+              }
+            }
+          ],
+          "guid": "bafdb5fd-cc45-43f6-9c96-478af71027f9",
+          "fingerprints": {
+            "matchBasedId/v1": "389b5dda2e9be773649bb510fd6f13d489003311f98db6586b79854c3098639a59b3fa71c0f3d21118c6c00de5c31ba38e40cc3056ca0aa30218ad26d1f96741_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Ensure AWS Sagemaker domains are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation."
-              },
-              "help": {
-                "markdown": "Ensure AWS Sagemaker domains are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-sagemaker-domain-encrypted-with-cmk.aws-sagemaker-domain-encrypted-with-cmk)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Ensure AWS Sagemaker domains are encrypted at rest using KMS CMKs. CMKs gives you control over the encryption key in terms of access and rotation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-sagemaker-domain-encrypted-with-cmk.aws-sagemaker-domain-encrypted-with-cmk",
-              "id": "terraform.aws.security.aws-sagemaker-domain-encrypted-with-cmk.aws-sagemaker-domain-encrypted-with-cmk",
-              "name": "terraform.aws.security.aws-sagemaker-domain-encrypted-with-cmk.aws-sagemaker-domain-encrypted-with-cmk",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-sagemaker-domain-encrypted-with-cmk.aws-sagemaker-domain-encrypted-with-cmk"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/apis.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 88,
+                  "start_column": 1,
+                  "end_line": 104,
+                  "end_column": 60,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef A7_disscussion_api(request):\n    if request.method != 'POST':\n        return JsonResponse({\"message\":\"method not allowed\"},status = 405)\n\n    try:\n        code = request.POST.get('code')\n    except:\n        return JsonResponse({\"message\":\"missing code\"},status = 400)\n\n    search_snipet = \"AF_session_id.objects.get(sesssion_id = cookie).delete()\"\n    search_snipet2 = \"AF_session_id.objects.get(sesssion_id=cookie).delete()\"\n\n    if (search_snipet in code) or (search_snipet2 in code):\n        return JsonResponse({\"message\":\"success\"},status = 200)\n\n    return JsonResponse({\"message\":\"failure\"},status = 400)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "edf07831-0b11-4621-96f1-fc2843427d7e",
+          "fingerprints": {
+            "matchBasedId/v1": "ffeb2d134aefc2f19a38d3f546112cb166327a14205f7ad6263f22a91836cbb702497984fa78f8810f5a33cc08e8f5ebd884e01932ab35d29ad834a7a23f18e0_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected string concatenation with a non-literal variable in a Doctrine DBAL query method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead."
-              },
-              "help": {
-                "markdown": "Detected string concatenation with a non-literal variable in a Doctrine DBAL query method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.doctrine.security.audit.doctrine-dbal-dangerous-query.doctrine-dbal-dangerous-query)\n - [https://www.doctrine-project.org/projects/doctrine-dbal/en/current/reference/security.html](https://www.doctrine-project.org/projects/doctrine-dbal/en/current/reference/security.html)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n",
-                "text": "Detected string concatenation with a non-literal variable in a Doctrine DBAL query method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/php.doctrine.security.audit.doctrine-dbal-dangerous-query.doctrine-dbal-dangerous-query",
-              "id": "php.doctrine.security.audit.doctrine-dbal-dangerous-query.doctrine-dbal-dangerous-query",
-              "name": "php.doctrine.security.audit.doctrine-dbal-dangerous-query.doctrine-dbal-dangerous-query",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.doctrine.security.audit.doctrine-dbal-dangerous-query.doctrine-dbal-dangerous-query"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/apis.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 107,
+                  "start_column": 1,
+                  "end_line": 118,
+                  "end_column": 64,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef A6_disscussion_api(request):\n    test_bench = [\"Pillow==8.0.0\",\"PyJWT==2.4.0\",\"requests==2.28.0\",\"Django==4.0.4\"]\n    \n    try:\n        result = check_vuln(test_bench)\n        print(len(result))\n        if result:\n            return JsonResponse({\"message\":\"success\",\"vulns\":result},status = 200)\n        return JsonResponse({\"message\":\"failure\"},status = 400)\n    except Exception as e:\n        return JsonResponse({\"message\":\"failure\"},status = 400)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "0adb9f51-2574-4e43-b0c3-cbcabd1d324b",
+          "fingerprints": {
+            "matchBasedId/v1": "877c489a52f15be13e30584b03ca34e1d3715584b02608de6d659ba7a9df51ec98b5ea74b1f166c71aba308a10391b951aba2848d1317a11ce1c95860a5ffb02_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher."
-              },
-              "help": {
-                "markdown": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.cryptography.security.insufficient-rsa-key-size.insufficient-rsa-key-size)\n - [https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/](https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/)\n - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)\n",
-                "text": "Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.cryptography.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
-              "id": "python.cryptography.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
-              "name": "python.cryptography.security.insufficient-rsa-key-size.insufficient-rsa-key-size",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.cryptography.security.insufficient-rsa-key-size.insufficient-rsa-key-size"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/apis.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 120,
+                  "start_column": 1,
+                  "end_line": 133,
+                  "end_column": 60,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef A6_disscussion_api_2(request):\n    if request.method != 'POST':\n        return JsonResponse({\"message\":\"method not allowed\"},status = 405)\n    try:\n        code = request.POST.get('code')\n        dirname = os.path.dirname(__file__)\n        filename = os.path.join(dirname, \"playground/A6/utility.py\")\n        f = open(filename,\"w\")\n        f.write(code)\n        f.close()\n    except:\n        return JsonResponse({\"message\":\"missing code\"},status = 400)\n    return JsonResponse({\"message\":\"success\"},status = 200)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "17d65667-b693-42e5-b2df-d268fb04a8fa",
+          "fingerprints": {
+            "matchBasedId/v1": "c361f237adbf5148745cf5fc72982323a355e01330d72810c8e2f64ce43520e119e884f6910767101afbff87c791d71dc92328079ee35b223a18404f39f82e28_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.request-data-write.request-data-write",
+          "message": {
+            "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context()' instead."
-              },
-              "help": {
-                "markdown": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context()' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.paramiko.paramiko-exec-command.paramiko-exec-command)\n - [http://docs.paramiko.org/en/stable/api/client.html#paramiko.client.SSHClient.exec_command](http://docs.paramiko.org/en/stable/api/client.html#paramiko.client.SSHClient.exec_command)\n - [https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/plugins/injection_paramiko.py](https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/plugins/injection_paramiko.py)\n",
-                "text": "Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context()' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.paramiko.paramiko-exec-command.paramiko-exec-command",
-              "id": "python.lang.security.audit.paramiko.paramiko-exec-command.paramiko-exec-command",
-              "name": "python.lang.security.audit.paramiko.paramiko-exec-command.paramiko-exec-command",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.paramiko.paramiko-exec-command.paramiko-exec-command"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/apis.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 125,
+                  "start_column": 9,
+                  "end_line": 129,
+                  "end_column": 22,
+                  "snippet": {
+                    "text": "        code = request.POST.get('code')\n        dirname = os.path.dirname(__file__)\n        filename = os.path.join(dirname, \"playground/A6/utility.py\")\n        f = open(filename,\"w\")\n        f.write(code)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "5b3f7c0d-85ec-4f81-a548-d3881d13f6e0",
+          "fingerprints": {
+            "matchBasedId/v1": "a842d7b67dbfe63c8e4c993c831da8e0cc61dc2faad67ac58b5ba5eceaa9bcc1dc35b19d72df9e1046644aec55b250228ab5bf434bbd9f79c5aa2c8f955b5c98_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.lang.security.audit.md5-used-as-password.md5-used-as-password",
+          "message": {
+            "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as scrypt. You can use `hashlib.scrypt`."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected empty trust manager implementations. This is dangerous because it accepts any certificate, enabling man-in-the-middle attacks. Consider using a KeyStore and TrustManagerFactory instead. See https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https for more information."
-              },
-              "help": {
-                "markdown": "Detected empty trust manager implementations. This is dangerous because it accepts any certificate, enabling man-in-the-middle attacks. Consider using a KeyStore and TrustManagerFactory instead. See https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.insecure-trust-manager.insecure-trust-manager)\n - [https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https](https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https)\n",
-                "text": "Detected empty trust manager implementations. This is dangerous because it accepts any certificate, enabling man-in-the-middle attacks. Consider using a KeyStore and TrustManagerFactory instead. See https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.ssl.insecure-trust-manager.insecure-trust-manager",
-              "id": "java.lang.security.audit.crypto.ssl.insecure-trust-manager.insecure-trust-manager",
-              "name": "java.lang.security.audit.crypto.ssl.insecure-trust-manager.insecure-trust-manager",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-295: Improper Certificate Validation",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.ssl.insecure-trust-manager.insecure-trust-manager"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/mitre.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 158,
+                  "start_column": 20,
+                  "end_line": 158,
+                  "end_column": 54,
+                  "snippet": {
+                    "text": "        password = md5(password.encode()).hexdigest()"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "2c24ee2a-45bf-4aea-baf6-45648e71c248",
+          "fingerprints": {
+            "matchBasedId/v1": "ea767c6603d32dc3d96e5731f633cc610c95ac9f90faf72a5eb0e21a78fff39f36572b024d2acad0358d1304189093192e38d5bd2b594b94bc0300ef239cb15a_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.jwt.security.jwt-hardcode.jwt-python-hardcoded-secret",
+          "message": {
+            "text": "Hardcoded JWT secret or private key is used. This is a Insufficiently Protected Credentials weakness: https://cwe.mitre.org/data/definitions/522.html Consider using an appropriate security mechanism to protect the credentials (e.g. keeping secrets in environment variables)"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation."
-              },
-              "help": {
-                "markdown": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.audit.spring-jsp-eval.spring-jsp-eval)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "A Spring expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.audit.spring-jsp-eval.spring-jsp-eval",
-              "id": "java.spring.security.audit.spring-jsp-eval.spring-jsp-eval",
-              "name": "java.spring.security.audit.spring-jsp-eval.spring-jsp-eval",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.audit.spring-jsp-eval.spring-jsp-eval"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/mitre.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 166,
+                  "start_column": 42,
+                  "end_line": 166,
+                  "end_column": 62,
+                  "snippet": {
+                    "text": "            cookie = jwt.encode(payload, 'csrf_vulneribility', algorithm='HS256')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "72d5526e-4ab7-42bf-abe2-d4d19f184a10",
+          "fingerprints": {
+            "matchBasedId/v1": "611ab643a9a1cafac1ce5c6c21a9ba1756a906c92275b6b2feea6f8a66513e6ab00e2e242305017e0e3ef80429769c41479f2c40b29052b3a35827a5ec0e7cae_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+          "message": {
+            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead."
-              },
-              "help": {
-                "markdown": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-md5.use-of-md5)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use HMAC instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.use-of-md5.use-of-md5",
-              "id": "java.lang.security.audit.crypto.use-of-md5.use-of-md5",
-              "name": "java.lang.security.audit.crypto.use-of-md5.use-of-md5",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-328: Use of Weak Hash",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.use-of-md5.use-of-md5"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/mitre.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 168,
+                  "start_column": 13,
+                  "end_line": 168,
+                  "end_column": 56,
+                  "snippet": {
+                    "text": "            response.set_cookie('auth_cookiee', cookie)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "26df1593-0ffd-4d41-bf23-76f85cf1fde2",
+          "fingerprints": {
+            "matchBasedId/v1": "a3960b79e05a17a6a840a1f06dae5919adbf28488255add3e2bc5d4e89fcc5a276391ce6f8bc7b6e42080709eb4c95fcafb37bbe25993c341e658003949640cb_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Checks for requests sent via http.$FUNC to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
-              },
-              "help": {
-                "markdown": "Checks for requests sent via http.$FUNC to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.http-request.http-request)\n - [https://golang.org/pkg/net/http/#Get](https://golang.org/pkg/net/http/#Get)\n",
-                "text": "Checks for requests sent via http.$FUNC to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.go-stdlib.http-request.http-request",
-              "id": "problem-based-packs.insecure-transport.go-stdlib.http-request.http-request",
-              "name": "problem-based-packs.insecure-transport.go-stdlib.http-request.http-request",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.go-stdlib.http-request.http-request"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/mitre.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 173,
+                  "start_column": 1,
+                  "end_line": 186,
+                  "end_column": 50,
+                  "snippet": {
+                    "text": "@authentication_decorator\n@csrf_exempt\ndef csrf_transfer_monei(request):\n    if request.method == 'GET':\n        try:\n            cookie = request.COOKIES['auth_cookiee']\n            payload = jwt.decode(cookie, 'csrf_vulneribility', algorithms=['HS256'])\n            username = payload['username']\n            User = CSRF_user_tbl.objects.filter(username=username)\n            if not User:\n                redirect('/mitre/9/lab/login')\n            return render(request, 'mitre/csrf_dashboard.html', {'balance': User[0].balance})\n        except:\n            return redirect('/mitre/9/lab/login')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "038cb4bc-e5e1-492c-b7e6-9ccc9c95cab6",
+          "fingerprints": {
+            "matchBasedId/v1": "39c7284e78d57269272719f6d5d29d19368eefefd5b98495e114002485ad1f7466c76596368159d22fd550a637f1bd892dbeb2dc6f55ee720e359ebdb89507c0_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Avoid using `dill`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
-              },
-              "help": {
-                "markdown": "Avoid using `dill`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-dill)\n - [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html)\n",
-                "text": "Avoid using `dill`, which uses `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.deserialization.pickle.avoid-dill",
-              "id": "python.lang.security.deserialization.pickle.avoid-dill",
-              "name": "python.lang.security.deserialization.pickle.avoid-dill",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.deserialization.pickle.avoid-dill"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/mitre.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 211,
+                  "start_column": 1,
+                  "end_line": 218,
+                  "end_column": 42,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef mitre_lab_25_api(request):\n    if request.method == \"POST\":\n        expression = request.POST.get('expression')\n        result = eval(expression)\n        return JsonResponse({'result': result})\n    else:\n        return redirect('/mitre/25/lab/')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "79c09310-4f66-4d31-8aee-f2fdb0bd4581",
+          "fingerprints": {
+            "matchBasedId/v1": "3bd08d07f3616b3e9fb1531618fc52c5173f3258ffce6cb8c8c6a85b20d8f0c0e9432654d88fd84e2c1b3d52df5efe34547ac3cbb2775b13942c51d51ff77286_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.code.user-eval.user-eval",
+          "message": {
+            "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "note"
-              },
-              "fullDescription": {
-                "text": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead."
-              },
-              "help": {
-                "markdown": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http",
-              "id": "python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http",
-              "name": "python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/mitre.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 214,
+                  "start_column": 9,
+                  "end_line": 215,
+                  "end_column": 34,
+                  "snippet": {
+                    "text": "        expression = request.POST.get('expression')\n        result = eval(expression)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "384353e0-0708-46a5-8d78-7f5f7b73fae8",
+          "fingerprints": {
+            "matchBasedId/v1": "16b058d7ce6382ab0004c866a6a81acbf09d97a7c629401bcf9e23d20e1315c8c515f63b2d7681d8db31381c241e24d5d7aa9d60197813dcb410d069e8ca8566_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.lang.security.audit.eval-detected.eval-detected",
+          "message": {
+            "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Found an insecure gRPC server without 'grpc.Creds()' or options with credentials. This allows for a connection without encryption to this server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Include credentials derived from an SSL certificate in order to create a secure gRPC connection. You can create credentials using 'credentials.NewServerTLSFromFile(\"cert.pem\", \"cert.key\")'."
-              },
-              "help": {
-                "markdown": "Found an insecure gRPC server without 'grpc.Creds()' or options with credentials. This allows for a connection without encryption to this server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Include credentials derived from an SSL certificate in order to create a secure gRPC connection. You can create credentials using 'credentials.NewServerTLSFromFile(\"cert.pem\", \"cert.key\")'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.grpc.security.grpc-server-insecure-connection.grpc-server-insecure-connection)\n - [https://blog.gopheracademy.com/advent-2019/go-grps-and-tls/#connection-without-encryption](https://blog.gopheracademy.com/advent-2019/go-grps-and-tls/#connection-without-encryption)\n",
-                "text": "Found an insecure gRPC server without 'grpc.Creds()' or options with credentials. This allows for a connection without encryption to this server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Include credentials derived from an SSL certificate in order to create a secure gRPC connection. You can create credentials using 'credentials.NewServerTLSFromFile(\"cert.pem\", \"cert.key\")'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/go.grpc.security.grpc-server-insecure-connection.grpc-server-insecure-connection",
-              "id": "go.grpc.security.grpc-server-insecure-connection.grpc-server-insecure-connection",
-              "name": "go.grpc.security.grpc-server-insecure-connection.grpc-server-insecure-connection",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-300: Channel Accessible by Non-Endpoint",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.grpc.security.grpc-server-insecure-connection.grpc-server-insecure-connection"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/mitre.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 215,
+                  "start_column": 18,
+                  "end_line": 215,
+                  "end_column": 34,
+                  "snippet": {
+                    "text": "        result = eval(expression)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "7b05137f-e399-4cd6-9d72-fed50b3b0532",
+          "fingerprints": {
+            "matchBasedId/v1": "3a71a35bf3f477d805112137ed91deb1b379944439526a46e8f0de4ab242f93bc35b7c7cf21445e6db092f47eabeba5310c234d55ae46117df24b606e96ffbe2_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.lang.security.audit.subprocess-shell-true.subprocess-shell-true",
+          "message": {
+            "text": "Found 'subprocess' function 'Popen' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
-              },
-              "help": {
-                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.hibernate-sqli.hibernate-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.sqli.hibernate-sqli.hibernate-sqli",
-              "id": "java.lang.security.audit.sqli.hibernate-sqli.hibernate-sqli",
-              "name": "java.lang.security.audit.sqli.hibernate-sqli.hibernate-sqli",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.sqli.hibernate-sqli.hibernate-sqli"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/mitre.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 230,
+                  "start_column": 15,
+                  "end_line": 230,
+                  "end_column": 100,
+                  "snippet": {
+                    "text": "    process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "bcb7783a-24f4-4443-9c40-41e3125f9cf6",
+          "fingerprints": {
+            "matchBasedId/v1": "8bdf8a56660b14f45dedab486300af9cea042a261eed005c1a3f042921f0e0466290dda8b2cbd10e111fafd98bae479bd379f09e901df65c1c1570ed93269d34_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks."
-              },
-              "help": {
-                "markdown": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.dangerous-template-string.dangerous-template-string)\n - [https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html](https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2.html)\n - [https://pequalsnp-team.github.io/cheatsheet/flask-jinja2-ssti](https://pequalsnp-team.github.io/cheatsheet/flask-jinja2-ssti)\n",
-                "text": "Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.dangerous-template-string.dangerous-template-string",
-              "id": "python.flask.security.dangerous-template-string.dangerous-template-string",
-              "name": "python.flask.security.dangerous-template-string.dangerous-template-string",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.dangerous-template-string.dangerous-template-string"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/mitre.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 234,
+                  "start_column": 1,
+                  "end_line": 244,
+                  "end_column": 88,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef mitre_lab_17_api(request):\n    if request.method == \"POST\":\n        ip = request.POST.get('ip')\n        command = \"nmap \" + ip \n        res, err = command_out(command)\n        res = res.decode()\n        err = err.decode()\n        pattern = \"STATE SERVICE.*\\\\n\\\\n\"\n        ports = re.findall(pattern, res,re.DOTALL)[0][14:-2].split('\\n')\n        return JsonResponse({'raw_res': str(res), 'raw_err': str(err), 'ports': ports})"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "a94886d7-53da-4acf-a9ea-a14f2f3a57cc",
+          "fingerprints": {
+            "matchBasedId/v1": "45d758bdbcd1fc9963b1838f952e5b5df3318f5e34eccf72f4be5a470db7789abc82a69f138c1a939614255039bfbb5dea1521f10669ebe0d77b2f3c3102d063_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Hardcoded variable `SECRET_KEY` detected. Use environment variables or config files instead"
-              },
-              "help": {
-                "markdown": "Hardcoded variable `SECRET_KEY` detected. Use environment variables or config files instead\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_SECRET_KEY)\n - [https://bento.dev/checks/flask/avoid-hardcoded-config/](https://bento.dev/checks/flask/avoid-hardcoded-config/)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#builtin-configuration-values)\n - [https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features](https://flask.palletsprojects.com/en/1.1.x/config/?highlight=configuration#environment-and-debug-features)\n",
-                "text": "Hardcoded variable `SECRET_KEY` detected. Use environment variables or config files instead\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_SECRET_KEY",
-              "id": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_SECRET_KEY",
-              "name": "python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_SECRET_KEY",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-489: Active Debug Code",
-                  "LOW CONFIDENCE",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.audit.hardcoded-config.avoid_hardcoded_config_SECRET_KEY"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/playground/A9/api.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 5,
+                  "start_column": 1,
+                  "end_line": 31,
+                  "end_column": 71,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef log_function_target(request):\n    L = Log(request)\n    if request.method == \"GET\":\n        L.info(\"GET request\")\n        return JsonResponse({\"message\":\"normal get request\", \"method\":\"get\"},status = 200)\n    if request.method == \"POST\":\n        username = request.POST['username']\n        password = request.POST['password']\n        L.info(f\"POST request with username {username} and password {password}\")\n        if username == \"admin\" and password == \"admin\":\n            return JsonResponse({\"message\":\"Loged in successfully\", \"method\":\"post\"},status = 200)\n        return JsonResponse({\"message\":\"Invalid credentials\", \"method\":\"post\"},status = 401)\n    if request.method == \"PUT\":\n        L.info(\"PUT request\")\n        return JsonResponse({\"message\":\"success\", \"method\":\"put\"},status = 200)\n    if request.method == \"DELETE\":\n        if request.user.is_authenticated:\n            return JsonResponse({\"message\":\"User is authenticated\", \"method\":\"delete\"},status = 200)\n        L.error(\"DELETE request\")\n        return JsonResponse({\"message\":\"permission denied\", \"method\":\"delete\"},status = 200)\n    if request.method == \"PATCH\":\n        L.info(\"PATCH request\")\n        return JsonResponse({\"message\":\"success\", \"method\":\"patch\"},status = 200)\n    if request.method == \"UPDATE\":\n        return JsonResponse({\"message\":\"success\", \"method\":\"update\"},status = 200)\n    return JsonResponse({\"message\":\"method not allowed\"},status = 403)"
+                  }
+                }
+              }
+            }
+          ],
+          "guid": "2128b2a3-1f5b-4984-a9b3-54a09183bb09",
+          "fingerprints": {
+            "matchBasedId/v1": "6414d84080647287a56ac40ac539e68d14c7df967fc0d430285e7a1a2d485a3b5f84f9e7900818229c68e4be2b5033521be955f655d1a7e07a0e96512db79679_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/playground/A9/archive.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 5,
+                  "start_column": 1,
+                  "end_line": 31,
+                  "end_column": 71,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef log_function_target(request):\n    L = Log(request)\n    if request.method == \"GET\":\n        L.info(\"GET request\")\n        return JsonResponse({\"message\":\"normal get request\", \"method\":\"get\"},status = 200)\n    if request.method == \"POST\":\n        username = request.POST['username']\n        password = request.POST['password']\n        L.info(f\"POST request with username {username} and password {password}\")\n        if username == \"admin\" and password == \"admin\":\n            return JsonResponse({\"message\":\"Loged in successfully\", \"method\":\"post\"},status = 200)\n        return JsonResponse({\"message\":\"Invalid credentials\", \"method\":\"post\"},status = 401)\n    if request.method == \"PUT\":\n        L.info(\"PUT request\")\n        return JsonResponse({\"message\":\"success\", \"method\":\"put\"},status = 200)\n    if request.method == \"DELETE\":\n        if request.user.is_authenticated:\n            return JsonResponse({\"message\":\"User is authenticated\", \"method\":\"delete\"},status = 200)\n        L.error(\"DELETE request\")\n        return JsonResponse({\"message\":\"permission denied\", \"method\":\"delete\"},status = 200)\n    if request.method == \"PATCH\":\n        L.info(\"PATCH request\")\n        return JsonResponse({\"message\":\"success\", \"method\":\"patch\"},status = 200)\n    if request.method == \"UPDATE\":\n        return JsonResponse({\"message\":\"success\", \"method\":\"update\"},status = 200)\n    return JsonResponse({\"message\":\"method not allowed\"},status = 403)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "0d1785a6-1fe0-4c31-b0fd-bbad8e14f39d",
+          "fingerprints": {
+            "matchBasedId/v1": "64ffeff6e27b31d8497884023fbeff139351912240b637560f45d7958cee1df2c903c2d03ae5802e7f0f47694f9406709620b4606c6de7d674f80efbcd8ca660_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "generic.secrets.security.detected-jwt-token.detected-jwt-token",
+          "message": {
+            "text": "JWT token detected"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Found usage of the `$FLAVOR` library, which is vulnerable to attacks such as XML external entity (XXE) attacks"
-              },
-              "help": {
-                "markdown": "Found usage of the `$FLAVOR` library, which is vulnerable to attacks such as XML external entity (XXE) attacks\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.python.lxml-in-pandas.lxml-in-pandas)\n - [https://lxml.de/FAQ.html](https://lxml.de/FAQ.html)\n",
-                "text": "Found usage of the `$FLAVOR` library, which is vulnerable to attacks such as XML external entity (XXE) attacks\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/trailofbits.python.lxml-in-pandas.lxml-in-pandas",
-              "id": "trailofbits.python.lxml-in-pandas.lxml-in-pandas",
-              "name": "trailofbits.python.lxml-in-pandas.lxml-in-pandas",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.python.lxml-in-pandas.lxml-in-pandas"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/static/js/a7.js",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 4,
+                  "start_column": 116,
+                  "end_line": 4,
+                  "end_column": 210,
+                  "snippet": {
+                    "text": "    // myHeaders.append(\"Cookie\", \"csrftoken=5fVOTXh2HNahtvJFJNRSrKkwPAgPM9YCHlrCGprAxhAAKOUWMxqMnWm8BUomv0Yd; jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MSwiZXhwIjoxNjUzMzEzMDIxLCJpYXQiOjE2NTMzMDk0MjF9.dh2gfP9wKD8GKu1J-jVs2jJUYMgKu_kMaJjrD0hHP-I\");"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "e0b83706-fdbf-441a-8463-51e2d19e80ec",
+          "fingerprints": {
+            "matchBasedId/v1": "9f143409c967066b678bea31ceb920fff27645a353fda40e50dbfd0e86a02d14790a51eb2a38927c27846bd489a39442a2216cc7c261efadca487f3e4a583e8a_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "generic.secrets.security.detected-jwt-token.detected-jwt-token",
+          "message": {
+            "text": "JWT token detected"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Checks for configuration setting of force_ssl to false. Force_ssl forces usage of HTTPS, which could lead to network interception of unencrypted application traffic. To fix, set config.force_ssl = true."
-              },
-              "help": {
-                "markdown": "Checks for configuration setting of force_ssl to false. Force_ssl forces usage of HTTPS, which could lead to network interception of unencrypted application traffic. To fix, set config.force_ssl = true.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.force-ssl-false.force-ssl-false)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_force_ssl.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_force_ssl.rb)\n",
-                "text": "Checks for configuration setting of force_ssl to false. Force_ssl forces usage of HTTPS, which could lead to network interception of unencrypted application traffic. To fix, set config.force_ssl = true.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.force-ssl-false.force-ssl-false",
-              "id": "ruby.lang.security.force-ssl-false.force-ssl-false",
-              "name": "ruby.lang.security.force-ssl-false.force-ssl-false",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-311: Missing Encryption of Sensitive Data",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "OWASP-A04:2021 - Insecure Design",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.force-ssl-false.force-ssl-false"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/static/js/a9.js",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 18,
+                  "start_column": 113,
+                  "end_line": 18,
+                  "end_column": 207,
+                  "snippet": {
+                    "text": "    myHeaders.append(\"Cookie\", \"csrftoken=5fVOTXh2HNahtvJFJNRSrKkwPAgPM9YCHlrCGprAxhAAKOUWMxqMnWm8BUomv0Yd; jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MSwiZXhwIjoxNjUzMzEzMDIxLCJpYXQiOjE2NTMzMDk0MjF9.dh2gfP9wKD8GKu1J-jVs2jJUYMgKu_kMaJjrD0hHP-I\");"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "206e5779-80d2-4c86-8688-635f2ebaa200",
+          "fingerprints": {
+            "matchBasedId/v1": "0351a53c7214f89703a7cc24715480943a60ed50d72da59e97d12aa1c5e04865467ebc64a72baa3b03905e2e22d643c7f522774fa1f1549899e2319b4823631a_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "javascript.browser.security.insecure-document-method.insecure-document-method",
+          "message": {
+            "text": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities"
-              },
-              "help": {
-                "markdown": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-phantom-injection.express-phantom-injection)\n - [https://phantomjs.org/page-automation.html](https://phantomjs.org/page-automation.html)\n",
-                "text": "If unverified user data can reach the `phantom` methods it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-phantom-injection.express-phantom-injection",
-              "id": "javascript.express.security.express-phantom-injection.express-phantom-injection",
-              "name": "javascript.express.security.express-phantom-injection.express-phantom-injection",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-phantom-injection.express-phantom-injection"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/static/js/a9.js",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 40,
+                  "start_column": 13,
+                  "end_line": 40,
+                  "end_column": 41,
+                  "snippet": {
+                    "text": "            li.innerHTML = data.logs[i];"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "04ef6474-097b-47de-8ca9-852fa9314ffc",
+          "fingerprints": {
+            "matchBasedId/v1": "63620f765169ad1354b15660d21643db72743148ee1726cc300d851696edc64e7b1c13e1c8fc7370dec33b49d8ce21acfebfa65c6463275d962d410138239ec8_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "ERC677 callAfterTransfer() reentrancy"
-              },
-              "help": {
-                "markdown": "ERC677 callAfterTransfer() reentrancy\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.erc677-reentrancy.erc677-reentrancy)\n - [https://twitter.com/peckshield/status/1509431646818234369](https://twitter.com/peckshield/status/1509431646818234369)\n - [https://twitter.com/blocksecteam/status/1509466576848064512](https://twitter.com/blocksecteam/status/1509466576848064512)\n - [https://explorer.fuse.io/address/0x139Eb08579eec664d461f0B754c1F8B569044611](https://explorer.fuse.io/address/0x139Eb08579eec664d461f0B754c1F8B569044611)\n - [https://explorer.fuse.io/address/0x5De15b5543c178C111915d6B8ae929Af01a8cC58](https://explorer.fuse.io/address/0x5De15b5543c178C111915d6B8ae929Af01a8cC58)\n",
-                "text": "ERC677 callAfterTransfer() reentrancy\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/solidity.security.erc677-reentrancy.erc677-reentrancy",
-              "id": "solidity.security.erc677-reentrancy.erc677-reentrancy",
-              "name": "solidity.security.erc677-reentrancy.erc677-reentrancy",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-841: Improper Enforcement of Behavioral Workflow",
-                  "HIGH CONFIDENCE",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.erc677-reentrancy.erc677-reentrancy"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/A9/a9_lab.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 10,
+                  "start_column": 5,
+                  "end_line": 14,
+                  "end_column": 12,
+                  "snippet": {
+                    "text": "    <form enctype=\"multipart/form-data\" method=\"post\" action=\"/a9_lab\">\n        <input type=\"file\" name=\"file\"><br>\n        <br>\n        <button class=\"btn btn-info\" type=\"submit\">Upload</button>\n    </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "78c865d0-b663-489d-8eae-3fb14a711915",
+          "fingerprints": {
+            "matchBasedId/v1": "39c24f28fe90fc823aef79becd1f7b7fbaa8f97246336a42976ff05d9f37317692e299d3d38ce39fe4a6b404656f8e28f62216c8fbb5e442c82cdd1eda8eaae3_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "IPv4Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'."
-              },
-              "help": {
-                "markdown": "IPv4Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv4network2)\n",
-                "text": "IPv4Network.supernet_of is only available on Python 3.7+ and is therefore not backwards compatible. Instead, check if the supernet is in 'supernet'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.compatibility.python37.python37-compatibility-ipv4network2",
-              "id": "python.lang.compatibility.python37.python37-compatibility-ipv4network2",
-              "name": "python.lang.compatibility.python37.python37-compatibility-ipv4network2",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.compatibility.python37.python37-compatibility-ipv4network2"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/A9/a9_lab2.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 21,
+                  "start_column": 5,
+                  "end_line": 25,
+                  "end_column": 12,
+                  "snippet": {
+                    "text": "    <form enctype=\"multipart/form-data\" id=\"a9_form2\" method=\"POST\" style=\"display: flex;flex-direction: column;align-items: center;margin-bottom: 50px;\">\n        <input type=\"file\" name=\"file\" id=\"a9_file\" />\n        <input type=\"text\" name=\"function\" id=\"a9_function\" placeholder=\"function\"/>\n        <button type=\"submit\" id=\"a9_submit\" >Submit</button>\n    </form><br><br>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "0cec97bc-151c-4572-b2b1-855ee9f0c037",
+          "fingerprints": {
+            "matchBasedId/v1": "cd257c73794366c1e7c0c9f9f077ba5189201e42bd59d651e143a14d2245b349fcf2dea544e90340798983e1e56293e76297317360358cb68d8cda04aeba9fba_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "generic.html-templates.security.var-in-script-tag.var-in-script-tag",
+          "message": {
+            "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`)."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected an unsecured transmission channel. 'URLopener.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel."
-              },
-              "help": {
-                "markdown": "Detected an unsecured transmission channel. 'URLopener.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open.insecure-urlopener-open)\n - [https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.open](https://docs.python.org/3/library/urllib.request.html#urllib.request.URLopener.open)\n",
-                "text": "Detected an unsecured transmission channel. 'URLopener.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open.insecure-urlopener-open",
-              "id": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open.insecure-urlopener-open",
-              "name": "python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open.insecure-urlopener-open",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-transport.urllib.insecure-urlopener-open.insecure-urlopener-open"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/A9/a9_lab2.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 91,
+                  "start_column": 12,
+                  "end_line": 91,
+                  "end_column": 22,
+                  "snippet": {
+                    "text": "    alert(\"{{ data }}\");"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "e30b4692-ce79-456b-aee8-5e229f1b05ce",
+          "fingerprints": {
+            "matchBasedId/v1": "6c55ae73d62631eacf3e3643d31abafee344d0442acf5c19b48957ce1304ce5cdef8fe15ea9c14d87027d3b4a2c5d99ef9d00dc7ec351855ddfecd3cf33e0af0_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.xss.var-in-script-tag.var-in-script-tag",
+          "message": {
+            "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`)."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
-              },
-              "help": {
-                "markdown": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.django-no-csrf-token.django-no-csrf-token)\n - [https://docs.djangoproject.com/en/4.2/howto/csrf/](https://docs.djangoproject.com/en/4.2/howto/csrf/)\n",
-                "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.django.security.django-no-csrf-token.django-no-csrf-token",
-              "id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
-              "name": "python.django.security.django-no-csrf-token.django-no-csrf-token",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
-                  "MEDIUM CONFIDENCE",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.django-no-csrf-token.django-no-csrf-token"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/A9/a9_lab2.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 91,
+                  "start_column": 12,
+                  "end_line": 91,
+                  "end_column": 22,
+                  "snippet": {
+                    "text": "    alert(\"{{ data }}\");"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "c92c51cd-525b-41d9-8537-05b763569fa2",
+          "fingerprints": {
+            "matchBasedId/v1": "91bcd15d7a2a0d16b0b06e1a9641b4419a70f21506f436b851beda29c151a0e540e46aa0190f701f94a69e80f845f4e047855ab4cb994eb4bbd091eb5c5e624a_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "The AWS Athena Workgroup is unencrypted. Encryption protects query results in your workgroup. To enable, add: `encryption_configuration { encryption_option = \"SSE_KMS\" kms_key_arn =  aws_kms_key.example.arn }` within `result_configuration { }` in your resource block,  where `encryption_option` is your chosen encryption method and `kms_key_arn`  is your KMS key ARN."
-              },
-              "help": {
-                "markdown": "The AWS Athena Workgroup is unencrypted. Encryption protects query results in your workgroup. To enable, add: `encryption_configuration { encryption_option = \"SSE_KMS\" kms_key_arn =  aws_kms_key.example.arn }` within `result_configuration { }` in your resource block,  where `encryption_option` is your chosen encryption method and `kms_key_arn`  is your KMS key ARN.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.missing-athena-workgroup-encryption.missing-athena-workgroup-encryption)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "The AWS Athena Workgroup is unencrypted. Encryption protects query results in your workgroup. To enable, add: `encryption_configuration { encryption_option = \"SSE_KMS\" kms_key_arn =  aws_kms_key.example.arn }` within `result_configuration { }` in your resource block,  where `encryption_option` is your chosen encryption method and `kms_key_arn`  is your KMS key ARN.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.missing-athena-workgroup-encryption.missing-athena-workgroup-encryption",
-              "id": "terraform.aws.security.missing-athena-workgroup-encryption.missing-athena-workgroup-encryption",
-              "name": "terraform.aws.security.missing-athena-workgroup-encryption.missing-athena-workgroup-encryption",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-320: CWE CATEGORY: Key Management Errors",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.missing-athena-workgroup-encryption.missing-athena-workgroup-encryption"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/BrokenAccess/ba_lab.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 11,
+                  "start_column": 9,
+                  "end_line": 18,
+                  "end_column": 16,
+                  "snippet": {
+                    "text": "        <form method=\"post\" action=\"/ba_lab\">\n\n            <input id=\"input\" type=\"text\" name=\"name\" placeholder=\"User Name\"><br>\n            <input id=\"input\" type=\"password\" name=\"pass\" placeholder=\"Password\"><br>\n            <button style=\"margin-top:20px\" class=\"btn btn-info\" type=\"submit\"> Log in</button>\n\n\n        </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "10014fb2-dcae-4279-9923-9e7c164e2cf1",
+          "fingerprints": {
+            "matchBasedId/v1": "689059ffed525598c0d311633e06afdba2fba5311c13caee1561644ad3d13758303cba8ece4c17fe42f96593c5cfe5df393c8c96820e0fa1d9e5125566e09111_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities."
-              },
-              "help": {
-                "markdown": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-expat-xxe.express-expat-xxe)\n - [https://github.com/astro/node-expat](https://github.com/astro/node-expat)\n",
-                "text": "Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-expat-xxe.express-expat-xxe",
-              "id": "javascript.express.security.express-expat-xxe.express-expat-xxe",
-              "name": "javascript.express.security.express-expat-xxe.express-expat-xxe",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-expat-xxe.express-expat-xxe"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/BrokenAuth/otp.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 18,
+                  "start_column": 5,
+                  "end_line": 22,
+                  "end_column": 12,
+                  "snippet": {
+                    "text": "    <form method=\"post\" action=\"/otp\">\n        <label for='enter'>Enter Your OTP:</label>\n        <input id=\"enter\" type=\"number\" maxlength=\"3\" name=\"otp\"><br><br>\n        <button class=\"btn btn-info\" type=\"submit\">Log in</button>\n    </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "09151bea-0f68-4d81-a000-9f5997d083b8",
+          "fingerprints": {
+            "matchBasedId/v1": "8e7dd730eacf0de1effe8a64f292d3448ec57670547e2d3ce6492ebde073ae8aaec217216c1f1ea921e58761461e3958cabe1ec5ebff9e624e432fe14adbbfca_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Cannot determine what '$UNK' is and it is used with a '<script>' tag. This could be susceptible to cross-site scripting (XSS). Ensure '$UNK' is not externally controlled, or sanitize this data."
-              },
-              "help": {
-                "markdown": "Cannot determine what '$UNK' is and it is used with a '<script>' tag. This could be susceptible to cross-site scripting (XSS). Ensure '$UNK' is not externally controlled, or sanitize this data.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag)\n - [https://www.developsec.com/2017/11/09/xss-in-a-script-tag/](https://www.developsec.com/2017/11/09/xss-in-a-script-tag/)\n - [https://github.com/juice-shop/juice-shop/blob/1ceb8751e986dacd3214a618c37e7411be6bc11a/routes/videoHandler.ts#L68](https://github.com/juice-shop/juice-shop/blob/1ceb8751e986dacd3214a618c37e7411be6bc11a/routes/videoHandler.ts#L68)\n",
-                "text": "Cannot determine what '$UNK' is and it is used with a '<script>' tag. This could be susceptible to cross-site scripting (XSS). Ensure '$UNK' is not externally controlled, or sanitize this data.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag",
-              "id": "javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag",
-              "name": "javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/CMD/cmd_lab.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 9,
+                  "start_column": 9,
+                  "end_line": 16,
+                  "end_column": 16,
+                  "snippet": {
+                    "text": "        <form method=\"post\" action=\"/cmd_lab\">\n            <input type=\"text\" name=\"domain\" placeholder=\"Enter Domain Here\"><br><br>\n            <input type=\"radio\" id=\"linux\" name=\"os\" value=\"linux\">\n            <label for=\"linux\">Linux</label>\n            <input type=\"radio\" id=\"windows\" name=\"os\" value=\"win\">\n            <label for=\"windows\">Windows</label><br>\n            <button class=\"btn btn-info\" type=\"submit\" style=\"align:right\">GO</button>\n        </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "e224da84-60e4-48e3-a10b-124cb8858828",
+          "fingerprints": {
+            "matchBasedId/v1": "1914fc2fb2842c92d5c41d19fa38165c3eff14446209f565f0d78f2abc341835fc260d6034b24d18dff5b85b90c4d26c50e173236671fe6a0c45512acc96bc14_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module)."
-              },
-              "help": {
-                "markdown": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.audit.express-session-hardcoded-secret.express-session-hardcoded-secret)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)\n",
-                "text": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.audit.express-session-hardcoded-secret.express-session-hardcoded-secret",
-              "id": "javascript.express.security.audit.express-session-hardcoded-secret.express-session-hardcoded-secret",
-              "name": "javascript.express.security.audit.express-session-hardcoded-secret.express-session-hardcoded-secret",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.audit.express-session-hardcoded-secret.express-session-hardcoded-secret"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/CMD/cmd_lab2.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 9,
+                  "start_column": 9,
+                  "end_line": 12,
+                  "end_column": 16,
+                  "snippet": {
+                    "text": "        <form method=\"post\" action=\"/cmd_lab2\">\n            <input type=\"text\" name=\"val\" placeholder=\"eg. 7*7\"><br><br>\n            <center><button class=\"btn btn-info\" type=\"submit\">GO</button></center>\n        </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "7268239c-e346-4d51-b47d-e74ba4937564",
+          "fingerprints": {
+            "matchBasedId/v1": "2f38b15704c7322f83c9b194a0103a57a3cb1873e06d60b2910ff30b53ce4d8e6e0c54b73ddc35a43b9136b25bd9b60a614e282e23490e507077ab521133c912_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.xss.var-in-script-tag.var-in-script-tag",
+          "message": {
+            "text": "Detected a template variable used in a script tag. Although template variables are HTML escaped, HTML escaping does not always prevent cross-site scripting (XSS) attacks when used directly in JavaScript. If you need this data on the rendered page, consider placing it in the HTML portion (outside of a script tag). Alternatively, use a JavaScript-specific encoder, such as the one available in OWASP ESAPI. For Django, you may also consider using the 'json_script' template tag and retrieving the data in your script by using the element ID (e.g., `document.getElementById`)."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "A `sync.Mutex` is copied in function `$FUNC` given that `$T` is value receiver.  As a result, the struct `$T` may not be locked as intended"
-              },
-              "help": {
-                "markdown": "A `sync.Mutex` is copied in function `$FUNC` given that `$T` is value receiver.  As a result, the struct `$T` may not be locked as intended\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/trailofbits.go.sync-mutex-value-copied.sync-mutex-value-copied)\n - [https://go101.org/article/concurrent-common-mistakes.html](https://go101.org/article/concurrent-common-mistakes.html)\n",
-                "text": "A `sync.Mutex` is copied in function `$FUNC` given that `$T` is value receiver.  As a result, the struct `$T` may not be locked as intended\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/trailofbits.go.sync-mutex-value-copied.sync-mutex-value-copied",
-              "id": "trailofbits.go.sync-mutex-value-copied.sync-mutex-value-copied",
-              "name": "trailofbits.go.sync-mutex-value-copied.sync-mutex-value-copied",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-688: Function Call With Incorrect Variable or Reference as Argument",
-                  "HIGH CONFIDENCE",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: trailofbits.go.sync-mutex-value-copied.sync-mutex-value-copied"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/XSS/xss_lab_3.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 22,
+                  "start_column": 5,
+                  "end_line": 22,
+                  "end_column": 13,
+                  "snippet": {
+                    "text": "    {{code}}"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "7b56f2ee-d180-4288-bbd0-566c62630b37",
+          "fingerprints": {
+            "matchBasedId/v1": "95eb1ef11cad3c1355ce20ae95a89119dd1b7d86907c5f29485e3c020b55033897ac046a524c368eb45a676558c3f2964f0005c5c8b520054e5525264a65b3fe_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Potential arbitrary code execution, whatever is provided to `toFastProperties` is sent straight to eval()"
-              },
-              "help": {
-                "markdown": "Potential arbitrary code execution, whatever is provided to `toFastProperties` is sent straight to eval()\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.bluebird.security.audit.tofastproperties-code-execution.tofastproperties-code-execution)\n - [http://bluebirdjs.com/docs/getting-started.html](http://bluebirdjs.com/docs/getting-started.html)\n",
-                "text": "Potential arbitrary code execution, whatever is provided to `toFastProperties` is sent straight to eval()\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.bluebird.security.audit.tofastproperties-code-execution.tofastproperties-code-execution",
-              "id": "javascript.bluebird.security.audit.tofastproperties-code-execution.tofastproperties-code-execution",
-              "name": "javascript.bluebird.security.audit.tofastproperties-code-execution.tofastproperties-code-execution",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.bluebird.security.audit.tofastproperties-code-execution.tofastproperties-code-execution"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/ssrf/ssrf_discussion.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 125,
+                  "start_column": 5,
+                  "end_line": 129,
+                  "end_column": 12,
+                  "snippet": {
+                    "text": "    <form method=\"post\" action=\"/ssrf_lab\">\n        {&#37; csrf_token &#37;}\n        <input type=\"hidden\" name=\"blog\" value=\"templates/Lab/ssrf/blogs/blog1.txt\">\n        <button type=\"submit\" class=\"btn btn-info\"> Blog1 </button>\n    </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "8085b07c-ee1b-4bc5-a617-f9385f575e90",
+          "fingerprints": {
+            "matchBasedId/v1": "ca2008bb3a5ab33ce4dc3d90bec934025699c5a00d9f45dbc6c3f4a280668147cb6bcb1d3cf3423e3ae47a48f4d5171a9d05383f8d750dac10c5adce877a4976_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Checks for unsafe deserialization. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of load and object_load can cause remote code execution. Loading user input with MARSHAL or CSV can potentially be dangerous. Use JSON in a secure fashion instead."
-              },
-              "help": {
-                "markdown": "Checks for unsafe deserialization. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of load and object_load can cause remote code execution. Loading user input with MARSHAL or CSV can potentially be dangerous. Use JSON in a secure fashion instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.bad-deserialization.bad-deserialization)\n - [https://groups.google.com/g/rubyonrails-security/c/61bkgvnSGTQ/m/nehwjA8tQ8EJ](https://groups.google.com/g/rubyonrails-security/c/61bkgvnSGTQ/m/nehwjA8tQ8EJ)\n - [https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_deserialize.rb](https://github.com/presidentbeef/brakeman/blob/main/lib/brakeman/checks/check_deserialize.rb)\n",
-                "text": "Checks for unsafe deserialization. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of load and object_load can cause remote code execution. Loading user input with MARSHAL or CSV can potentially be dangerous. Use JSON in a secure fashion instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.bad-deserialization.bad-deserialization",
-              "id": "ruby.lang.security.bad-deserialization.bad-deserialization",
-              "name": "ruby.lang.security.bad-deserialization.bad-deserialization",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.bad-deserialization.bad-deserialization"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/ssrf/ssrf_discussion.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 130,
+                  "start_column": 5,
+                  "end_line": 134,
+                  "end_column": 12,
+                  "snippet": {
+                    "text": "    <form method=\"post\" action=\"/ssrf_lab\">\n        {&#37; csrf_token &#37;}\n        <input type=\"hidden\" name=\"blog\" value=\"templates/Lab/ssrf/blogs/blog2.txt\">\n        <button type=\"submit\" class=\"btn btn-info\"> Blog2 </button>\n    </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "5e518841-fb9e-4ed9-be32-691005e0fa29",
+          "fingerprints": {
+            "matchBasedId/v1": "ca2008bb3a5ab33ce4dc3d90bec934025699c5a00d9f45dbc6c3f4a280668147cb6bcb1d3cf3423e3ae47a48f4d5171a9d05383f8d750dac10c5adce877a4976_1"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to."
-              },
-              "help": {
-                "markdown": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-file-access.avoid-tainted-file-access)\n - [https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown](https://github.com/presidentbeef/brakeman/blob/main/docs/warning_types/file_access/index.markdown)\n",
-                "text": "Using user input when accessing files is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/ruby.rails.security.audit.avoid-tainted-file-access.avoid-tainted-file-access",
-              "id": "ruby.rails.security.audit.avoid-tainted-file-access.avoid-tainted-file-access",
-              "name": "ruby.rails.security.audit.avoid-tainted-file-access.avoid-tainted-file-access",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.rails.security.audit.avoid-tainted-file-access.avoid-tainted-file-access"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/ssrf/ssrf_discussion.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 135,
+                  "start_column": 5,
+                  "end_line": 139,
+                  "end_column": 12,
+                  "snippet": {
+                    "text": "    <form method=\"post\" action=\"/ssrf_lab\">\n        {&#37; csrf_token &#37;}\n        <input type=\"hidden\" name=\"blog\" value=\"templates/Lab/ssrf/blogs/blog3.txt\">\n        <button type=\"submit\" class=\"btn btn-info\"> Blog3 </button>\n    </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "2577dfda-7fe2-49ff-8f14-dc8b20dbd9ab",
+          "fingerprints": {
+            "matchBasedId/v1": "ca2008bb3a5ab33ce4dc3d90bec934025699c5a00d9f45dbc6c3f4a280668147cb6bcb1d3cf3423e3ae47a48f4d5171a9d05383f8d750dac10c5adce877a4976_2"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "The environment variable `ACTIONS_ALLOW_UNSECURE_COMMANDS` grants this workflow permissions to use the `set-env` and `add-path` commands. There is a vulnerability in these commands that could result in environment variables being modified by an attacker. Depending on the use of the environment variable, this could enable an attacker to, at worst, modify the system path to run a different command than intended, resulting in arbitrary code execution. This could result in stolen code or secrets. Don't use `ACTIONS_ALLOW_UNSECURE_COMMANDS`. Instead, use Environment Files. See https://github.com/actions/toolkit/blob/main/docs/commands.md#environment-files for more information."
-              },
-              "help": {
-                "markdown": "The environment variable `ACTIONS_ALLOW_UNSECURE_COMMANDS` grants this workflow permissions to use the `set-env` and `add-path` commands. There is a vulnerability in these commands that could result in environment variables being modified by an attacker. Depending on the use of the environment variable, this could enable an attacker to, at worst, modify the system path to run a different command than intended, resulting in arbitrary code execution. This could result in stolen code or secrets. Don't use `ACTIONS_ALLOW_UNSECURE_COMMANDS`. Instead, use Environment Files. See https://github.com/actions/toolkit/blob/main/docs/commands.md#environment-files for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.allowed-unsecure-commands.allowed-unsecure-commands)\n - [https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/](https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/)\n - [https://github.com/actions/toolkit/security/advisories/GHSA-mfwh-5m23-j46w](https://github.com/actions/toolkit/security/advisories/GHSA-mfwh-5m23-j46w)\n - [https://github.com/actions/toolkit/blob/main/docs/commands.md#environment-files](https://github.com/actions/toolkit/blob/main/docs/commands.md#environment-files)\n",
-                "text": "The environment variable `ACTIONS_ALLOW_UNSECURE_COMMANDS` grants this workflow permissions to use the `set-env` and `add-path` commands. There is a vulnerability in these commands that could result in environment variables being modified by an attacker. Depending on the use of the environment variable, this could enable an attacker to, at worst, modify the system path to run a different command than intended, resulting in arbitrary code execution. This could result in stolen code or secrets. Don't use `ACTIONS_ALLOW_UNSECURE_COMMANDS`. Instead, use Environment Files. See https://github.com/actions/toolkit/blob/main/docs/commands.md#environment-files for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/yaml.github-actions.security.allowed-unsecure-commands.allowed-unsecure-commands",
-              "id": "yaml.github-actions.security.allowed-unsecure-commands.allowed-unsecure-commands",
-              "name": "yaml.github-actions.security.allowed-unsecure-commands.allowed-unsecure-commands",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-749: Exposed Dangerous Method or Function",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A06:2017 - Security Misconfiguration",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.github-actions.security.allowed-unsecure-commands.allowed-unsecure-commands"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab/ssrf/ssrf_discussion.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 140,
+                  "start_column": 5,
+                  "end_line": 144,
+                  "end_column": 12,
+                  "snippet": {
+                    "text": "    <form method=\"post\" action=\"/ssrf_lab\">\n        {&#37; csrf_token &#37;}\n        <input type=\"hidden\" name=\"blog\" value=\"templates/Lab/ssrf/blogs/blog4.txt\">\n        <button type=\"submit\" class=\"btn btn-info\"> Blog4 </button>\n    </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "a67a23a0-bed2-47d0-8691-d091f488ef4a",
+          "fingerprints": {
+            "matchBasedId/v1": "ca2008bb3a5ab33ce4dc3d90bec934025699c5a00d9f45dbc6c3f4a280668147cb6bcb1d3cf3423e3ae47a48f4d5171a9d05383f8d750dac10c5adce877a4976_3"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Found request data in an EmailMessage that is set to use HTML. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS."
-              },
-              "help": {
-                "markdown": "Found request data in an EmailMessage that is set to use HTML. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.injection.email.xss-html-email-body.xss-html-email-body)\n - [https://www.damonkohler.com/2008/12/email-injection.html](https://www.damonkohler.com/2008/12/email-injection.html)\n",
-                "text": "Found request data in an EmailMessage that is set to use HTML. This is dangerous because HTML emails are susceptible to XSS. An attacker could inject data into this HTML email, causing XSS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.django.security.injection.email.xss-html-email-body.xss-html-email-body",
-              "id": "python.django.security.injection.email.xss-html-email-body.xss-html-email-body",
-              "name": "python.django.security.injection.email.xss-html-email-body.xss-html-email-body",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.injection.email.xss-html-email-body.xss-html-email-body"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 11,
+                  "start_column": 9,
+                  "end_line": 18,
+                  "end_column": 16,
+                  "snippet": {
+                    "text": "        <form method=\"post\" action=\"/broken_access_lab_1\">\n\n            <input id=\"input\" type=\"text\" name=\"name\" placeholder=\"User Name\"><br>\n            <input id=\"input\" type=\"password\" name=\"pass\" placeholder=\"Password\"><br>\n            <button style=\"margin-top:20px\" class=\"btn btn-info\" type=\"submit\"> Log in</button>\n\n\n        </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "d0c74003-6a7a-4cfa-beed-e4905fdcaa5f",
+          "fingerprints": {
+            "matchBasedId/v1": "d1f213b8b60b4da1e500e01b90728dc4ede017dfca6e40def70543e278b5b1f015cc46ca7684ef1b5b82664573a8b2099e0c157117ce9162937f3e860a82a73b_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.django-no-csrf-token.django-no-csrf-token",
+          "message": {
+            "text": "Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Should not use md5 to generate hashes. md5 is proven to be vulnerable through the use of brute-force attacks. Could also result in collisions, leading to potential collision attacks. Use SHA256 or other hashing functions instead."
-              },
-              "help": {
-                "markdown": "Should not use md5 to generate hashes. md5 is proven to be vulnerable through the use of brute-force attacks. Could also result in collisions, leading to potential collision attacks. Use SHA256 or other hashing functions instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.lang.security.weak-hashes-md5.weak-hashes-md5)\n - [https://www.ibm.com/support/pages/security-bulletin-vulnerability-md5-signature-and-hash-algorithm-affects-sterling-integrator-and-sterling-file-gateway-cve-2015-7575](https://www.ibm.com/support/pages/security-bulletin-vulnerability-md5-signature-and-hash-algorithm-affects-sterling-integrator-and-sterling-file-gateway-cve-2015-7575)\n",
-                "text": "Should not use md5 to generate hashes. md5 is proven to be vulnerable through the use of brute-force attacks. Could also result in collisions, leading to potential collision attacks. Use SHA256 or other hashing functions instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/ruby.lang.security.weak-hashes-md5.weak-hashes-md5",
-              "id": "ruby.lang.security.weak-hashes-md5.weak-hashes-md5",
-              "name": "ruby.lang.security.weak-hashes-md5.weak-hashes-md5",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-328: Use of Weak Hash",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.lang.security.weak-hashes-md5.weak-hashes-md5"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 11,
+                  "start_column": 9,
+                  "end_line": 18,
+                  "end_column": 16,
+                  "snippet": {
+                    "text": "        <form method=\"post\" action=\"/broken_access_lab_2\">\n\n            <input id=\"input\" type=\"text\" name=\"name\" placeholder=\"User Name\"><br>\n            <input id=\"input\" type=\"password\" name=\"pass\" placeholder=\"Password\"><br>\n            <button style=\"margin-top:20px\" class=\"btn btn-info\" type=\"submit\"> Log in</button>\n\n\n        </form>"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "24d9e7c4-9db1-4fa8-9afd-93844242f667",
+          "fingerprints": {
+            "matchBasedId/v1": "e38c316b557fb586af36f2c890371456e6fe286dfc9959cc9232fff2f28244c6948cf2bfa736d6c7bef94f6f6476706f8bf9b52d0cac6e5c3c007994e44e78ff_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.tainted-sql-string.tainted-sql-string",
+          "message": {
+            "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using the Django object-relational mappers (ORM) instead of raw SQL queries."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using non literal values in `overrideSql(...)`."
-              },
-              "help": {
-                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using non literal values in `overrideSql(...)`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/scala.slick.security.scala-slick-overridesql-literal.scala-slick-overrideSql-literal)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using non literal values in `overrideSql(...)`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/scala.slick.security.scala-slick-overridesql-literal.scala-slick-overrideSql-literal",
-              "id": "scala.slick.security.scala-slick-overridesql-literal.scala-slick-overrideSql-literal",
-              "name": "scala.slick.security.scala-slick-overridesql-literal.scala-slick-overrideSql-literal",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: scala.slick.security.scala-slick-overridesql-literal.scala-slick-overrideSql-literal"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 155,
+                  "start_column": 29,
+                  "end_line": 155,
+                  "end_column": 112,
+                  "snippet": {
+                    "text": "                sql_query = \"SELECT * FROM introduction_login WHERE user='\"+name+\"'AND password='\"+password+\"'\""
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "6e48c3fe-fcac-4c64-92ab-22a6c43cd107",
+          "fingerprints": {
+            "matchBasedId/v1": "96056686594b4c1d3f50b576a48f3f6f4afaf5298c805304b9b3b0d5cdb69a57d06fddf8ea40241d6f2b9bf2a901b2563861d962f13a2b334b8bf349c0c3b67a_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.raw-query.avoid-raw-sql",
+          "message": {
+            "text": "Detected the use of 'RawSQL' or 'raw' indicating the execution of a non-parameterized SQL query. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use Django ORM and parameterized queries before raw SQL. An example of using the Django ORM is: `People.objects.get(name='Bob')`"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Google OAuth Access Token detected"
-              },
-              "help": {
-                "markdown": "Google OAuth Access Token detected\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token)\n - [https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures](https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures)\n",
-                "text": "Google OAuth Access Token detected\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token",
-              "id": "generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token",
-              "name": "generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-798: Use of Hard-coded Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 159,
+                  "start_column": 25,
+                  "end_line": 159,
+                  "end_column": 53,
+                  "snippet": {
+                    "text": "                    val=login.objects.raw(sql_query)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "919810c1-9442-44fa-b54f-2baea325f88d",
+          "fingerprints": {
+            "matchBasedId/v1": "97b9e056085549aa69dadfe9acc2c89198dab6994e7a4143713acc170392ff70b6efe7eaa69ef6ab9df0c08ae6b198a7fc2affe677c2ba8311e7337df580cd74_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.lang.security.deserialization.pickle.avoid-pickle",
+          "message": {
+            "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Marking code as privileged enables a piece of trusted code to temporarily enable access to more resources than are available directly to the code that called it. Be very careful in your use of the privileged construct, and always remember to make the privileged code section as small as possible."
-              },
-              "help": {
-                "markdown": "Marking code as privileged enables a piece of trusted code to temporarily enable access to more resources than are available directly to the code that called it. Be very careful in your use of the privileged construct, and always remember to make the privileged code section as small as possible.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.do-privileged-use.do-privileged-use)\n - [https://docs.oracle.com/javase/8/docs/technotes/guides/security/doprivileged.html](https://docs.oracle.com/javase/8/docs/technotes/guides/security/doprivileged.html)\n - [https://wiki.sei.cmu.edu/confluence/display/java/Privilege+Escalation](https://wiki.sei.cmu.edu/confluence/display/java/Privilege+Escalation)\n - [http://phrack.org/papers/escaping_the_java_sandbox.html](http://phrack.org/papers/escaping_the_java_sandbox.html)\n",
-                "text": "Marking code as privileged enables a piece of trusted code to temporarily enable access to more resources than are available directly to the code that called it. Be very careful in your use of the privileged construct, and always remember to make the privileged code section as small as possible.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.do-privileged-use.do-privileged-use",
-              "id": "java.lang.security.do-privileged-use.do-privileged-use",
-              "name": "java.lang.security.do-privileged-use.do-privileged-use",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-269: Improper Privilege Management",
-                  "LOW CONFIDENCE",
-                  "OWASP-A04:2021 - Insecure Design",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.do-privileged-use.do-privileged-use"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 199,
+                  "start_column": 16,
+                  "end_line": 199,
+                  "end_column": 40,
+                  "snippet": {
+                    "text": "pickled_user = pickle.dumps(TestUser())"
+                  }
+                }
+              }
+            }
+          ],
+          "guid": "9ba702ca-982f-4776-a216-c3ee33609a2f",
+          "fingerprints": {
+            "matchBasedId/v1": "a8718d5941cddbb4f3f2b7d4f80d4ddb9dd12abeb6306e98f6f051e5199f97e3d0ae15577e082a8f6d0d1b0b5d0e13dd194dc3ebac179c7cde2b98e976740345_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+          "message": {
+            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 208,
+                  "start_column": 13,
+                  "end_line": 208,
+                  "end_column": 73,
+                  "snippet": {
+                    "text": "            response.set_cookie(key='token',value=token.decode('utf-8'))"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "49f6144b-78c0-4f75-97ac-8bdeab88828c",
+          "fingerprints": {
+            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization",
+          "message": {
+            "text": "Avoid using insecure deserialization library, backed by `pickle`, `_pickle`, `cpickle`, `dill`, `shelve`, or `yaml`, which are known to lead to remote code execution vulnerabilities."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "'open_out' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_out_bin' or 'open_out_gen [Open_binary]'. If you really want LF-to-CRLF translations to take place when running on Windows, use 'open_out_gen [Open_text]'."
-              },
-              "help": {
-                "markdown": "'open_out' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_out_bin' or 'open_out_gen [Open_binary]'. If you really want LF-to-CRLF translations to take place when running on Windows, use 'open_out_gen [Open_text]'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode)\n",
-                "text": "'open_out' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_out_bin' or 'open_out_gen [Open_binary]'. If you really want LF-to-CRLF translations to take place when running on Windows, use 'open_out_gen [Open_text]'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode",
-              "id": "ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode",
-              "name": "ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 211,
+                  "start_column": 21,
+                  "end_line": 211,
+                  "end_column": 40,
+                  "snippet": {
+                    "text": "            admin = pickle.loads(token)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "93d3219e-83f2-4407-8ea5-07ecd1003a8b",
+          "fingerprints": {
+            "matchBasedId/v1": "6afd3de860be660079ffdea91808b7bd19861619ab2d850b5233695189c043a97873f674cb51da6153616c0d07e07607389507ef460d0d27ff369679efbf9654_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.lang.security.deserialization.pickle.avoid-pickle",
+          "message": {
+            "text": "Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "'open_in' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_in_bin' or 'open_in_gen [Open_binary]'. If you really want CRLF-to-LF translations to take place when running on Windows, use 'open_in_gen [Open_text]'."
-              },
-              "help": {
-                "markdown": "'open_in' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_in_bin' or 'open_in_gen [Open_binary]'. If you really want CRLF-to-LF translations to take place when running on Windows, use 'open_in_gen [Open_text]'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode)\n",
-                "text": "'open_in' behaves differently on Windows and on Unix-like systems with respect to line endings. To get the same behavior everywhere, use 'open_in_bin' or 'open_in_gen [Open_binary]'. If you really want CRLF-to-LF translations to take place when running on Windows, use 'open_in_gen [Open_text]'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode",
-              "id": "ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode",
-              "name": "ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 211,
+                  "start_column": 21,
+                  "end_line": 211,
+                  "end_column": 40,
+                  "snippet": {
+                    "text": "            admin = pickle.loads(token)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "0f858272-00d9-4c08-8d2f-e7cf196990f6",
+          "fingerprints": {
+            "matchBasedId/v1": "2e66761d8bcdeeccc02a513374680f9a85d9855ec839abb13aa5756474e976bc03456a7edaa05b12f3852465afb5fe7c45383c3d75cb6d3cfae55e34a06451fe_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `Example.find_by_sql [\"SELECT title FROM posts WHERE author = ? AND created > ?\", author_id, start_date]`"
-              },
-              "help": {
-                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `Example.find_by_sql [\"SELECT title FROM posts WHERE author = ? AND created > ?\", author_id, start_date]`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.aws-lambda.security.activerecord-sqli.activerecord-sqli)\n - [https://guides.rubyonrails.org/active_record_querying.html#finding-by-sql](https://guides.rubyonrails.org/active_record_querying.html#finding-by-sql)\n",
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `Example.find_by_sql [\"SELECT title FROM posts WHERE author = ? AND created > ?\", author_id, start_date]`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/ruby.aws-lambda.security.activerecord-sqli.activerecord-sqli",
-              "id": "ruby.aws-lambda.security.activerecord-sqli.activerecord-sqli",
-              "name": "ruby.aws-lambda.security.activerecord-sqli.activerecord-sqli",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.aws-lambda.security.activerecord-sqli.activerecord-sqli"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 236,
+                  "start_column": 1,
+                  "end_line": 244,
+                  "end_column": 33,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef xxe_see(request):\n    if request.user.is_authenticated:\n\n        data=comments.objects.all()\n        com=data[0].comment\n        return render(request,'Lab/XXE/xxe_lab.html',{\"com\":com})\n    else:\n        return redirect('login')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "de95b4ae-e84a-4882-bd59-0ff443f76269",
+          "fingerprints": {
+            "matchBasedId/v1": "44bbf262277c0f2622f3ae76a1f05df2417644c4b37d15a0dec33189fb77173bace0bbd16dcb4f0010a1e2c456175423527a43cbea4443eba5fe1616232e46db_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens."
-              },
-              "help": {
-                "markdown": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/ruby.jwt.security.jwt-exposed-credentials.ruby-jwt-exposed-credentials)\n - [https://cwe.mitre.org/data/definitions/522.html](https://cwe.mitre.org/data/definitions/522.html)\n",
-                "text": "Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/ruby.jwt.security.jwt-exposed-credentials.ruby-jwt-exposed-credentials",
-              "id": "ruby.jwt.security.jwt-exposed-credentials.ruby-jwt-exposed-credentials",
-              "name": "ruby.jwt.security.jwt-exposed-credentials.ruby-jwt-exposed-credentials",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-522: Insufficiently Protected Credentials",
-                  "LOW CONFIDENCE",
-                  "OWASP-A02:2017 - Broken Authentication",
-                  "OWASP-A04:2021 - Insecure Design",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: ruby.jwt.security.jwt-exposed-credentials.ruby-jwt-exposed-credentials"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 247,
+                  "start_column": 1,
+                  "end_line": 262,
+                  "end_column": 51,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef xxe_parse(request):\n\n    parser = make_parser()\n    parser.setFeature(feature_external_ges, True)\n    doc = parseString(request.body.decode('utf-8'), parser=parser)\n    for event, node in doc:\n        if event == START_ELEMENT and node.tagName == 'text':\n            doc.expandNode(node)\n            text = node.toxml()\n    startInd = text.find('>')\n    endInd = text.find('<', startInd)\n    text = text[startInd + 1:endInd:]\n    p=comments.objects.filter(id=1).update(comment=text)\n\n    return render(request, 'Lab/XXE/xxe_lab.html')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "dd9720e2-f9e3-4f38-a629-cb74b2c828a7",
+          "fingerprints": {
+            "matchBasedId/v1": "cdf9672bc3f7e69a2b03d003c14cbe3da0d32cf91db748ddda0f2c682f88cefd2dd99fc1139686e54cd8c4f9222dce4d67bca5a37ac1be223e392c6a16dd82fe_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse",
+          "message": {
+            "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected an HTTP request sent via HttpGet. This could lead to sensitive information being sent  over an insecure channel. Instead, it is recommended to send requests over HTTPS."
-              },
-              "help": {
-                "markdown": "Detected an HTTP request sent via HttpGet. This could lead to sensitive information being sent  over an insecure channel. Instead, it is recommended to send requests over HTTPS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpget-http-request.httpget-http-request)\n - [https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URLConnection.html](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URLConnection.html)\n - [https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URL.html#openConnection()](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URL.html#openConnection())\n",
-                "text": "Detected an HTTP request sent via HttpGet. This could lead to sensitive information being sent  over an insecure channel. Instead, it is recommended to send requests over HTTPS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.httpget-http-request.httpget-http-request",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.httpget-http-request.httpget-http-request",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.httpget-http-request.httpget-http-request",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.httpget-http-request.httpget-http-request"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 282,
+                  "start_column": 28,
+                  "end_line": 282,
+                  "end_column": 50,
+                  "snippet": {
+                    "text": "                response = HttpResponse(rendered)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "ba897a2b-2358-4557-a433-2376245360a5",
+          "fingerprints": {
+            "matchBasedId/v1": "ecdb18cf7b07cc98ef9f53a5c39eef5cffe7ca167f0e6e2cbdb42f5c35d4b702ddb93acce08ad802d34c6164f349a5cb0995c2327292b5f1666b643006580779_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+          "message": {
+            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Make sure that unverified user data can not reach `$VM`."
-              },
-              "help": {
-                "markdown": "Make sure that unverified user data can not reach `$VM`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.express.security.express-vm-injection.express-vm-injection)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)\n",
-                "text": "Make sure that unverified user data can not reach `$VM`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.express.security.express-vm-injection.express-vm-injection",
-              "id": "javascript.express.security.express-vm-injection.express-vm-injection",
-              "name": "javascript.express.security.express-vm-injection.express-vm-injection",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-94: Improper Control of Generation of Code ('Code Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.express.security.express-vm-injection.express-vm-injection"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 283,
+                  "start_column": 17,
+                  "end_line": 283,
+                  "end_column": 105,
+                  "snippet": {
+                    "text": "                response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "5bf75cfa-1599-4114-8d9a-c30481d85e62",
+          "fingerprints": {
+            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_1"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse",
+          "message": {
+            "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Consuming CDNs without including a SubResource Integrity (SRI) can expose your application and its users to compromised code. SRIs allow you to consume specific versions of content where if even a single byte is compromised, the resource will not be loaded. Add an integrity attribute to your <script> and <link> tags pointing to CDN content to ensure the resources have not been compromised. A crossorigin attribute should also be added. For a more thorough explanation along with explicit instructions on remediating, follow the directions from Mozilla here: https://developer.mozilla.org/en-US/blog/securing-cdn-using-sri-why-how/"
-              },
-              "help": {
-                "markdown": "Consuming CDNs without including a SubResource Integrity (SRI) can expose your application and its users to compromised code. SRIs allow you to consume specific versions of content where if even a single byte is compromised, the resource will not be loaded. Add an integrity attribute to your <script> and <link> tags pointing to CDN content to ensure the resources have not been compromised. A crossorigin attribute should also be added. For a more thorough explanation along with explicit instructions on remediating, follow the directions from Mozilla here: https://developer.mozilla.org/en-US/blog/securing-cdn-using-sri-why-how/\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/generic.visualforce.security.ncino.html.usesriforcdns.use-SRI-for-CDNs)\n - [https://cwe.mitre.org/data/definitions/352.html](https://cwe.mitre.org/data/definitions/352.html)\n - [https://developer.mozilla.org/en-US/blog/securing-cdn-using-sri-why-how/](https://developer.mozilla.org/en-US/blog/securing-cdn-using-sri-why-how/)\n",
-                "text": "Consuming CDNs without including a SubResource Integrity (SRI) can expose your application and its users to compromised code. SRIs allow you to consume specific versions of content where if even a single byte is compromised, the resource will not be loaded. Add an integrity attribute to your <script> and <link> tags pointing to CDN content to ensure the resources have not been compromised. A crossorigin attribute should also be added. For a more thorough explanation along with explicit instructions on remediating, follow the directions from Mozilla here: https://developer.mozilla.org/en-US/blog/securing-cdn-using-sri-why-how/\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/generic.visualforce.security.ncino.html.usesriforcdns.use-SRI-for-CDNs",
-              "id": "generic.visualforce.security.ncino.html.usesriforcdns.use-SRI-for-CDNs",
-              "name": "generic.visualforce.security.ncino.html.usesriforcdns.use-SRI-for-CDNs",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-346: Origin Validation Error",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A07:2021 - Identification and Authentication Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: generic.visualforce.security.ncino.html.usesriforcdns.use-SRI-for-CDNs"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 296,
+                  "start_column": 24,
+                  "end_line": 296,
+                  "end_column": 46,
+                  "snippet": {
+                    "text": "            response = HttpResponse(rendered)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "27684c6b-ff8c-4d49-bd81-228c05f7ab21",
+          "fingerprints": {
+            "matchBasedId/v1": "ecdb18cf7b07cc98ef9f53a5c39eef5cffe7ca167f0e6e2cbdb42f5c35d4b702ddb93acce08ad802d34c6164f349a5cb0995c2327292b5f1666b643006580779_1"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+          "message": {
+            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "note"
-              },
-              "fullDescription": {
-                "text": "Mako templates do not provide a global HTML escaping mechanism. This means you must escape all sensitive data in your templates using '| u' for URL escaping or '| h' for HTML escaping. If you are using Mako to serve web content, consider using a system such as Jinja2 which enables global escaping."
-              },
-              "help": {
-                "markdown": "Mako templates do not provide a global HTML escaping mechanism. This means you must escape all sensitive data in your templates using '| u' for URL escaping or '| h' for HTML escaping. If you are using Mako to serve web content, consider using a system such as Jinja2 which enables global escaping.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.mako-templates-detected.mako-templates-detected)\n - [https://docs.makotemplates.org/en/latest/syntax.html#expression-escaping](https://docs.makotemplates.org/en/latest/syntax.html#expression-escaping)\n - [https://jinja.palletsprojects.com/en/2.11.x/intro/#](https://jinja.palletsprojects.com/en/2.11.x/intro/#)\n",
-                "text": "Mako templates do not provide a global HTML escaping mechanism. This means you must escape all sensitive data in your templates using '| u' for URL escaping or '| h' for HTML escaping. If you are using Mako to serve web content, consider using a system such as Jinja2 which enables global escaping.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.mako-templates-detected.mako-templates-detected",
-              "id": "python.lang.security.audit.mako-templates-detected.mako-templates-detected",
-              "name": "python.lang.security.audit.mako-templates-detected.mako-templates-detected",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.mako-templates-detected.mako-templates-detected"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 297,
+                  "start_column": 13,
+                  "end_line": 297,
+                  "end_column": 101,
+                  "snippet": {
+                    "text": "            response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "bb0b503d-ef83-4c58-91f9-ff546c0b71bd",
+          "fingerprints": {
+            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_2"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse",
+          "message": {
+            "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "DOCTYPE declarations are enabled for this DocumentBuilderFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false."
-              },
-              "help": {
-                "markdown": "DOCTYPE declarations are enabled for this DocumentBuilderFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n - [https://xerces.apache.org/xerces2-j/features.html](https://xerces.apache.org/xerces2-j/features.html)\n",
-                "text": "DOCTYPE declarations are enabled for this DocumentBuilderFactory. This is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing",
-              "id": "java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing",
-              "name": "java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 310,
+                  "start_column": 28,
+                  "end_line": 310,
+                  "end_column": 50,
+                  "snippet": {
+                    "text": "                response = HttpResponse(rendered)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "3a9b30d7-c8e0-4114-b905-4f30cbe8e3fd",
+          "fingerprints": {
+            "matchBasedId/v1": "ecdb18cf7b07cc98ef9f53a5c39eef5cffe7ca167f0e6e2cbdb42f5c35d4b702ddb93acce08ad802d34c6164f349a5cb0995c2327292b5f1666b643006580779_2"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+          "message": {
+            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = ?', 'active')`"
-              },
-              "help": {
-                "markdown": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = ?', 'active')`\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.aws-lambda.security.sqlalchemy-sqli.sqlalchemy-sqli)\n - [https://docs.sqlalchemy.org/en/14/core/connections.html#sqlalchemy.engine.Connection.execute](https://docs.sqlalchemy.org/en/14/core/connections.html#sqlalchemy.engine.Connection.execute)\n",
-                "text": "Detected SQL statement that is tainted by `event` object. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead. You can use parameterized statements like so: `cursor.execute('SELECT * FROM projects WHERE status = ?', 'active')`\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.aws-lambda.security.sqlalchemy-sqli.sqlalchemy-sqli",
-              "id": "python.aws-lambda.security.sqlalchemy-sqli.sqlalchemy-sqli",
-              "name": "python.aws-lambda.security.sqlalchemy-sqli.sqlalchemy-sqli",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.aws-lambda.security.sqlalchemy-sqli.sqlalchemy-sqli"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 311,
+                  "start_column": 17,
+                  "end_line": 311,
+                  "end_column": 105,
+                  "snippet": {
+                    "text": "                response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "0b0db1d6-fd80-474d-b1a2-75437a318aa6",
+          "fingerprints": {
+            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_3"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse",
+          "message": {
+            "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "TypeNameHandling $TYPEHANDLER is unsafe and can lead to arbitrary code execution in the context of the process. Use a custom SerializationBinder whenever using a setting other than TypeNameHandling.None."
-              },
-              "help": {
-                "markdown": "TypeNameHandling $TYPEHANDLER is unsafe and can lead to arbitrary code execution in the context of the process. Use a custom SerializationBinder whenever using a setting other than TypeNameHandling.None.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.newtonsoft.insecure-newtonsoft-deserialization)\n - [https://www.newtonsoft.com/json/help/html/T_Newtonsoft_Json_TypeNameHandling.htm#remarks](https://www.newtonsoft.com/json/help/html/T_Newtonsoft_Json_TypeNameHandling.htm#remarks)\n",
-                "text": "TypeNameHandling $TYPEHANDLER is unsafe and can lead to arbitrary code execution in the context of the process. Use a custom SerializationBinder whenever using a setting other than TypeNameHandling.None.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.newtonsoft.insecure-newtonsoft-deserialization",
-              "id": "csharp.lang.security.insecure-deserialization.newtonsoft.insecure-newtonsoft-deserialization",
-              "name": "csharp.lang.security.insecure-deserialization.newtonsoft.insecure-newtonsoft-deserialization",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.newtonsoft.insecure-newtonsoft-deserialization"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 321,
+                  "start_column": 16,
+                  "end_line": 321,
+                  "end_column": 38,
+                  "snippet": {
+                    "text": "    response = HttpResponse(rendered)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "7701d29e-7168-426d-90c3-3c93b852f19b",
+          "fingerprints": {
+            "matchBasedId/v1": "ecdb18cf7b07cc98ef9f53a5c39eef5cffe7ca167f0e6e2cbdb42f5c35d4b702ddb93acce08ad802d34c6164f349a5cb0995c2327292b5f1666b643006580779_3"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities"
-              },
-              "help": {
-                "markdown": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-setcontent-injection.puppeteer-setcontent-injection)\n - [https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29](https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29)\n",
-                "text": "If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/javascript.puppeteer.security.audit.puppeteer-setcontent-injection.puppeteer-setcontent-injection",
-              "id": "javascript.puppeteer.security.audit.puppeteer-setcontent-injection.puppeteer-setcontent-injection",
-              "name": "javascript.puppeteer.security.audit.puppeteer-setcontent-injection.puppeteer-setcontent-injection",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-918: Server-Side Request Forgery (SSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A10:2021 - Server-Side Request Forgery (SSRF)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: javascript.puppeteer.security.audit.puppeteer-setcontent-injection.puppeteer-setcontent-injection"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 327,
+                  "start_column": 1,
+                  "end_line": 332,
+                  "end_column": 33,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef ba(request):\n    if request.user.is_authenticated:\n        return render(request,\"Lab/BrokenAccess/ba.html\")\n    else:\n        return redirect('login')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "2a575260-f6ae-4d65-9012-69cd6446cf9d",
+          "fingerprints": {
+            "matchBasedId/v1": "feaf12476ff893432ebe0db525c31ca7c359f29837754a6419a2f623ab3722353f7c76c1ddded78ecf6baa8cfbbf4787c34023db4907a6e24e54507a4fa70861_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Disabled host key verification detected. This allows man-in-the-middle attacks. Use the 'golang.org/x/crypto/ssh/knownhosts' package to do host key verification. See https://skarlso.github.io/2019/02/17/go-ssh-with-host-key-verification/ to learn more about the problem and how to fix it."
-              },
-              "help": {
-                "markdown": "Disabled host key verification detected. This allows man-in-the-middle attacks. Use the 'golang.org/x/crypto/ssh/knownhosts' package to do host key verification. See https://skarlso.github.io/2019/02/17/go-ssh-with-host-key-verification/ to learn more about the problem and how to fix it.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.insecure_ssh.avoid-ssh-insecure-ignore-host-key)\n - [https://skarlso.github.io/2019/02/17/go-ssh-with-host-key-verification/](https://skarlso.github.io/2019/02/17/go-ssh-with-host-key-verification/)\n - [https://gist.github.com/Skarlso/34321a230cf0245018288686c9e70b2d](https://gist.github.com/Skarlso/34321a230cf0245018288686c9e70b2d)\n",
-                "text": "Disabled host key verification detected. This allows man-in-the-middle attacks. Use the 'golang.org/x/crypto/ssh/knownhosts' package to do host key verification. See https://skarlso.github.io/2019/02/17/go-ssh-with-host-key-verification/ to learn more about the problem and how to fix it.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.insecure_ssh.avoid-ssh-insecure-ignore-host-key",
-              "id": "go.lang.security.audit.crypto.insecure_ssh.avoid-ssh-insecure-ignore-host-key",
-              "name": "go.lang.security.audit.crypto.insecure_ssh.avoid-ssh-insecure-ignore-host-key",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-322: Key Exchange without Entity Authentication",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.insecure_ssh.avoid-ssh-insecure-ignore-host-key"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 333,
+                  "start_column": 1,
+                  "end_line": 373,
+                  "end_column": 33,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef ba_lab(request):\n    if request.user.is_authenticated:\n        name = request.POST.get('name')\n        password = request.POST.get('pass')\n        if name:\n            if request.COOKIES.get('admin') == \"1\":\n                return render(\n                    request, \n                    'Lab/BrokenAccess/ba_lab.html', \n                    {\n                        \"data\":\"0NLY_F0R_4DM1N5\",\n                        \"username\": \"admin\"\n                    })\n            elif login.objects.filter(user='admin',password=password):\n                html = render(\n                    request, \n                    'Lab/BrokenAccess/ba_lab.html', \n                    {\n                        \"data\":\"0NLY_F0R_4DM1N5\",\n                        \"username\": \"admin\"\n                    })\n                html.set_cookie(\"admin\", \"1\",max_age=200)\n                return html\n            elif login.objects.filter(user=name,password=password):\n                html = render(\n                request, \n                'Lab/BrokenAccess/ba_lab.html', \n                {\n                    \"not_admin\":\"No Secret key for this User\",\n                    \"username\": name\n                })\n                html.set_cookie(\"admin\", \"0\",max_age=200)\n                return html\n            else:\n                return render(request, 'Lab/BrokenAccess/ba_lab.html', {\"data\": \"User Not Found\"})\n\n        else:\n            return render(request,'Lab/BrokenAccess/ba_lab.html',{\"no_creds\":True})\n    else:\n        return redirect('login')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "0b796fb4-8ab9-4e0a-9bf4-4b5a99fcb84f",
+          "fingerprints": {
+            "matchBasedId/v1": "8e222532117b46dd5aca3d0f01ee82d19abb9dd9209105bcbf94029566cf9d85c25a1d3c454e6d6ec3aadd386eff5278c1c4d6ad55f52f8ff4ac9ac480d5ec32_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Do not use `math/rand`. Use `crypto/rand` instead."
-              },
-              "help": {
-                "markdown": "Do not use `math/rand`. Use `crypto/rand` instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.math_random.math-random-used)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#secure-random-number-generation](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#secure-random-number-generation)\n",
-                "text": "Do not use `math/rand`. Use `crypto/rand` instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.math_random.math-random-used",
-              "id": "go.lang.security.audit.crypto.math_random.math-random-used",
-              "name": "go.lang.security.audit.crypto.math_random.math-random-used",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.math_random.math-random-used"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 406,
+                  "start_column": 1,
+                  "end_line": 441,
+                  "end_column": 33,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef cmd_lab(request):\n    if request.user.is_authenticated:\n        if(request.method==\"POST\"):\n            domain=request.POST.get('domain')\n            domain=domain.replace(\"https://www.\",'')\n            os=request.POST.get('os')\n            print(os)\n            if(os=='win'):\n                command=\"nslookup {}\".format(domain)\n            else:\n                command = \"dig {}\".format(domain)\n            \n            try:\n                # output=subprocess.check_output(command,shell=True,encoding=\"UTF-8\")\n                process = subprocess.Popen(\n                    command,\n                    shell=True,\n                    stdout=subprocess.PIPE, \n                    stderr=subprocess.PIPE)\n                stdout, stderr = process.communicate()\n                data = stdout.decode('utf-8')\n                stderr = stderr.decode('utf-8')\n                # res = json.loads(data)\n                # print(\"Stdout\\n\" + data)\n                output = data + stderr\n                print(data + stderr)\n            except:\n                output = \"Something went wrong\"\n                return render(request,'Lab/CMD/cmd_lab.html',{\"output\":output})\n            print(output)\n            return render(request,'Lab/CMD/cmd_lab.html',{\"output\":output})\n        else:\n            return render(request, 'Lab/CMD/cmd_lab.html')\n    else:\n        return redirect('login')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "f7d9b46a-a894-4f77-b71b-3ca733479f76",
+          "fingerprints": {
+            "matchBasedId/v1": "2b50e5583de0310dc0118436d7f56ecbfafef069ec53226bdc089aa06142b85407cc318aa89afd17a9247137f87d67e58138051123ccaa10b98d740130a06687_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.command.subprocess-injection.subprocess-injection",
+          "message": {
+            "text": "Detected user input entering a `subprocess` call unsafely. This could result in a command injection vulnerability. An attacker could use this vulnerability to execute arbitrary commands on the host, which allows them to download malware, scan sensitive data, or run any command they wish on the server. Do not let users choose the command to run. In general, prefer to use Python API versions of system commands. If you must use subprocess, use a dictionary to allowlist a set of commands."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML."
-              },
-              "help": {
-                "markdown": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse)\n - [https://docs.djangoproject.com/en/3.1/intro/tutorial03/#a-shortcut-render](https://docs.djangoproject.com/en/3.1/intro/tutorial03/#a-shortcut-render)\n - [https://docs.djangoproject.com/en/3.1/topics/http/shortcuts/#render](https://docs.djangoproject.com/en/3.1/topics/http/shortcuts/#render)\n",
-                "text": "Detected data rendered directly to the end user via 'HttpResponse' or a similar object. This bypasses Django's built-in cross-site scripting (XSS) defenses and could result in an XSS vulnerability. Use Django's template engine to safely render HTML.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse",
-              "id": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse",
-              "name": "python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.django.security.audit.xss.direct-use-of-httpresponse.direct-use-of-httpresponse"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 421,
+                  "start_column": 27,
+                  "end_line": 425,
+                  "end_column": 44,
+                  "snippet": {
+                    "text": "                process = subprocess.Popen(\n                    command,\n                    shell=True,\n                    stdout=subprocess.PIPE, \n                    stderr=subprocess.PIPE)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "d7357ec3-7769-4996-a1c1-4fc18ea11baa",
+          "fingerprints": {
+            "matchBasedId/v1": "94611d943987a0d7f75afc843d39653c4ade5d2aedc527f96b426d960163cb2a1870d9e6b1fed79c92cc9a9843458348cbcdd152d51665133f63850bd8e67788_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.lang.security.audit.subprocess-shell-true.subprocess-shell-true",
+          "message": {
+            "text": "Found 'subprocess' function 'Popen' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML."
-              },
-              "help": {
-                "markdown": "Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml)\n - [https://react.dev/reference/react-dom/components/common#dangerously-setting-the-inner-html](https://react.dev/reference/react-dom/components/common#dangerously-setting-the-inner-html)\n",
-                "text": "Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml",
-              "id": "typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml",
-              "name": "typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 421,
+                  "start_column": 27,
+                  "end_line": 425,
+                  "end_column": 44,
+                  "snippet": {
+                    "text": "                process = subprocess.Popen(\n                    command,\n                    shell=True,\n                    stdout=subprocess.PIPE, \n                    stderr=subprocess.PIPE)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "8ee07cc9-0c4a-4bb4-a9f8-740f8a004fea",
+          "fingerprints": {
+            "matchBasedId/v1": "d665d7d2046c901331c1436bf4971a4c8a73ce7a02e928d5e781145c9f43c379adcd48ff49768c44f5dc591534b02ff3f688d042d99797b98326f48dee92c783_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use",
+          "message": {
+            "text": "Detected subprocess function 'cmd_lab' with user controlled data. A malicious actor could leverage this to perform command injection. You may consider using 'shlex.escape()'."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "These permissions `$BITS` are widely permissive and grant access to more people than may be necessary. A good default is `0o644` which gives read and write access to yourself and read access to everyone else."
-              },
-              "help": {
-                "markdown": "These permissions `$BITS` are widely permissive and grant access to more people than may be necessary. A good default is `0o644` which gives read and write access to yourself and read access to everyone else.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.insecure-file-permissions.insecure-file-permissions)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "These permissions `$BITS` are widely permissive and grant access to more people than may be necessary. A good default is `0o644` which gives read and write access to yourself and read access to everyone else.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.insecure-file-permissions.insecure-file-permissions",
-              "id": "python.lang.security.audit.insecure-file-permissions.insecure-file-permissions",
-              "name": "python.lang.security.audit.insecure-file-permissions.insecure-file-permissions",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-276: Incorrect Default Permissions",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.insecure-file-permissions.insecure-file-permissions"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 422,
+                  "start_column": 21,
+                  "end_line": 422,
+                  "end_column": 28,
+                  "snippet": {
+                    "text": "                    command,"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "c5c23db7-4db4-4518-9a50-49a154382ea8",
+          "fingerprints": {
+            "matchBasedId/v1": "b22e8250a693c5f615d40674fb16d520b52b75e4c405f61babb0ced7553bd691bc0c14dd21ff7ff0441ea97d16470a221e447d09fb17213138e9b4f4c4ab6e49_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Using QUERY.count() instead of len(QUERY.all()) sends less data to the client since the SQLAlchemy method is performed server-side."
-              },
-              "help": {
-                "markdown": "Using QUERY.count() instead of len(QUERY.all()) sends less data to the client since the SQLAlchemy method is performed server-side.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sqlalchemy.performance.performance-improvements.len-all-count)\n",
-                "text": "Using QUERY.count() instead of len(QUERY.all()) sends less data to the client since the SQLAlchemy method is performed server-side.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.sqlalchemy.performance.performance-improvements.len-all-count",
-              "id": "python.sqlalchemy.performance.performance-improvements.len-all-count",
-              "name": "python.sqlalchemy.performance.performance-improvements.len-all-count",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.sqlalchemy.performance.performance-improvements.len-all-count"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 443,
+                  "start_column": 1,
+                  "end_line": 460,
+                  "end_column": 33,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef cmd_lab2(request):\n    if request.user.is_authenticated:\n        if (request.method==\"POST\"):\n            val=request.POST.get('val')\n            \n            print(val)\n            try:\n                output = eval(val)\n            except:\n                output = \"Something went wrong\"\n                return render(request,'Lab/CMD/cmd_lab2.html',{\"output\":output})\n            print(\"Output = \", output)\n            return render(request,'Lab/CMD/cmd_lab2.html',{\"output\":output})\n        else:\n            return render(request, 'Lab/CMD/cmd_lab2.html')\n    else:\n        return redirect('login')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "346a601c-45cf-474c-8641-8b97a42eebd0",
+          "fingerprints": {
+            "matchBasedId/v1": "15f5aa865ea27de8b14a0f65de60b4d5a43909244b985f4b737212410912deb50360fe0aaa1c7ccba11f6468bdd8d96392c2bb1fc4ee29de3c03a1da2809579f_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.code.user-eval.user-eval",
+          "message": {
+            "text": "Found user data in a call to 'eval'. This is extremely dangerous because it can enable an attacker to execute arbitrary remote code on the system. Instead, refactor your code to not use 'eval' and instead use a safe library for the specific functionality you need."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Initialization Vectors (IVs) for block ciphers should be randomly generated each time they are used. Using a static IV means the same plaintext encrypts to the same ciphertext every time, weakening the strength of the encryption."
-              },
-              "help": {
-                "markdown": "Initialization Vectors (IVs) for block ciphers should be randomly generated each time they are used. Using a static IV means the same plaintext encrypts to the same ciphertext every time, weakening the strength of the encryption.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.crypto.no-static-initialization-vector.no-static-initialization-vector)\n - [https://cwe.mitre.org/data/definitions/329.html](https://cwe.mitre.org/data/definitions/329.html)\n",
-                "text": "Initialization Vectors (IVs) for block ciphers should be randomly generated each time they are used. Using a static IV means the same plaintext encrypts to the same ciphertext every time, weakening the strength of the encryption.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.crypto.no-static-initialization-vector.no-static-initialization-vector",
-              "id": "java.lang.security.audit.crypto.no-static-initialization-vector.no-static-initialization-vector",
-              "name": "java.lang.security.audit.crypto.no-static-initialization-vector.no-static-initialization-vector",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-329: Generation of Predictable IV with CBC Mode",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.crypto.no-static-initialization-vector.no-static-initialization-vector"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 447,
+                  "start_column": 13,
+                  "end_line": 454,
+                  "end_column": 81,
+                  "snippet": {
+                    "text": "            val=request.POST.get('val')\n            \n            print(val)\n            try:\n                output = eval(val)\n            except:\n                output = \"Something went wrong\"\n                return render(request,'Lab/CMD/cmd_lab2.html',{\"output\":output})"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "da430808-6fdc-43d7-a8d4-65150761d7be",
+          "fingerprints": {
+            "matchBasedId/v1": "912c28621c990cec1c4c259dd72a41485aea7cc7cbd2cb5846b55e1c8b65678baa533b5787eb5e222a430b7457bb95e4fa816109902a2e9f1261fdda0f915c01_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.lang.security.audit.eval-detected.eval-detected",
+          "message": {
+            "text": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected DES cipher algorithm which is insecure. The algorithm is considered weak and has been deprecated. Use AES instead."
-              },
-              "help": {
-                "markdown": "Detected DES cipher algorithm which is insecure. The algorithm is considered weak and has been deprecated. Use AES instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-DES)\n - [https://owasp.org/Top10/A02_2021-Cryptographic_Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)\n",
-                "text": "Detected DES cipher algorithm which is insecure. The algorithm is considered weak and has been deprecated. Use AES instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.crypto.use_of_weak_crypto.use-of-DES",
-              "id": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-DES",
-              "name": "go.lang.security.audit.crypto.use_of_weak_crypto.use-of-DES",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.crypto.use_of_weak_crypto.use-of-DES"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 451,
+                  "start_column": 26,
+                  "end_line": 451,
+                  "end_column": 35,
+                  "snippet": {
+                    "text": "                output = eval(val)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "7ad35e64-cdd1-4501-87b6-1ac762300dff",
+          "fingerprints": {
+            "matchBasedId/v1": "7ccc3aeb5b5a728bfcf602ad9cab37a9abed280ad405be4b82f5910ac8b9d23750a6fc80f1c3f4a334729a6b04698f458e44672dc8042688ceb2fe1277e1918d_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option."
-              },
-              "help": {
-                "markdown": "Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query)\n - [https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql](https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-textual-sql)\n - [https://www.tutorialspoint.com/sqlalchemy/sqlalchemy_quick_guide.htm](https://www.tutorialspoint.com/sqlalchemy/sqlalchemy_quick_guide.htm)\n - [https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-more-specific-text-with-table-expression-literal-column-and-expression-column](https://docs.sqlalchemy.org/en/14/core/tutorial.html#using-more-specific-text-with-table-expression-literal-column-and-expression-column)\n",
-                "text": "Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query",
-              "id": "python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query",
-              "name": "python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 483,
+                  "start_column": 1,
+                  "end_line": 509,
+                  "end_column": 101,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef Otp(request):\n    if request.method==\"GET\":\n        email=request.GET.get('email')\n        otpN=randint(100,999)\n        if email and otpN:\n            if email==\"admin@pygoat.com\":\n                otp.objects.filter(id=2).update(otp=otpN)\n                html = render(request, \"Lab/BrokenAuth/otp.html\", {\"otp\":\"Sent To Admin Mail ID\"})\n                html.set_cookie(\"email\", email)\n                return html\n\n            else:\n                otp.objects.filter(id=1).update(email=email, otp=otpN)\n                html=render (request,\"Lab/BrokenAuth/otp.html\",{\"otp\":otpN})\n                html.set_cookie(\"email\",email)\n                return html\n        else:\n            return render(request,\"Lab/BrokenAuth/otp.html\")\n    else:\n        otpR=request.POST.get(\"otp\")\n        email=request.COOKIES.get(\"email\")\n        if otp.objects.filter(email=email,otp=otpR) or otp.objects.filter(id=2,otp=otpR):\n            # return HttpResponse(\"<h3>Login Success for email:::\"+email+\"</h3>\")\n            return render (request,\"Lab/BrokenAuth/otp.html\",{\"email\":email})\n        else:\n            return render (request,\"Lab/BrokenAuth/otp.html\",{\"otp\":\"Invalid OTP Please Try Again\"})"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "ae72baf2-6d3f-460e-811c-bacb3da024b2",
+          "fingerprints": {
+            "matchBasedId/v1": "78279ef509d2c1eed42551b6c27d952a43c7fdd175b1fda0d839e1c661fcd340333fa5de968f41fa98bd3f85dca3823775dd9c8ce013fe1b23ab39e3776626da_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use `password_hash($PASSWORD, PASSWORD_BCRYPT, $OPTIONS);`."
-              },
-              "help": {
-                "markdown": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use `password_hash($PASSWORD, PASSWORD_BCRYPT, $OPTIONS);`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.md5-used-as-password.md5-used-as-password)\n - [https://tools.ietf.org/html/rfc6151](https://tools.ietf.org/html/rfc6151)\n - [https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision](https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision)\n - [https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords)\n - [https://github.com/returntocorp/semgrep-rules/issues/1609](https://github.com/returntocorp/semgrep-rules/issues/1609)\n - [https://www.php.net/password_hash](https://www.php.net/password_hash)\n",
-                "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as bcrypt. You can use `password_hash($PASSWORD, PASSWORD_BCRYPT, $OPTIONS);`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.md5-used-as-password.md5-used-as-password",
-              "id": "php.lang.security.md5-used-as-password.md5-used-as-password",
-              "name": "php.lang.security.md5-used-as-password.md5-used-as-password",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.md5-used-as-password.md5-used-as-password"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 541,
+                  "start_column": 1,
+                  "end_line": 560,
+                  "end_column": 33,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef a9_lab(request):\n    if request.user.is_authenticated:\n        if request.method==\"GET\":\n            return render(request,\"Lab/A9/a9_lab.html\")\n        else:\n\n            try :\n                file=request.FILES[\"file\"]\n                try :\n                    data = yaml.load(file,yaml.Loader)\n                    \n                    return render(request,\"Lab/A9/a9_lab.html\",{\"data\":data})\n                except:\n                    return render(request, \"Lab/A9/a9_lab.html\", {\"data\": \"Error\"})\n\n            except:\n                return render(request, \"Lab/A9/a9_lab.html\", {\"data\":\"Please Upload a Yaml file.\"})\n    else:\n        return redirect('login')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "f04d0dd7-205c-49a7-965d-bde39e64f6ce",
+          "fingerprints": {
+            "matchBasedId/v1": "2e45d84cc3d0ec744e402069ff47e53801293c70711a30d8f019631b8c57c2a40c69c6a9224379c2b6d2e46b62e1ad8ab5435a06e52defaf8fa8d309a2a7bea9_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.avoid-insecure-deserialization.avoid-insecure-deserialization",
+          "message": {
+            "text": "Avoid using insecure deserialization library, backed by `pickle`, `_pickle`, `cpickle`, `dill`, `shelve`, or `yaml`, which are known to lead to remote code execution vulnerabilities."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "SSL verification is disabled but should not be (currently CURLOPT_SSL_VERIFYPEER= $IS_VERIFIED)"
-              },
-              "help": {
-                "markdown": "SSL verification is disabled but should not be (currently CURLOPT_SSL_VERIFYPEER= $IS_VERIFIED)\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.curl-ssl-verifypeer-off.curl-ssl-verifypeer-off)\n - [https://www.saotn.org/dont-turn-off-curlopt_ssl_verifypeer-fix-php-configuration/](https://www.saotn.org/dont-turn-off-curlopt_ssl_verifypeer-fix-php-configuration/)\n",
-                "text": "SSL verification is disabled but should not be (currently CURLOPT_SSL_VERIFYPEER= $IS_VERIFIED)\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.curl-ssl-verifypeer-off.curl-ssl-verifypeer-off",
-              "id": "php.lang.security.curl-ssl-verifypeer-off.curl-ssl-verifypeer-off",
-              "name": "php.lang.security.curl-ssl-verifypeer-off.curl-ssl-verifypeer-off",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.curl-ssl-verifypeer-off.curl-ssl-verifypeer-off"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 551,
+                  "start_column": 28,
+                  "end_line": 551,
+                  "end_column": 55,
+                  "snippet": {
+                    "text": "                    data = yaml.load(file,yaml.Loader)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "44f4ef3b-2f7a-45ba-bc35-c75373dcd374",
+          "fingerprints": {
+            "matchBasedId/v1": "55b039a7d13528e25e3bad4465aaea7b810fbbce02b515657d90a9e1bd61e656bf30e35d3d477cbb78924a78e34b0bf91c371ea860fdb697d0643a120df5776b_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected a segment of a Flask template where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability, or turn autoescape on."
-              },
-              "help": {
-                "markdown": "Detected a segment of a Flask template where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability, or turn autoescape on.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.flask.security.xss.audit.template-autoescape-off.template-autoescape-off)\n - [https://flask.palletsprojects.com/en/1.1.x/templating/#controlling-autoescaping](https://flask.palletsprojects.com/en/1.1.x/templating/#controlling-autoescaping)\n - [https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup](https://flask.palletsprojects.com/en/1.1.x/templating/#jinja-setup)\n",
-                "text": "Detected a segment of a Flask template where autoescaping is explicitly disabled with '{% autoescape off %}'. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability, or turn autoescape on.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.flask.security.xss.audit.template-autoescape-off.template-autoescape-off",
-              "id": "python.flask.security.xss.audit.template-autoescape-off.template-autoescape-off",
-              "name": "python.flask.security.xss.audit.template-autoescape-off.template-autoescape-off",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.flask.security.xss.audit.template-autoescape-off.template-autoescape-off"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 564,
+                  "start_column": 1,
+                  "end_line": 596,
+                  "end_column": 105,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef a9_lab2(request):\n    if not request.user.is_authenticated:\n        return redirect('login')\n    \n    if request.method == \"GET\":\n        return render (request,\"Lab/A9/a9_lab2.html\")\n    elif request.method == \"POST\":\n        try :\n            file=request.FILES[\"file\"]\n            function_str = request.POST.get(\"function\")\n            img  = Image.open(file)\n            img = img.convert(\"RGB\")\n            r,g,b  = img.split()\n            # function_str = \"convert(r+g, '1')\"\n            output = ImageMath.eval(function_str,img = img, b=b, r=r, g=g)\n\n            # saving the image \n            buffered = BytesIO()\n            output.save(buffered, format=\"JPEG\")\n            img_str = base64.b64encode(buffered.getvalue()).decode(\"utf-8\")\n\n            bufferd_ref = BytesIO()\n            img.save(bufferd_ref, format=\"JPEG\")\n            img_str_ref = base64.b64encode(bufferd_ref.getvalue()).decode(\"utf-8\")\n            try :\n                return render(request,\"Lab/A9/a9_lab2.html\",{\"img_str\": img_str,\"img_str_ref\":img_str_ref, \"success\": True})\n            except Exception as e:\n                print(e)\n                return render(request, \"Lab/A9/a9_lab2.html\", {\"data\": \"Error\", \"error\": True})\n        except Exception as e:\n            print(e)\n            return render(request, \"Lab/A9/a9_lab2.html\", {\"data\":\"Please Upload a file\", \"error\":True})"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "2dc03723-4734-4e97-901d-54754578c224",
+          "fingerprints": {
+            "matchBasedId/v1": "2f5a5b921e9a789d38827bfe1df346c19bf56260aa1c9682e59828f2aaee4c3a00123ab2b16ff9fcc184db1988e35b745826349da75542dae28d9ea9b3d9aa98_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "An insecure SSL version was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use 'ssl.PROTOCOL_TLSv1_2' or higher."
-              },
-              "help": {
-                "markdown": "An insecure SSL version was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use 'ssl.PROTOCOL_TLSv1_2' or higher.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.audit.weak-ssl-version.weak-ssl-version)\n - [https://tools.ietf.org/html/rfc7568](https://tools.ietf.org/html/rfc7568)\n - [https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html](https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html)\n - [https://docs.python.org/3/library/ssl.html#ssl.PROTOCOL_TLSv1_2](https://docs.python.org/3/library/ssl.html#ssl.PROTOCOL_TLSv1_2)\n",
-                "text": "An insecure SSL version was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use 'ssl.PROTOCOL_TLSv1_2' or higher.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.audit.weak-ssl-version.weak-ssl-version",
-              "id": "python.lang.security.audit.weak-ssl-version.weak-ssl-version",
-              "name": "python.lang.security.audit.weak-ssl-version.weak-ssl-version",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-326: Inadequate Encryption Strength",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.audit.weak-ssl-version.weak-ssl-version"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 729,
+                  "start_column": 1,
+                  "end_line": 734,
+                  "end_column": 80,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef a1_broken_access(request):\n    if not request.user.is_authenticated:\n        return redirect('login')\n    \n    return render(request,\"Lab_2021/A1_BrokenAccessControl/broken_access.html\")"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "d9e451c9-b645-49b5-8bd3-bb7a8e660423",
+          "fingerprints": {
+            "matchBasedId/v1": "053e4cfdf437f99f72ec1f0e42f356815f47f4d7d2f67f72e545de90ba8087f31ad164fc2710541a234bde977d11fcab4c47e91965df7697b8b1c12a1f933a8b_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'."
-              },
-              "help": {
-                "markdown": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.sqli.turbine-sqli.turbine-sqli)\n - [https://owasp.org/Top10/A03_2021-Injection](https://owasp.org/Top10/A03_2021-Injection)\n",
-                "text": "Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements (java.sql.PreparedStatement) instead. You can obtain a PreparedStatement using 'connection.prepareStatement'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.sqli.turbine-sqli.turbine-sqli",
-              "id": "java.lang.security.audit.sqli.turbine-sqli.turbine-sqli",
-              "name": "java.lang.security.audit.sqli.turbine-sqli.turbine-sqli",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.sqli.turbine-sqli.turbine-sqli"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 737,
+                  "start_column": 1,
+                  "end_line": 771,
+                  "end_column": 108,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef a1_broken_access_lab_1(request):\n    if request.user.is_authenticated:\n        pass\n    else:\n        return redirect('login')\n    \n    name = request.POST.get('name')\n    password = request.POST.get('pass')\n    print(password)\n    print(name)\n    if name:\n        if request.COOKIES.get('admin') == \"1\":\n            return render(\n                request, \n                'Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html', \n                {\n                    \"data\":\"0NLY_F0R_4DM1N5\",\n                    \"username\": \"admin\"\n                })\n        elif (name=='jack' and password=='jacktheripper'): # Will implement hashing here\n            html = render(\n            request, \n            'Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html', \n            {\n                \"not_admin\":\"No Secret key for this User\",\n                \"username\": name\n            })\n            html.set_cookie(\"admin\", \"0\",max_age=200)\n            return html\n        else:\n            return render(request, 'Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html', {\"data\": \"User Not Found\"})\n\n    else:\n        return render(request,'Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html',{\"no_creds\":True})"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "bae9ac34-81ec-48de-8fad-401e368dba7d",
+          "fingerprints": {
+            "matchBasedId/v1": "ae88e3c7a96c5d511f6b2d99b57225570acf53d0e9749763c482a098af92b51f07b5c4a0c2878dca4469c83b48ab156ad3695f1286c7f3be4720357688067161_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Only use DataContractResolver if you are completely sure of what information is being serialized. Malicious types can cause unexpected behavior."
-              },
-              "help": {
-                "markdown": "Only use DataContractResolver if you are completely sure of what information is being serialized. Malicious types can cause unexpected behavior.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.data-contract-resolver.data-contract-resolver)\n - [https://docs.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide](https://docs.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide)\n",
-                "text": "Only use DataContractResolver if you are completely sure of what information is being serialized. Malicious types can cause unexpected behavior.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/csharp.lang.security.insecure-deserialization.data-contract-resolver.data-contract-resolver",
-              "id": "csharp.lang.security.insecure-deserialization.data-contract-resolver.data-contract-resolver",
-              "name": "csharp.lang.security.insecure-deserialization.data-contract-resolver.data-contract-resolver",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-502: Deserialization of Untrusted Data",
-                  "LOW CONFIDENCE",
-                  "OWASP-A08:2017 - Insecure Deserialization",
-                  "OWASP-A08:2021 - Software and Data Integrity Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.lang.security.insecure-deserialization.data-contract-resolver.data-contract-resolver"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 773,
+                  "start_column": 1,
+                  "end_line": 811,
+                  "end_column": 108,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef a1_broken_access_lab_2(request):\n    if request.user.is_authenticated:\n        pass\n    else:\n        return redirect('login')\n    \n    name = request.POST.get('name')\n    password = request.POST.get('pass')\n    user_agent = request.META['HTTP_USER_AGENT']\n\n    # print(name)\n    # print(password)\n    print(user_agent)\n    if name :  \n        if (user_agent == \"pygoat_admin\"):\n            return render(\n                request, \n                'Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html', \n                {\n                    \"data\":\"0NLY_F0R_4DM1N5\",\n                    \"username\": \"admin\",\n                    \"status\": \"admin\"\n                })\n        elif ( name=='jack' and password=='jacktheripper'): # Will implement hashing here\n            html = render(\n            request, \n            'Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html', \n            {\n                \"not_admin\":\"No Secret key for this User\",\n                \"username\": name,\n                \"status\": \"not admin\"\n            })\n            return html\n        else:\n            return render(request, 'Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html', {\"data\": \"User Not Found\"})\n\n    else:\n        return render(request,'Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html',{\"no_creds\":True})"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "5d96e18a-24bb-4ef3-a702-489363a71484",
+          "fingerprints": {
+            "matchBasedId/v1": "98a8b7324fe6e9f14187c0cfe31ea0df3cb7a6f95e8fcc26ade85106c0170a7758e004e3fd4260241dd03f71c828104cee21273d8d2ec4e2242f60d544043168_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "DOCTYPE declarations are enabled for this TransformerFactory. This is vulnerable to XML external entity attacks. Disable this by setting the attributes \"accessExternalDTD\" and \"accessExternalStylesheet\" to \"\"."
-              },
-              "help": {
-                "markdown": "DOCTYPE declarations are enabled for this TransformerFactory. This is vulnerable to XML external entity attacks. Disable this by setting the attributes \"accessExternalDTD\" and \"accessExternalStylesheet\" to \"\".\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.transformerfactory-dtds-not-disabled.transformerfactory-dtds-not-disabled)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n - [https://xerces.apache.org/xerces2-j/features.html](https://xerces.apache.org/xerces2-j/features.html)\n",
-                "text": "DOCTYPE declarations are enabled for this TransformerFactory. This is vulnerable to XML external entity attacks. Disable this by setting the attributes \"accessExternalDTD\" and \"accessExternalStylesheet\" to \"\".\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.xxe.transformerfactory-dtds-not-disabled.transformerfactory-dtds-not-disabled",
-              "id": "java.lang.security.audit.xxe.transformerfactory-dtds-not-disabled.transformerfactory-dtds-not-disabled",
-              "name": "java.lang.security.audit.xxe.transformerfactory-dtds-not-disabled.transformerfactory-dtds-not-disabled",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.xxe.transformerfactory-dtds-not-disabled.transformerfactory-dtds-not-disabled"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 837,
+                  "start_column": 1,
+                  "end_line": 842,
+                  "end_column": 66,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef injection(request):\n    if not request.user.is_authenticated:\n        return redirect('login')\n    \n    return render(request,\"Lab_2021/A3_Injection/injection.html\")"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "be72a475-d16f-47a6-9f2e-b9a65d9ff7ca",
+          "fingerprints": {
+            "matchBasedId/v1": "cb3b6e19a7ccf9b18d05efab85c3dcf7842fb0dac8f4e92f653ef89b4e631d1222837291d3b61d925fb0149d4e551876f45675a82be51e6190a11678e879d311_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Oracle update is not restricted in $F()"
-              },
-              "help": {
-                "markdown": "Oracle update is not restricted in $F()\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/solidity.security.sense-missing-oracle-access-control.sense-missing-oracle-access-control)\n - [https://medium.com/immunefi/sense-finance-access-control-issue-bugfix-review-32e0c806b1a0](https://medium.com/immunefi/sense-finance-access-control-issue-bugfix-review-32e0c806b1a0)\n",
-                "text": "Oracle update is not restricted in $F()\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/solidity.security.sense-missing-oracle-access-control.sense-missing-oracle-access-control",
-              "id": "solidity.security.sense-missing-oracle-access-control.sense-missing-oracle-access-control",
-              "name": "solidity.security.sense-missing-oracle-access-control.sense-missing-oracle-access-control",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-284: Improper Access Control",
-                  "MEDIUM CONFIDENCE",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: solidity.security.sense-missing-oracle-access-control.sense-missing-oracle-access-control"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 845,
+                  "start_column": 1,
+                  "end_line": 895,
+                  "end_column": 33,
+                  "snippet": {
+                    "text": "@csrf_exempt\ndef injection_sql_lab(request):\n    if request.user.is_authenticated:\n\n        name=request.POST.get('name')\n        password=request.POST.get('pass')\n        print(name)\n        print(password)\n\n        if name:\n            sql_query = \"SELECT * FROM introduction_sql_lab_table WHERE id='\"+name+\"'AND password='\"+password+\"'\"\n\n            sql_instance = sql_lab_table(id=\"admin\", password=\"65079b006e85a7e798abecb99e47c154\")\n            sql_instance.save()\n            sql_instance = sql_lab_table(id=\"jack\", password=\"jack\")\n            sql_instance.save()\n            sql_instance = sql_lab_table(id=\"slinky\", password=\"b4f945433ea4c369c12741f62a23ccc0\")\n            sql_instance.save()\n            sql_instance = sql_lab_table(id=\"bloke\", password=\"f8d1ce191319ea8f4d1d26e65e130dd5\")\n            sql_instance.save()\n\n            print(sql_query)\n\n            try:\n                user = sql_lab_table.objects.raw(sql_query)\n                user = user[0].id\n                print(user)\n\n            except:\n                return render(\n                    request, \n                    'Lab_2021/A3_Injection/sql_lab.html',\n                    {\n                        \"wrongpass\":password,\n                        \"sql_error\":sql_query\n                    })\n\n            if user:\n                return render(request, 'Lab_2021/A3_Injection/sql_lab.html',{\"user1\":user})\n            else:\n                return render(\n                    request, \n                    'Lab_2021/A3_Injection/sql_lab.html',\n                    {\n                        \"wrongpass\":password,\n                        \"sql_error\":sql_query\n                    })\n        else:\n            return render(request, 'Lab_2021/A3_Injection/sql_lab.html')\n    else:\n        return redirect('login')"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "501fbbc0-788a-4632-a0a9-baf1e6fc1d58",
+          "fingerprints": {
+            "matchBasedId/v1": "75e13665e6b1a476924770be8daf36e57b8f0a22c9a06f203d24583e8cf80dd5e0b4d9fd3316ac525cbe37d81418354fc076286282f738620bcaadfe9d2239f1_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.tainted-sql-string.tainted-sql-string",
+          "message": {
+            "text": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using the Django object-relational mappers (ORM) instead of raw SQL queries."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Found an HTTP server without TLS. Use 'http.ListenAndServeTLS' instead. See https://golang.org/pkg/net/http/#ListenAndServeTLS for more information."
-              },
-              "help": {
-                "markdown": "Found an HTTP server without TLS. Use 'http.ListenAndServeTLS' instead. See https://golang.org/pkg/net/http/#ListenAndServeTLS for more information.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.net.use-tls.use-tls)\n - [https://golang.org/pkg/net/http/#ListenAndServeTLS](https://golang.org/pkg/net/http/#ListenAndServeTLS)\n",
-                "text": "Found an HTTP server without TLS. Use 'http.ListenAndServeTLS' instead. See https://golang.org/pkg/net/http/#ListenAndServeTLS for more information.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.net.use-tls.use-tls",
-              "id": "go.lang.security.audit.net.use-tls.use-tls",
-              "name": "go.lang.security.audit.net.use-tls.use-tls",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.net.use-tls.use-tls"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 855,
+                  "start_column": 25,
+                  "end_line": 855,
+                  "end_column": 114,
+                  "snippet": {
+                    "text": "            sql_query = \"SELECT * FROM introduction_sql_lab_table WHERE id='\"+name+\"'AND password='\"+password+\"'\""
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "5aef0deb-4268-4f32-9b49-a8f0f56d5be7",
+          "fingerprints": {
+            "matchBasedId/v1": "9e21762bc5f7655c701035adad830f7eccc703de33f338172065128e544218caded180f88d04afdc911793c2eb50334c93c8261a0025cec72c72d96159a2368c_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.raw-query.avoid-raw-sql",
+          "message": {
+            "text": "Detected the use of 'RawSQL' or 'raw' indicating the execution of a non-parameterized SQL query. This could lead to a SQL injection and therefore protected information could be leaked. Instead, use Django ORM and parameterized queries before raw SQL. An example of using the Django ORM is: `People.objects.get(name='Bob')`"
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Detected a method annotated with 'RequestMapping' that does not specify the HTTP method. CSRF protections are not enabled for GET, HEAD, TRACE, or OPTIONS, and by default all HTTP methods are allowed when the HTTP method is not explicitly specified. This means that a method that performs state changes could be vulnerable to CSRF attacks. To mitigate, add the 'method' field and specify the HTTP method (such as 'RequestMethod.POST')."
-              },
-              "help": {
-                "markdown": "Detected a method annotated with 'RequestMapping' that does not specify the HTTP method. CSRF protections are not enabled for GET, HEAD, TRACE, or OPTIONS, and by default all HTTP methods are allowed when the HTTP method is not explicitly specified. This means that a method that performs state changes could be vulnerable to CSRF attacks. To mitigate, add the 'method' field and specify the HTTP method (such as 'RequestMethod.POST').\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping)\n - [https://find-sec-bugs.github.io/bugs.htm#SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING](https://find-sec-bugs.github.io/bugs.htm#SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING)\n",
-                "text": "Detected a method annotated with 'RequestMapping' that does not specify the HTTP method. CSRF protections are not enabled for GET, HEAD, TRACE, or OPTIONS, and by default all HTTP methods are allowed when the HTTP method is not explicitly specified. This means that a method that performs state changes could be vulnerable to CSRF attacks. To mitigate, add the 'method' field and specify the HTTP method (such as 'RequestMethod.POST').\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping",
-              "id": "java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping",
-              "name": "java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-352: Cross-Site Request Forgery (CSRF)",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 869,
+                  "start_column": 24,
+                  "end_line": 869,
+                  "end_column": 60,
+                  "snippet": {
+                    "text": "                user = sql_lab_table.objects.raw(sql_query)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "8c1f8fcc-a3e6-44e9-95eb-ef1c1663ef6c",
+          "fingerprints": {
+            "matchBasedId/v1": "04824a9601d535bae3436c8fe648d9dce01924e4610c424aaba932649fea49db40f22f24d2c46f0403fff6b09c6e766d5ae7f5b0db0d19965809cc14fb876e31_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.path-traversal.path-traversal-join.path-traversal-join",
+          "message": {
+            "text": "Data from request is passed to os.path.join() and to open(). This is a path traversal vulnerability, which can lead to sensitive data being leaked. To mitigate, consider using os.path.abspath or os.path.realpath or Path library."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Transfer Server endpoint type should not have public or null configured in order to block public access. To fix this, set your `endpoint_type` to `\"VPC\"`."
-              },
-              "help": {
-                "markdown": "Transfer Server endpoint type should not have public or null configured in order to block public access. To fix this, set your `endpoint_type` to `\"VPC\"`.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/terraform.aws.security.aws-transfer-server-is-public.aws-transfer-server-is-public)\n - [https://owasp.org/Top10/A01_2021-Broken_Access_Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control)\n",
-                "text": "Transfer Server endpoint type should not have public or null configured in order to block public access. To fix this, set your `endpoint_type` to `\"VPC\"`.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/terraform.aws.security.aws-transfer-server-is-public.aws-transfer-server-is-public",
-              "id": "terraform.aws.security.aws-transfer-server-is-public.aws-transfer-server-is-public",
-              "name": "terraform.aws.security.aws-transfer-server-is-public.aws-transfer-server-is-public",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-284: Improper Access Control",
-                  "LOW CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: terraform.aws.security.aws-transfer-server-is-public.aws-transfer-server-is-public"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 914,
+                  "start_column": 13,
+                  "end_line": 922,
+                  "end_column": 92,
+                  "snippet": {
+                    "text": "            file=request.POST[\"blog\"]\n            try :\n                dirname = os.path.dirname(__file__)\n                filename = os.path.join(dirname, file)\n                file = open(filename,\"r\")\n                data = file.read()\n                return render(request,\"Lab/ssrf/ssrf_lab.html\",{\"blog\":data})\n            except:\n                return render(request, \"Lab/ssrf/ssrf_lab.html\", {\"blog\": \"No blog found\"})"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "314f4d97-bf24-426d-9a9e-779b3a4c6af2",
+          "fingerprints": {
+            "matchBasedId/v1": "d474e8df99720c4fd88d88d043d116b1387fd5984c26ac7e1b44fba8c67c1b10e9a5704c0107e87d968a04aeecc7eed80fa3a3ad90a8f5624ba62b82b44fa214_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests",
+          "message": {
+            "text": "Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request. See https://owasp.org/www-community/attacks/Server_Side_Request_Forgery to learn more about SSRF vulnerabilities."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "DOCTYPE declarations are enabled for $DBFACTORY. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false."
-              },
-              "help": {
-                "markdown": "DOCTYPE declarations are enabled for $DBFACTORY. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-false.documentbuilderfactory-disallow-doctype-decl-false)\n - [https://semgrep.dev/blog/2022/xml-security-in-java](https://semgrep.dev/blog/2022/xml-security-in-java)\n - [https://semgrep.dev/docs/cheat-sheets/java-xxe/](https://semgrep.dev/docs/cheat-sheets/java-xxe/)\n - [https://blog.sonarsource.com/secure-xml-processor](https://blog.sonarsource.com/secure-xml-processor)\n - [https://xerces.apache.org/xerces2-j/features.html](https://xerces.apache.org/xerces2-j/features.html)\n",
-                "text": "DOCTYPE declarations are enabled for $DBFACTORY. Without prohibiting external entity declarations, this is vulnerable to XML external entity attacks. Disable this by setting the feature \"http://apache.org/xml/features/disallow-doctype-decl\" to true. Alternatively, allow DOCTYPE declarations and only prohibit external entities declarations. This can be done by setting the features \"http://xml.org/sax/features/external-general-entities\" and \"http://xml.org/sax/features/external-parameter-entities\" to false.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-false.documentbuilderfactory-disallow-doctype-decl-false",
-              "id": "java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-false.documentbuilderfactory-disallow-doctype-decl-false",
-              "name": "java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-false.documentbuilderfactory-disallow-doctype-decl-false",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-611: Improper Restriction of XML External Entity Reference",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A04:2017 - XML External Entities (XXE)",
-                  "OWASP-A05:2021 - Security Misconfiguration",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-false.documentbuilderfactory-disallow-doctype-decl-false"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 952,
+                  "start_column": 9,
+                  "end_line": 957,
+                  "end_column": 88,
+                  "snippet": {
+                    "text": "        url = request.POST[\"url\"]\n        try:\n            response = requests.get(url)\n            return render(request, \"Lab/ssrf/ssrf_lab2.html\", {\"response\": response.content.decode()})\n        except:\n            return render(request, \"Lab/ssrf/ssrf_lab2.html\", {\"error\": \"Invalid URL\"})"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "ddc6e178-96e3-43ec-a0f9-fa163c3ddd99",
+          "fingerprints": {
+            "matchBasedId/v1": "0f2beffd9a3568dffdc80e464ecf3e85fb7232c5849472c0befc2409be86dbc9c48eda513a2ccd3a376f64dde7e6ed28d887dc37df0119d39337797efff63244_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.request-data-write.request-data-write",
+          "message": {
+            "text": "Found user-controlled request data passed into '.write(...)'. This could be dangerous if a malicious actor is able to control data into sensitive files. For example, a malicious actor could force rolling of critical log files, or cause a denial-of-service by using up available disk space. Instead, ensure that request data is properly escaped or sanitized."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Using variable interpolation `${{...}}` with `github` context data in a `run:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\"."
-              },
-              "help": {
-                "markdown": "Using variable interpolation `${{...}}` with `github` context data in a `run:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\".\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.github-actions.security.run-shell-injection.run-shell-injection)\n - [https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections](https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#understanding-the-risk-of-script-injections)\n - [https://securitylab.github.com/research/github-actions-untrusted-input/](https://securitylab.github.com/research/github-actions-untrusted-input/)\n",
-                "text": "Using variable interpolation `${{...}}` with `github` context data in a `run:` step could allow an attacker to inject their own code into the runner. This would allow them to steal secrets and code. `github` context data can have arbitrary user input and should be treated as untrusted. Instead, use an intermediate environment variable with `env:` to store the data and use the environment variable in the `run:` script. Be sure to use double-quotes the environment variable, like this: \"$ENVVAR\".\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/yaml.github-actions.security.run-shell-injection.run-shell-injection",
-              "id": "yaml.github-actions.security.run-shell-injection.run-shell-injection",
-              "name": "yaml.github-actions.security.run-shell-injection.run-shell-injection",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.github-actions.security.run-shell-injection.run-shell-injection"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 972,
+                  "start_column": 13,
+                  "end_line": 987,
+                  "end_column": 29,
+                  "snippet": {
+                    "text": "            blog = request.POST[\"blog\"]\n            id = str(uuid.uuid4()).split('-')[-1]\n\n            blog = filter_blog(blog)\n            prepend_code = \"{% extends 'introduction/base.html' %}\\\n                {% block content %}{% block title %}\\\n                <title>SSTI-Blogs</title>\\\n                {% endblock %}\"\n            \n            blog = prepend_code + blog + \"{% endblock %}\"\n            new_blog = Blogs.objects.create(author = request.user, blog_id = id)\n            new_blog.save() \n            dirname = os.path.dirname(__file__)\n            filename = os.path.join(dirname, f\"templates/Lab_2021/A3_Injection/Blogs/{id}.html\")\n            file = open(filename, \"w+\") \n            file.write(blog)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "a16901e8-2859-494c-9a14-0a3075d789c7",
+          "fingerprints": {
+            "matchBasedId/v1": "45bcccf9f3d684d1a90796c91e95155944b53add416cb551f1b78d9140a16c31efaa41abd308542c372eb113729fa98bebbfb41aee102fe83010b22de91c63ee_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.injection.raw-html-format.raw-html-format",
+          "message": {
+            "text": "Detected user input flowing into a manually constructed HTML string. You may be accidentally bypassing secure methods of rendering HTML by manually constructing HTML and this could create a cross-site scripting vulnerability, which could let attackers steal sensitive user data. To be sure this is safe, check that the HTML is rendered safely. Otherwise, use templates (`django.shortcuts.render`) which will safely render HTML instead."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "You are using an insecure random number generator (RNG) to create a cryptographic key. System.Random must never be used for cryptographic purposes. Use System.Security.Cryptography.RandomNumberGenerator instead."
-              },
-              "help": {
-                "markdown": "You are using an insecure random number generator (RNG) to create a cryptographic key. System.Random must never be used for cryptographic purposes. Use System.Security.Cryptography.RandomNumberGenerator instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration)\n - [https://learn.microsoft.com/en-us/dotnet/api/system.random?view=net-6.0#remarks](https://learn.microsoft.com/en-us/dotnet/api/system.random?view=net-6.0#remarks)\n - [https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.randomnumbergenerator?view=net-6.0](https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.randomnumbergenerator?view=net-6.0)\n - [https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.aesgcm?view=net-6.0#constructors](https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.aesgcm?view=net-6.0#constructors)\n - [https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.symmetricalgorithm.key?view=net-6.0#system-security-cryptography-symmetricalgorithm-key](https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.symmetricalgorithm.key?view=net-6.0#system-security-cryptography-symmetricalgorithm-key)\n",
-                "text": "You are using an insecure random number generator (RNG) to create a cryptographic key. System.Random must never be used for cryptographic purposes. Use System.Security.Cryptography.RandomNumberGenerator instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration",
-              "id": "csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration",
-              "name": "csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
-                  "HIGH CONFIDENCE",
-                  "OWASP-A02:2021 - Cryptographic Failures",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 981,
+                  "start_column": 20,
+                  "end_line": 981,
+                  "end_column": 58,
+                  "snippet": {
+                    "text": "            blog = prepend_code + blog + \"{% endblock %}\""
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "db255bb1-027b-4809-ad8b-a5adb2454346",
+          "fingerprints": {
+            "matchBasedId/v1": "740ff47b0cfb52ecc996f3f50e4e830fe4b786021617f85d7c96a71fb45ed699c0f56419ddeb16813ba64412e7c9fe275b553c00979235a747fc6a05a2605a77_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.lang.security.audit.md5-used-as-password.md5-used-as-password",
+          "message": {
+            "text": "It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Use a suitable password hashing function such as scrypt. You can use `hashlib.scrypt`."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "`$QUERY` Detected string concatenation with a non-literal variable in a Doctrine QueryBuilder method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead."
-              },
-              "help": {
-                "markdown": "`$QUERY` Detected string concatenation with a non-literal variable in a Doctrine QueryBuilder method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.doctrine.security.audit.doctrine-orm-dangerous-query.doctrine-orm-dangerous-query)\n - [https://www.doctrine-project.org/projects/doctrine-dbal/en/current/reference/query-builder.html#security-safely-preventing-sql-injection](https://www.doctrine-project.org/projects/doctrine-dbal/en/current/reference/query-builder.html#security-safely-preventing-sql-injection)\n - [https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)\n",
-                "text": "`$QUERY` Detected string concatenation with a non-literal variable in a Doctrine QueryBuilder method. This could lead to SQL injection if the variable is user-controlled and not properly sanitized. In order to prevent SQL injection, use parameterized queries or prepared statements instead.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/php.doctrine.security.audit.doctrine-orm-dangerous-query.doctrine-orm-dangerous-query",
-              "id": "php.doctrine.security.audit.doctrine-orm-dangerous-query.doctrine-orm-dangerous-query",
-              "name": "php.doctrine.security.audit.doctrine-orm-dangerous-query.doctrine-orm-dangerous-query",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.doctrine.security.audit.doctrine-orm-dangerous-query.doctrine-orm-dangerous-query"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 1017,
+                  "start_column": 28,
+                  "end_line": 1017,
+                  "end_column": 62,
+                  "snippet": {
+                    "text": "                password = md5(password.encode()).hexdigest()"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "bd723f49-a517-44cd-a9a9-dd3fc16ca872",
+          "fingerprints": {
+            "matchBasedId/v1": "06bb8a25e7a16155ad42055562118ace8c0275270972a95202f4676519bc3d042cb65bdd50b7a3721d6d7180a478daa22daefa4cea837eb821f1ee84e51dcaef_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+          "message": {
+            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path."
-              },
-              "help": {
-                "markdown": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/java.lang.security.httpservlet-path-traversal.httpservlet-path-traversal)\n - [https://www.owasp.org/index.php/Path_Traversal](https://www.owasp.org/index.php/Path_Traversal)\n",
-                "text": "Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/java.lang.security.httpservlet-path-traversal.httpservlet-path-traversal",
-              "id": "java.lang.security.httpservlet-path-traversal.httpservlet-path-traversal",
-              "name": "java.lang.security.httpservlet-path-traversal.httpservlet-path-traversal",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "OWASP-A05:2017 - Broken Access Control",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: java.lang.security.httpservlet-path-traversal.httpservlet-path-traversal"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 1067,
+                  "start_column": 21,
+                  "end_line": 1067,
+                  "end_column": 58,
+                  "snippet": {
+                    "text": "                    response.set_cookie(\"cookie\", cookie)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "734d32e0-869b-41d0-83ec-d84ceaf4022e",
+          "fingerprints": {
+            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_4"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+          "message": {
+            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Semgrep could not determine that the argument to 'template.HTML()' is a constant. 'template.HTML()' and similar does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability. Instead, do not use this function and use 'template.Execute()'."
-              },
-              "help": {
-                "markdown": "Semgrep could not determine that the argument to 'template.HTML()' is a constant. 'template.HTML()' and similar does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability. Instead, do not use this function and use 'template.Execute()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/go.lang.security.audit.xss.template-html-does-not-escape.unsafe-template-type)\n - [https://golang.org/pkg/html/template/#HTML](https://golang.org/pkg/html/template/#HTML)\n - [https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/vulnerability/xss/xss.go#L33](https://github.com/0c34/govwa/blob/139693e56406b5684d2a6ae22c0af90717e149b8/vulnerability/xss/xss.go#L33)\n",
-                "text": "Semgrep could not determine that the argument to 'template.HTML()' is a constant. 'template.HTML()' and similar does not escape contents. Be absolutely sure there is no user-controlled data in this template. If user data can reach this template, you may have a XSS vulnerability. Instead, do not use this function and use 'template.Execute()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/go.lang.security.audit.xss.template-html-does-not-escape.unsafe-template-type",
-              "id": "go.lang.security.audit.xss.template-html-does-not-escape.unsafe-template-type",
-              "name": "go.lang.security.audit.xss.template-html-does-not-escape.unsafe-template-type",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
-                  "LOW CONFIDENCE",
-                  "OWASP-A03:2021 - Injection",
-                  "OWASP-A07:2017 - Cross-Site Scripting (XSS)",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: go.lang.security.audit.xss.template-html-does-not-escape.unsafe-template-type"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 1072,
+                  "start_column": 21,
+                  "end_line": 1072,
+                  "end_column": 56,
+                  "snippet": {
+                    "text": "                    response.set_cookie(\"cookie\", None)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "2b21dbd3-ed4d-4695-8508-2f8790fb2601",
+          "fingerprints": {
+            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_5"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+          "message": {
+            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Container or pod is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability."
-              },
-              "help": {
-                "markdown": "Container or pod is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/yaml.kubernetes.security.privileged-container.privileged-container)\n - [https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privileged](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privileged)\n - [https://kubernetes.io/docs/tasks/configure-pod-container/security-context/](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)\n - [https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html)\n",
-                "text": "Container or pod is running in privileged mode. This grants the container the equivalent of root capabilities on the host machine. This can lead to container escapes, privilege escalation, and other security concerns. Remove the 'privileged' key to disable this capability.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/yaml.kubernetes.security.privileged-container.privileged-container",
-              "id": "yaml.kubernetes.security.privileged-container.privileged-container",
-              "name": "yaml.kubernetes.security.privileged-container.privileged-container",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-250: Execution with Unnecessary Privileges",
-                  "MEDIUM CONFIDENCE",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: yaml.kubernetes.security.privileged-container.privileged-container"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 1099,
+                  "start_column": 9,
+                  "end_line": 1099,
+                  "end_column": 65,
+                  "snippet": {
+                    "text": "        response.set_cookie(key = \"auth_cookie\", value = cookie)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "52209167-1555-47f7-88d1-8c2ded0b8012",
+          "fingerprints": {
+            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_6"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.csrf-exempt.no-csrf-exempt",
+          "message": {
+            "text": "Detected usage of @csrf_exempt, which indicates that there is no CSRF token set for this route. This could lead to an attacker manipulating the user's account and exfiltration of private data. Instead, create a function without this decorator."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "fullDescription": {
-                "text": "Detected subprocess function '$FUNC' with user controlled data. A malicious actor could leverage this to perform command injection. You may consider using 'shlex.escape()'."
-              },
-              "help": {
-                "markdown": "Detected subprocess function '$FUNC' with user controlled data. A malicious actor could leverage this to perform command injection. You may consider using 'shlex.escape()'.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use)\n - [https://stackoverflow.com/questions/3172470/actual-meaning-of-shell-true-in-subprocess](https://stackoverflow.com/questions/3172470/actual-meaning-of-shell-true-in-subprocess)\n - [https://docs.python.org/3/library/subprocess.html](https://docs.python.org/3/library/subprocess.html)\n - [https://docs.python.org/3/library/shlex.html](https://docs.python.org/3/library/shlex.html)\n - [https://semgrep.dev/docs/cheat-sheets/python-command-injection/](https://semgrep.dev/docs/cheat-sheets/python-command-injection/)\n",
-                "text": "Detected subprocess function '$FUNC' with user controlled data. A malicious actor could leverage this to perform command injection. You may consider using 'shlex.escape()'.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use",
-              "id": "python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use",
-              "name": "python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2017 - Injection",
-                  "OWASP-A03:2021 - Injection",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: python.lang.security.dangerous-subprocess-use.dangerous-subprocess-use"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 1167,
+                  "start_column": 1,
+                  "end_line": 1195,
+                  "end_column": 28,
+                  "snippet": {
+                    "text": "@authentication_decorator\n@csrf_exempt\ndef auth_failure_lab3(request):\n    if request.method == \"GET\":\n        try:\n            cookie = request.COOKIES[\"session_id\"]\n            session = AF_session_id.objects.get(session_id=cookie)\n            if session :\n                return render(request,\"Lab_2021/A7_auth_failure/lab3.html\", {\"username\":session.user,\"success\":True})\n        except:\n            pass\n        return render(request, \"Lab_2021/A7_auth_failure/lab3.html\")\n    elif request.method == \"POST\":\n        token = str(uuid.uuid4())\n        try:\n            username = request.POST[\"username\"]\n            password = request.POST[\"password\"]\n            password = hashlib.sha256(password.encode()).hexdigest()\n        except:\n            response = render(request, \"Lab_2021/A7_auth_failure/lab3.html\")\n            response.set_cookie(\"session_id\", None)\n            return response\n\n        if USER_A7_LAB3[username]['password'] == password:\n            session_data = AF_session_id.objects.create(session_id=token, user=USER_A7_LAB3[username]['username'])\n            session_data.save()\n            response = render(request, \"Lab_2021/A7_auth_failure/lab3.html\", {\"success\":True, \"failure\":False, \"username\":username})\n            response.set_cookie(\"session_id\", token)\n            return response"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "9fad5bc4-d081-40bc-8c8f-9e7a5396bd14",
+          "fingerprints": {
+            "matchBasedId/v1": "6640dab2585da31b2c2f95124473d0852a04da5476cddbb8f34d592925438668b49b6f21e9b2bc4a354f92b4ed5cafbf17b97187a2e23c8ea6bd9b2db9a00bea_0"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+          "message": {
+            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Checks for requests sent via Unirest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS."
-              },
-              "help": {
-                "markdown": "Checks for requests sent via Unirest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.unirest-http-request.unirest-http-request)\n - [https://kong.github.io/unirest-java/#requests](https://kong.github.io/unirest-java/#requests)\n",
-                "text": "Checks for requests sent via Unirest to http:// URLS. This is dangerous because the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, send requests only to https:// URLS.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/problem-based-packs.insecure-transport.java-stdlib.unirest-http-request.unirest-http-request",
-              "id": "problem-based-packs.insecure-transport.java-stdlib.unirest-http-request.unirest-http-request",
-              "name": "problem-based-packs.insecure-transport.java-stdlib.unirest-http-request.unirest-http-request",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-319: Cleartext Transmission of Sensitive Information",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A03:2017 - Sensitive Data Exposure",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: problem-based-packs.insecure-transport.java-stdlib.unirest-http-request.unirest-http-request"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 1187,
+                  "start_column": 13,
+                  "end_line": 1187,
+                  "end_column": 52,
+                  "snippet": {
+                    "text": "            response.set_cookie(\"session_id\", None)"
+                  }
+                }
               }
-            },
+            }
+          ],
+          "guid": "00548086-53fe-4707-9467-9d0fb201b062",
+          "fingerprints": {
+            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_7"
+          },
+          "properties": {}
+        },
+        {
+          "rule_id": "python.django.security.audit.secure-cookies.django-secure-set-cookie",
+          "message": {
+            "text": "Django cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If your situation calls for different settings, explicitly disable the setting. If you want to send the cookie over http, set secure=False. If you want to let client-side JavaScript read the cookie, set httponly=False. If you want to attach cookies to requests for external sites, set samesite=None."
+          },
+          "locations": [
             {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Session key based on user input risks session poisoning. The user can determine the key used for the session, and thus write any session variable. Session variables are typically trusted to be set only by the application, and manipulating the session can result in access control issues."
-              },
-              "help": {
-                "markdown": "Session key based on user input risks session poisoning. The user can determine the key used for the session, and thus write any session variable. Session variables are typically trusted to be set only by the application, and manipulating the session can result in access control issues.\n\n#### \ud83d\udc8e Enable cross-file analysis and Pro rules for free at <a href='https://sg.run/pro'>sg.run/pro</a>\n\n<b>References:</b>\n - [Semgrep Rule](https://semgrep.dev/r/php.lang.security.injection.tainted-session.tainted-session)\n - [https://en.wikipedia.org/wiki/Session_poisoning](https://en.wikipedia.org/wiki/Session_poisoning)\n",
-                "text": "Session key based on user input risks session poisoning. The user can determine the key used for the session, and thus write any session variable. Session variables are typically trusted to be set only by the application, and manipulating the session can result in access control issues.\n\ud83d\udc8e Enable cross-file analysis and Pro rules for free at sg.run/pro"
-              },
-              "helpUri": "https://semgrep.dev/r/php.lang.security.injection.tainted-session.tainted-session",
-              "id": "php.lang.security.injection.tainted-session.tainted-session",
-              "name": "php.lang.security.injection.tainted-session.tainted-session",
-              "properties": {
-                "precision": "very-high",
-                "tags": [
-                  "CWE-284: Improper Access Control",
-                  "MEDIUM CONFIDENCE",
-                  "OWASP-A01:2021 - Broken Access Control",
-                  "security"
-                ]
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: php.lang.security.injection.tainted-session.tainted-session"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "introduction/views.py",
+                  "uri_base_id": "%SRCROOT%"
+                },
+                "region": {
+                  "start_line": 1194,
+                  "start_column": 13,
+                  "end_line": 1194,
+                  "end_column": 53,
+                  "snippet": {
+                    "text": "            response.set_cookie(\"session_id\", token)"
+                  }
+                }
               }
             }
           ],
-          "semanticVersion": "1.64.0"
+          "guid": "6df85e48-896f-43b5-b179-e17bd839ccd5",
+          "fingerprints": {
+            "matchBasedId/v1": "4a12be3f5be8ead04f8329320b40ec0c70019d6e16f8bfdd41b6621b02d41bcb2d3a2784f9a93411a279f279343b6ce1d2950093cbbc23f0a55809fb9f32a4d4_8"
+          },
+          "properties": {}
         }
-      }
+      ]
     }
-  ],
-  "version": "2.1.0"
+  ]
 }
diff --git a/tests/samples/semgrep.sarif b/tests/samples/semgrep.sarif
index 14b97b8e..7d2ca2c1 100644
--- a/tests/samples/semgrep.sarif
+++ b/tests/samples/semgrep.sarif
@@ -1,70 +1,72 @@
 {
-  "$schema": "https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/schemas/sarif-schema-2.1.0.json",
+  "version": "2.1.0",
+  "schema_uri": "https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/schemas/sarif-schema-2.1.0.json",
   "runs": [
     {
+      "tool": {
+        "driver": {
+          "name": "semgrep",
+          "semantic_version": "1.34.1",
+          "rules": [
+            {
+              "id": "codemodder.codemods.semgrep.secure-random",
+              "name": "codemodder.codemods.semgrep.secure-random",
+              "short_description": {
+                "text": "Semgrep Finding: codemodder.codemods.semgrep.secure-random"
+              },
+              "full_description": {
+                "text": "Insecure Random"
+              },
+              "default_configuration": {
+                "enabled": true,
+                "level": "warning"
+              },
+              "properties": {
+                "precision": "very-high",
+                "tags": []
+              }
+            }
+          ]
+        }
+      },
       "invocations": [
         {
-          "executionSuccessful": true,
+          "execution_successful": true,
           "toolExecutionNotifications": []
         }
       ],
       "results": [
         {
-          "fingerprints": {
-            "matchBasedId/v1": "3f3a6a72297040e2d8a9a0ff6d0eed04cba09aa7d3f86ceef72a0aeec4b17a5a5ff55913cabea108083a9e4824245305fc7e9a6fbe21f73daf0f1cbcf517efe4_0"
+          "rule_id": "codemodder.codemods.semgrep.secure-random",
+          "message": {
+            "text": "Insecure Random"
           },
           "locations": [
             {
-              "physicalLocation": {
-                "artifactLocation": {
+              "physical_location": {
+                "artifact_location": {
                   "uri": "tests/samples/insecure_random.py",
-                  "uriBaseId": "%SRCROOT%"
+                  "uri_base_id": "%SRCROOT%"
                 },
                 "region": {
-                  "endColumn": 16,
-                  "endLine": 3,
+                  "start_line": 3,
+                  "start_column": 1,
+                  "end_line": 3,
+                  "end_column": 16,
                   "snippet": {
                     "text": "random.random()"
-                  },
-                  "startColumn": 1,
-                  "startLine": 3
+                  }
                 }
               }
             }
           ],
-          "message": {
-            "text": "Insecure Random"
+          "guid": "0c1cc303-d47e-435f-83d4-f6b4999a86d0",
+          "fingerprints": {
+            "matchBasedId/v1": "3f3a6a72297040e2d8a9a0ff6d0eed04cba09aa7d3f86ceef72a0aeec4b17a5a5ff55913cabea108083a9e4824245305fc7e9a6fbe21f73daf0f1cbcf517efe4_0"
           },
-          "properties": {},
-          "ruleId": "codemodder.codemods.semgrep.secure-random"
-        }
-      ],
-      "tool": {
-        "driver": {
-          "name": "semgrep",
-          "rules": [
-            {
-              "defaultConfiguration": {
-                "level": "warning"
-              },
-              "fullDescription": {
-                "text": "Insecure Random"
-              },
-              "id": "codemodder.codemods.semgrep.secure-random",
-              "name": "codemodder.codemods.semgrep.secure-random",
-              "properties": {
-                "precision": "very-high",
-                "tags": []
-              },
-              "shortDescription": {
-                "text": "Semgrep Finding: codemodder.codemods.semgrep.secure-random"
-              }
-            }
-          ],
-          "semanticVersion": "1.34.1"
+          "properties": {}
         }
-      }
+      ]
     }
-  ],
-  "version": "2.1.0"
+  ]
 }
diff --git a/tests/samples/webgoat_v8.2.0_codeql.sarif b/tests/samples/webgoat_v8.2.0_codeql.sarif
index 31e1908c..ac0bd0c0 100644
--- a/tests/samples/webgoat_v8.2.0_codeql.sarif
+++ b/tests/samples/webgoat_v8.2.0_codeql.sarif
@@ -1,2981 +1,1607 @@
 {
+  "version": "2.1.0",
+  "schema_uri": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
   "runs": [
     {
-      "artifacts": [
-        {
-          "location": {
-            "index": 0,
-            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-          }
-        },
-        {
-          "location": {
-            "index": 1,
-            "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java"
-          }
-        },
-        {
-          "location": {
-            "index": 2,
-            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java"
-          }
-        },
-        {
-          "location": {
-            "index": 3,
-            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/ContentTypeAssignment.java"
-          }
-        },
-        {
-          "location": {
-            "index": 4,
-            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java"
-          }
-        },
-        {
-          "location": {
-            "index": 5,
-            "uri": "webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java"
-          }
-        },
-        {
-          "location": {
-            "index": 6,
-            "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java"
-          }
-        },
-        {
-          "location": {
-            "index": 7,
-            "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTSecretKeyEndpoint.java"
-          }
-        },
-        {
-          "location": {
-            "index": 8,
-            "uri": "webgoat-integration-tests/src/test/java/org/owasp/webgoat/JWTLessonTest.java"
-          }
-        },
-        {
-          "location": {
-            "index": 9,
-            "uri": "webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/HashingAssignment.java"
-          }
-        },
-        {
-          "location": {
-            "index": 10,
-            "uri": "webgoat-container/src/main/java/org/owasp/webgoat/AjaxAuthenticationEntryPoint.java"
-          }
-        },
-        {
-          "location": {
-            "index": 11,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
-          }
-        },
-        {
-          "location": {
-            "index": 12,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
-          }
-        },
-        {
-          "location": {
-            "index": 13,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java"
-          }
-        },
-        {
-          "location": {
-            "index": 14,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-          }
-        },
-        {
-          "location": {
-            "index": 15,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java"
-          }
-        },
-        {
-          "location": {
-            "index": 16,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java"
-          }
-        },
-        {
-          "location": {
-            "index": 17,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java"
-          }
-        },
-        {
-          "location": {
-            "index": 18,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java"
-          }
-        },
-        {
-          "location": {
-            "index": 19,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java"
-          }
-        },
-        {
-          "location": {
-            "index": 20,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java"
-          }
+      "tool": {
+        "driver": {
+          "name": "CodeQL",
+          "version": "2.8.0"
         },
-        {
-          "location": {
-            "index": 21,
-            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidation.java"
-          }
-        }
-      ],
-      "automationDetails": {
-        "id": ".github/workflows/codeql.yml:analyse/"
-      },
-      "conversion": {
-        "tool": {
-          "driver": {
-            "name": "GitHub Code Scanning"
-          }
-        }
-      },
-      "results": [
-        {
-          "codeFlows": [
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "url : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 0,
-                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                          },
-                          "region": {
-                            "endColumn": 59,
-                            "endLine": 46,
-                            "startColumn": 35,
-                            "startLine": 46
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "url : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 0,
-                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                          },
-                          "region": {
-                            "endColumn": 27,
-                            "endLine": 47,
-                            "startColumn": 24,
-                            "startLine": 47
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "url : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 0,
-                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                          },
-                          "region": {
-                            "endColumn": 46,
-                            "endLine": 50,
-                            "startColumn": 36,
-                            "startLine": 50
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "new URL(...)"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 0,
-                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                          },
-                          "region": {
-                            "endColumn": 47,
-                            "endLine": 53,
-                            "startColumn": 35,
-                            "startLine": 53
-                          }
-                        }
-                      }
-                    }
-                  ]
-                }
-              ]
-            },
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "url : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 0,
-                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                          },
-                          "region": {
-                            "endColumn": 59,
-                            "endLine": 46,
-                            "startColumn": 35,
-                            "startLine": 46
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "url : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 0,
-                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                          },
-                          "region": {
-                            "endColumn": 27,
-                            "endLine": 47,
-                            "startColumn": 24,
-                            "startLine": 47
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "url : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 0,
-                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                          },
-                          "region": {
-                            "endColumn": 46,
-                            "endLine": 50,
-                            "startColumn": 36,
-                            "startLine": 50
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "url : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 0,
-                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                          },
-                          "region": {
-                            "endColumn": 46,
-                            "endLine": 53,
-                            "startColumn": 43,
-                            "startLine": 53
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "new URL(...)"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 0,
-                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                          },
-                          "region": {
-                            "endColumn": 47,
-                            "endLine": 53,
-                            "startColumn": 35,
-                            "startLine": 53
-                          }
-                        }
-                      }
-                    }
-                  ]
-                }
-              ]
-            }
-          ],
-          "correlationGuid": "0a707b1d-4b19-47a1-ad04-c83e3ea0f35b",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                },
-                "region": {
-                  "endColumn": 47,
-                  "endLine": 53,
-                  "startColumn": 35,
-                  "startLine": 53
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Potential server-side request forgery due to [a user-provided value](1)."
+        "extensions": [
+          {
+            "name": "legacy-upgrades",
+            "semantic_version": "0.0.0"
           },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "e26804d6c609fb76:1"
+          {
+            "name": "codeql/python-all",
+            "semantic_version": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
           },
-          "properties": {
-            "github/alertNumber": 24,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/24"
+          {
+            "name": "codeql/python-examples",
+            "semantic_version": "0.0.2+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
           },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "a user-provided value"
-              },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java"
-                },
-                "region": {
-                  "endColumn": 59,
-                  "endLine": 46,
-                  "startColumn": 35,
-                  "startLine": 46
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 29
-          }
-        },
-        {
-          "correlationGuid": "f5b73719-2665-4a67-9352-3005bcc59e9d",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 1,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java"
-                },
-                "region": {
-                  "endColumn": 39,
-                  "endLine": 111,
-                  "startColumn": 13,
-                  "startLine": 111
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Cookie is added to response without the 'secure' flag being set."
+          {
+            "name": "codeql/ruby-all",
+            "semantic_version": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
           },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "178a5d22f3f4ca47:1"
+          {
+            "name": "codeql/java-all",
+            "semantic_version": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
           },
-          "properties": {
-            "github/alertNumber": 23,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/23"
+          {
+            "name": "codeql/csharp-all",
+            "semantic_version": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
           },
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 12
-          }
-        },
-        {
-          "correlationGuid": "c404540f-0dba-49fe-9fd1-f1b04785c642",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 1,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java"
-                },
-                "region": {
-                  "endColumn": 39,
-                  "endLine": 106,
-                  "startColumn": 13,
-                  "startLine": 106
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Cookie is added to response without the 'secure' flag being set."
+          {
+            "name": "codeql/javascript-all",
+            "semantic_version": "0.0.9+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
           },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "84a4c92c523d81a1:1"
+          {
+            "name": "codeql/csharp-examples",
+            "semantic_version": "0.0.2+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
           },
-          "properties": {
-            "github/alertNumber": 22,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/22"
+          {
+            "name": "codeql/ruby-examples",
+            "semantic_version": "0.0.2+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
           },
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 12
-          }
-        },
-        {
-          "codeFlows": [
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "commentStr : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 3,
-                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/ContentTypeAssignment.java"
-                          },
-                          "region": {
-                            "endColumn": 97,
-                            "endLine": 59,
-                            "startColumn": 67,
-                            "startLine": 59
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "commentStr : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 3,
-                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/ContentTypeAssignment.java"
-                          },
-                          "region": {
-                            "endColumn": 63,
-                            "endLine": 74,
-                            "startColumn": 53,
-                            "startLine": 74
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "xml : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 2,
-                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java"
-                          },
-                          "region": {
-                            "endColumn": 42,
-                            "endLine": 92,
-                            "startColumn": 32,
-                            "startLine": 92
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "xml : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 2,
-                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java"
-                          },
-                          "region": {
-                            "endColumn": 65,
-                            "endLine": 101,
-                            "startColumn": 62,
-                            "startLine": 101
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "new StringReader(...)"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 2,
-                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java"
-                          },
-                          "region": {
-                            "endColumn": 66,
-                            "endLine": 101,
-                            "startColumn": 45,
-                            "startLine": 101
-                          }
-                        }
-                      }
-                    }
+          {
+            "name": "codeql/cpp-examples",
+            "semantic_version": "0.0.2+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          },
+          {
+            "name": "codeql/ruby-queries",
+            "semantic_version": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          },
+          {
+            "name": "codeql/go-examples",
+            "semantic_version": "0.0.2+14d227a232489bccc3e2661088452af185a2516b"
+          },
+          {
+            "name": "codeql/java-examples",
+            "semantic_version": "0.0.2+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          },
+          {
+            "name": "codeql/csharp-queries",
+            "semantic_version": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          },
+          {
+            "name": "codeql/java-queries",
+            "semantic_version": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779",
+            "rules": [
+              {
+                "id": "java/android/fragment-injection",
+                "name": "java/android/fragment-injection",
+                "short_description": {
+                  "text": "Android fragment injection"
+                },
+                "full_description": {
+                  "text": "Instantiating an Android fragment from a user-provided value may allow a malicious application to bypass access controls, exposing the application to unintended effects."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Android fragment injection\nWhen fragments are instantiated with externally provided names, this exposes any exported activity that dynamically creates and hosts the fragment to fragment injection. A malicious application could provide the name of an arbitrary fragment, even one not designed to be externally accessible, and inject it into the activity. This can bypass access controls and expose the application to unintended effects.\n\nFragments are reusable parts of an Android application's user interface. Even though a fragment controls its own lifecycle and layout, and handles its input events, it cannot exist on its own: it must be hosted either by an activity or another fragment. This means that, normally, a fragment will be accessible by third-party applications (that is, exported) only if its hosting activity is itself exported.\n\n\n## Recommendation\nIn general, do not instantiate classes (including fragments) with user-provided names unless the name has been properly validated. Also, if an exported activity is extending the `PreferenceActivity` class, make sure that the `isValidFragment` method is overriden and only returns `true` when the provided `fragmentName` points to an intended fragment.\n\n\n## Example\nThe following example shows two cases: in the first one, untrusted data is used to instantiate and add a fragment to an activity, while in the second one, a fragment is safely added with a static name.\n\n\n```java\npublic class MyActivity extends FragmentActivity {\n\n    @Override\n    protected void onCreate(Bundle savedInstance) {\n        try {\n            super.onCreate(savedInstance);\n            // BAD: Fragment instantiated from user input without validation\n            {\n                String fName = getIntent().getStringExtra(\"fragmentName\");\n                getFragmentManager().beginTransaction().replace(com.android.internal.R.id.prefs,\n                        Fragment.instantiate(this, fName, null)).commit();\n            }\n            // GOOD: Fragment instantiated statically\n            {\n                getFragmentManager().beginTransaction()\n                        .replace(com.android.internal.R.id.prefs, new MyFragment()).commit();\n            }\n        } catch (Exception e) {\n        }\n    }\n\n}\n\n```\nThe next example shows two activities that extend `PreferenceActivity`. The first activity overrides `isValidFragment`, but it wrongly returns `true` unconditionally. The second activity correctly overrides `isValidFragment` so that it only returns `true` when `fragmentName` is a trusted fragment name.\n\n\n```java\nclass UnsafeActivity extends PreferenceActivity {\n\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // BAD: any Fragment name can be provided.\n        return true;\n    }\n}\n\n\nclass SafeActivity extends PreferenceActivity {\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // Good: only trusted Fragment names are allowed.\n        return SafeFragment1.class.getName().equals(fragmentName)\n                || SafeFragment2.class.getName().equals(fragmentName)\n                || SafeFragment3.class.getName().equals(fragmentName);\n    }\n\n}\n\n\n```\n\n## References\n* Google Help: [How to fix Fragment Injection vulnerability](https://support.google.com/faqs/answer/7188427?hl=en).\n* IBM Security Systems: [Android collapses into Fragments](https://securityintelligence.com/wp-content/uploads/2013/12/android-collapses-into-fragments.pdf).\n* Android Developers: [Fragments](https://developer.android.com/guide/fragments)\n* Common Weakness Enumeration: [CWE-470](https://cwe.mitre.org/data/definitions/470.html).\n",
+                  "markdown": "# Android fragment injection\nWhen fragments are instantiated with externally provided names, this exposes any exported activity that dynamically creates and hosts the fragment to fragment injection. A malicious application could provide the name of an arbitrary fragment, even one not designed to be externally accessible, and inject it into the activity. This can bypass access controls and expose the application to unintended effects.\n\nFragments are reusable parts of an Android application's user interface. Even though a fragment controls its own lifecycle and layout, and handles its input events, it cannot exist on its own: it must be hosted either by an activity or another fragment. This means that, normally, a fragment will be accessible by third-party applications (that is, exported) only if its hosting activity is itself exported.\n\n\n## Recommendation\nIn general, do not instantiate classes (including fragments) with user-provided names unless the name has been properly validated. Also, if an exported activity is extending the `PreferenceActivity` class, make sure that the `isValidFragment` method is overriden and only returns `true` when the provided `fragmentName` points to an intended fragment.\n\n\n## Example\nThe following example shows two cases: in the first one, untrusted data is used to instantiate and add a fragment to an activity, while in the second one, a fragment is safely added with a static name.\n\n\n```java\npublic class MyActivity extends FragmentActivity {\n\n    @Override\n    protected void onCreate(Bundle savedInstance) {\n        try {\n            super.onCreate(savedInstance);\n            // BAD: Fragment instantiated from user input without validation\n            {\n                String fName = getIntent().getStringExtra(\"fragmentName\");\n                getFragmentManager().beginTransaction().replace(com.android.internal.R.id.prefs,\n                        Fragment.instantiate(this, fName, null)).commit();\n            }\n            // GOOD: Fragment instantiated statically\n            {\n                getFragmentManager().beginTransaction()\n                        .replace(com.android.internal.R.id.prefs, new MyFragment()).commit();\n            }\n        } catch (Exception e) {\n        }\n    }\n\n}\n\n```\nThe next example shows two activities that extend `PreferenceActivity`. The first activity overrides `isValidFragment`, but it wrongly returns `true` unconditionally. The second activity correctly overrides `isValidFragment` so that it only returns `true` when `fragmentName` is a trusted fragment name.\n\n\n```java\nclass UnsafeActivity extends PreferenceActivity {\n\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // BAD: any Fragment name can be provided.\n        return true;\n    }\n}\n\n\nclass SafeActivity extends PreferenceActivity {\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // Good: only trusted Fragment names are allowed.\n        return SafeFragment1.class.getName().equals(fragmentName)\n                || SafeFragment2.class.getName().equals(fragmentName)\n                || SafeFragment3.class.getName().equals(fragmentName);\n    }\n\n}\n\n\n```\n\n## References\n* Google Help: [How to fix Fragment Injection vulnerability](https://support.google.com/faqs/answer/7188427?hl=en).\n* IBM Security Systems: [Android collapses into Fragments](https://securityintelligence.com/wp-content/uploads/2013/12/android-collapses-into-fragments.pdf).\n* Android Developers: [Fragments](https://developer.android.com/guide/fragments)\n* Common Weakness Enumeration: [CWE-470](https://cwe.mitre.org/data/definitions/470.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.800000",
+                  "tags": [
+                    "external/cwe/cwe-470",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "java/android/fragment-injection-preference-activity",
+                "name": "java/android/fragment-injection-preference-activity",
+                "short_description": {
+                  "text": "Android fragment injection in PreferenceActivity"
+                },
+                "full_description": {
+                  "text": "An insecure implementation of the 'isValidFragment' method of the 'PreferenceActivity' class may allow a malicious application to bypass access controls, exposing the application to unintended effects."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Android fragment injection in PreferenceActivity\nWhen fragments are instantiated with externally provided names, this exposes any exported activity that dynamically creates and hosts the fragment to fragment injection. A malicious application could provide the name of an arbitrary fragment, even one not designed to be externally accessible, and inject it into the activity. This can bypass access controls and expose the application to unintended effects.\n\nFragments are reusable parts of an Android application's user interface. Even though a fragment controls its own lifecycle and layout, and handles its input events, it cannot exist on its own: it must be hosted either by an activity or another fragment. This means that, normally, a fragment will be accessible by third-party applications (that is, exported) only if its hosting activity is itself exported.\n\n\n## Recommendation\nIn general, do not instantiate classes (including fragments) with user-provided names unless the name has been properly validated. Also, if an exported activity is extending the `PreferenceActivity` class, make sure that the `isValidFragment` method is overriden and only returns `true` when the provided `fragmentName` points to an intended fragment.\n\n\n## Example\nThe following example shows two cases: in the first one, untrusted data is used to instantiate and add a fragment to an activity, while in the second one, a fragment is safely added with a static name.\n\n\n```java\npublic class MyActivity extends FragmentActivity {\n\n    @Override\n    protected void onCreate(Bundle savedInstance) {\n        try {\n            super.onCreate(savedInstance);\n            // BAD: Fragment instantiated from user input without validation\n            {\n                String fName = getIntent().getStringExtra(\"fragmentName\");\n                getFragmentManager().beginTransaction().replace(com.android.internal.R.id.prefs,\n                        Fragment.instantiate(this, fName, null)).commit();\n            }\n            // GOOD: Fragment instantiated statically\n            {\n                getFragmentManager().beginTransaction()\n                        .replace(com.android.internal.R.id.prefs, new MyFragment()).commit();\n            }\n        } catch (Exception e) {\n        }\n    }\n\n}\n\n```\nThe next example shows two activities that extend `PreferenceActivity`. The first activity overrides `isValidFragment`, but it wrongly returns `true` unconditionally. The second activity correctly overrides `isValidFragment` so that it only returns `true` when `fragmentName` is a trusted fragment name.\n\n\n```java\nclass UnsafeActivity extends PreferenceActivity {\n\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // BAD: any Fragment name can be provided.\n        return true;\n    }\n}\n\n\nclass SafeActivity extends PreferenceActivity {\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // Good: only trusted Fragment names are allowed.\n        return SafeFragment1.class.getName().equals(fragmentName)\n                || SafeFragment2.class.getName().equals(fragmentName)\n                || SafeFragment3.class.getName().equals(fragmentName);\n    }\n\n}\n\n\n```\n\n## References\n* Google Help: [How to fix Fragment Injection vulnerability](https://support.google.com/faqs/answer/7188427?hl=en).\n* IBM Security Systems: [Android collapses into Fragments](https://securityintelligence.com/wp-content/uploads/2013/12/android-collapses-into-fragments.pdf).\n* Android Developers: [Fragments](https://developer.android.com/guide/fragments)\n* Common Weakness Enumeration: [CWE-470](https://cwe.mitre.org/data/definitions/470.html).\n",
+                  "markdown": "# Android fragment injection in PreferenceActivity\nWhen fragments are instantiated with externally provided names, this exposes any exported activity that dynamically creates and hosts the fragment to fragment injection. A malicious application could provide the name of an arbitrary fragment, even one not designed to be externally accessible, and inject it into the activity. This can bypass access controls and expose the application to unintended effects.\n\nFragments are reusable parts of an Android application's user interface. Even though a fragment controls its own lifecycle and layout, and handles its input events, it cannot exist on its own: it must be hosted either by an activity or another fragment. This means that, normally, a fragment will be accessible by third-party applications (that is, exported) only if its hosting activity is itself exported.\n\n\n## Recommendation\nIn general, do not instantiate classes (including fragments) with user-provided names unless the name has been properly validated. Also, if an exported activity is extending the `PreferenceActivity` class, make sure that the `isValidFragment` method is overriden and only returns `true` when the provided `fragmentName` points to an intended fragment.\n\n\n## Example\nThe following example shows two cases: in the first one, untrusted data is used to instantiate and add a fragment to an activity, while in the second one, a fragment is safely added with a static name.\n\n\n```java\npublic class MyActivity extends FragmentActivity {\n\n    @Override\n    protected void onCreate(Bundle savedInstance) {\n        try {\n            super.onCreate(savedInstance);\n            // BAD: Fragment instantiated from user input without validation\n            {\n                String fName = getIntent().getStringExtra(\"fragmentName\");\n                getFragmentManager().beginTransaction().replace(com.android.internal.R.id.prefs,\n                        Fragment.instantiate(this, fName, null)).commit();\n            }\n            // GOOD: Fragment instantiated statically\n            {\n                getFragmentManager().beginTransaction()\n                        .replace(com.android.internal.R.id.prefs, new MyFragment()).commit();\n            }\n        } catch (Exception e) {\n        }\n    }\n\n}\n\n```\nThe next example shows two activities that extend `PreferenceActivity`. The first activity overrides `isValidFragment`, but it wrongly returns `true` unconditionally. The second activity correctly overrides `isValidFragment` so that it only returns `true` when `fragmentName` is a trusted fragment name.\n\n\n```java\nclass UnsafeActivity extends PreferenceActivity {\n\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // BAD: any Fragment name can be provided.\n        return true;\n    }\n}\n\n\nclass SafeActivity extends PreferenceActivity {\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // Good: only trusted Fragment names are allowed.\n        return SafeFragment1.class.getName().equals(fragmentName)\n                || SafeFragment2.class.getName().equals(fragmentName)\n                || SafeFragment3.class.getName().equals(fragmentName);\n    }\n\n}\n\n\n```\n\n## References\n* Google Help: [How to fix Fragment Injection vulnerability](https://support.google.com/faqs/answer/7188427?hl=en).\n* IBM Security Systems: [Android collapses into Fragments](https://securityintelligence.com/wp-content/uploads/2013/12/android-collapses-into-fragments.pdf).\n* Android Developers: [Fragments](https://developer.android.com/guide/fragments)\n* Common Weakness Enumeration: [CWE-470](https://cwe.mitre.org/data/definitions/470.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.800000",
+                  "tags": [
+                    "external/cwe/cwe-470",
+                    "security"
                   ]
                 }
-              ]
-            },
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "commentStr : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 4,
-                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java"
-                          },
-                          "region": {
-                            "endColumn": 100,
-                            "endLine": 69,
-                            "startColumn": 70,
-                            "startLine": 69
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "commentStr : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 4,
-                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java"
-                          },
-                          "region": {
-                            "endColumn": 59,
-                            "endLine": 76,
-                            "startColumn": 49,
-                            "startLine": 76
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "xml : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 2,
-                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java"
-                          },
-                          "region": {
-                            "endColumn": 42,
-                            "endLine": 92,
-                            "startColumn": 32,
-                            "startLine": 92
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "xml : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 2,
-                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java"
-                          },
-                          "region": {
-                            "endColumn": 65,
-                            "endLine": 101,
-                            "startColumn": 62,
-                            "startLine": 101
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "new StringReader(...)"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 2,
-                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java"
-                          },
-                          "region": {
-                            "endColumn": 66,
-                            "endLine": 101,
-                            "startColumn": 45,
-                            "startLine": 101
-                          }
-                        }
-                      }
-                    }
+              },
+              {
+                "id": "java/android/implicit-pendingintents",
+                "name": "java/android/implicit-pendingintents",
+                "short_description": {
+                  "text": "Use of implicit PendingIntents"
+                },
+                "full_description": {
+                  "text": "Sending an implicit and mutable 'PendingIntent' to an unspecified third party component may provide an attacker with access to internal components of the application or cause other unintended effects."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Use of implicit PendingIntents\nA `PendingIntent` is used to wrap an `Intent` that will be supplied and executed by another application. When the `Intent` is executed, it behaves as if it were run directly by the supplying application, using the privileges of that application.\n\nIf a `PendingIntent` is configured to be mutable, the fields of its internal `Intent` can be changed by the receiving application if they were not previously set. This means that a mutable `PendingIntent` that has not defined a destination component (that is, an implicit `PendingIntent`) can be altered to execute an arbitrary action with the privileges of the application that created it.\n\nA malicious application can access an implicit `PendingIntent` as follows:\n\n* It is wrapped and sent as an extra of another implicit `Intent`.\n* It is sent as the action of a `Slide`.\n* It is sent as the action of a `Notification`.\n\n\nOn gaining access, the attacker can modify the underlying `Intent` and execute an arbitrary action with elevated privileges. This could give the malicious application access to private components of the victim application, or the ability to perform actions without having the necessary permissions.\n\n\n## Recommendation\nAvoid creating implicit `PendingIntent`s. This means that the underlying `Intent` should always have an explicit destination component.\n\nWhen you add the `PendingIntent` as an extra of another `Intent`, make sure that this second `Intent` also has an explicit destination component, so that it is not delivered to untrusted applications.\n\nCreate the `PendingIntent` using the flag `FLAG_IMMUTABLE` whenever possible, to prevent the destination component from modifying empty fields of the underlying `Intent`.\n\n\n## Example\nIn the following examples, a `PendingIntent` is created and wrapped as an extra of another `Intent`.\n\nIn the first example, both the `PendingIntent` and the `Intent` it is wrapped in are implicit, making them vulnerable to attack.\n\nIn the second example, the issue is avoided by adding explicit destination components to the `PendingIntent` and the wrapping `Intent`.\n\nThe third example uses the `FLAG_IMMUTABLE` flag to prevent the underlying `Intent` from being modified by the destination component.\n\n\n```java\nimport android.app.Activity;\nimport android.app.PendingIntent;\nimport android.content.Intent;\nimport android.os.Bundle;\n\npublic class ImplicitPendingIntents extends Activity {\n\n\tpublic void onCreate(Bundle savedInstance) {\n\t\t{\n\t\t\t// BAD: an implicit Intent is used to create a PendingIntent.\n\t\t\t// The PendingIntent is then added to another implicit Intent\n\t\t\t// and started.\n\t\t\tIntent baseIntent = new Intent();\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, baseIntent, PendingIntent.FLAG_ONE_SHOT);\n\t\t\tIntent fwdIntent = new Intent(\"SOME_ACTION\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tsendBroadcast(fwdIntent);\n\t\t}\n\n\t\t{\n\t\t\t// GOOD: both the PendingIntent and the wrapping Intent are explicit.\n\t\t\tIntent safeIntent = new Intent(this, AnotherActivity.class);\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, safeIntent, PendingIntent.FLAG_ONE_SHOT);\n\t\t\tIntent fwdIntent = new Intent();\n\t\t\tfwdIntent.setClassName(\"destination.package\", \"DestinationClass\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tstartActivity(fwdIntent);\n\t\t}\n\n\t\t{\n\t\t\t// GOOD: The PendingIntent is created with FLAG_IMMUTABLE.\n\t\t\tIntent baseIntent = new Intent(\"SOME_ACTION\");\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, baseIntent, PendingIntent.FLAG_IMMUTABLE);\n\t\t\tIntent fwdIntent = new Intent();\n\t\t\tfwdIntent.setClassName(\"destination.package\", \"DestinationClass\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tstartActivity(fwdIntent);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* Google Help: [ Remediation for Implicit PendingIntent Vulnerability ](https://support.google.com/faqs/answer/10437428?hl=en)\n* University of Potsdam: [ PIAnalyzer: A precise approach for PendingIntent vulnerability analysis ](https://www.cs.uni-potsdam.de/se/papers/esorics18.pdf)\n* Common Weakness Enumeration: [CWE-927](https://cwe.mitre.org/data/definitions/927.html).\n",
+                  "markdown": "# Use of implicit PendingIntents\nA `PendingIntent` is used to wrap an `Intent` that will be supplied and executed by another application. When the `Intent` is executed, it behaves as if it were run directly by the supplying application, using the privileges of that application.\n\nIf a `PendingIntent` is configured to be mutable, the fields of its internal `Intent` can be changed by the receiving application if they were not previously set. This means that a mutable `PendingIntent` that has not defined a destination component (that is, an implicit `PendingIntent`) can be altered to execute an arbitrary action with the privileges of the application that created it.\n\nA malicious application can access an implicit `PendingIntent` as follows:\n\n* It is wrapped and sent as an extra of another implicit `Intent`.\n* It is sent as the action of a `Slide`.\n* It is sent as the action of a `Notification`.\n\n\nOn gaining access, the attacker can modify the underlying `Intent` and execute an arbitrary action with elevated privileges. This could give the malicious application access to private components of the victim application, or the ability to perform actions without having the necessary permissions.\n\n\n## Recommendation\nAvoid creating implicit `PendingIntent`s. This means that the underlying `Intent` should always have an explicit destination component.\n\nWhen you add the `PendingIntent` as an extra of another `Intent`, make sure that this second `Intent` also has an explicit destination component, so that it is not delivered to untrusted applications.\n\nCreate the `PendingIntent` using the flag `FLAG_IMMUTABLE` whenever possible, to prevent the destination component from modifying empty fields of the underlying `Intent`.\n\n\n## Example\nIn the following examples, a `PendingIntent` is created and wrapped as an extra of another `Intent`.\n\nIn the first example, both the `PendingIntent` and the `Intent` it is wrapped in are implicit, making them vulnerable to attack.\n\nIn the second example, the issue is avoided by adding explicit destination components to the `PendingIntent` and the wrapping `Intent`.\n\nThe third example uses the `FLAG_IMMUTABLE` flag to prevent the underlying `Intent` from being modified by the destination component.\n\n\n```java\nimport android.app.Activity;\nimport android.app.PendingIntent;\nimport android.content.Intent;\nimport android.os.Bundle;\n\npublic class ImplicitPendingIntents extends Activity {\n\n\tpublic void onCreate(Bundle savedInstance) {\n\t\t{\n\t\t\t// BAD: an implicit Intent is used to create a PendingIntent.\n\t\t\t// The PendingIntent is then added to another implicit Intent\n\t\t\t// and started.\n\t\t\tIntent baseIntent = new Intent();\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, baseIntent, PendingIntent.FLAG_ONE_SHOT);\n\t\t\tIntent fwdIntent = new Intent(\"SOME_ACTION\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tsendBroadcast(fwdIntent);\n\t\t}\n\n\t\t{\n\t\t\t// GOOD: both the PendingIntent and the wrapping Intent are explicit.\n\t\t\tIntent safeIntent = new Intent(this, AnotherActivity.class);\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, safeIntent, PendingIntent.FLAG_ONE_SHOT);\n\t\t\tIntent fwdIntent = new Intent();\n\t\t\tfwdIntent.setClassName(\"destination.package\", \"DestinationClass\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tstartActivity(fwdIntent);\n\t\t}\n\n\t\t{\n\t\t\t// GOOD: The PendingIntent is created with FLAG_IMMUTABLE.\n\t\t\tIntent baseIntent = new Intent(\"SOME_ACTION\");\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, baseIntent, PendingIntent.FLAG_IMMUTABLE);\n\t\t\tIntent fwdIntent = new Intent();\n\t\t\tfwdIntent.setClassName(\"destination.package\", \"DestinationClass\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tstartActivity(fwdIntent);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* Google Help: [ Remediation for Implicit PendingIntent Vulnerability ](https://support.google.com/faqs/answer/10437428?hl=en)\n* University of Potsdam: [ PIAnalyzer: A precise approach for PendingIntent vulnerability analysis ](https://www.cs.uni-potsdam.de/se/papers/esorics18.pdf)\n* Common Weakness Enumeration: [CWE-927](https://cwe.mitre.org/data/definitions/927.html).\n"
+                },
+                "properties": {
+                  "security-severity": "8.200000",
+                  "tags": [
+                    "external/cwe/cwe-927",
+                    "security"
                   ]
                 }
-              ]
-            }
-          ],
-          "correlationGuid": "e54b8c0f-4638-4a9f-9325-d8742e367564",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 2,
-                  "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java"
+              },
+              {
+                "id": "java/android/intent-redirection",
+                "name": "java/android/intent-redirection",
+                "short_description": {
+                  "text": "Android Intent redirection"
                 },
-                "region": {
-                  "endColumn": 66,
-                  "endLine": 101,
-                  "startColumn": 45,
-                  "startLine": 101
+                "full_description": {
+                  "text": "Starting Android components with user-provided Intents can provide access to internal components of the application, increasing the attack surface and potentially causing unintended effects."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Android Intent redirection\nAn exported Android component that obtains a user-provided Intent and uses it to launch another component can be exploited to obtain access to private, unexported components of the same app or to launch other apps' components on behalf of the victim app.\n\n\n## Recommendation\nDo not export components that start other components from a user-provided Intent. They can be made private by setting the `android:exported` property to `false` in the app's Android Manifest.\n\nIf this is not possible, restrict either which apps can send Intents to the affected component, or which components can be started from it.\n\n\n## Example\nThe following snippet contains three examples. In the first example, an arbitrary component can be started from the externally provided `forward_intent` Intent. In the second example, the destination component of the Intent is first checked to make sure it is safe. In the third example, the component that created the Intent is first checked to make sure it comes from a trusted origin.\n\n\n```java\n// BAD: A user-provided Intent is used to launch an arbitrary component\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nstartActivity(forwardIntent);\n\n// GOOD: The destination component is checked before launching it\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nComponentName destinationComponent = forwardIntent.resolveActivity(getPackageManager());\nif (destinationComponent.getPackageName().equals(\"safe.package\") && \n    destinationComponent.getClassName().equals(\"SafeClass\")) {\n    startActivity(forwardIntent);\n}\n\n// GOOD: The component that sent the Intent is checked before launching the destination component\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nComponentName originComponent = getCallingActivity();\nif (originComponent.getPackageName().equals(\"trusted.package\") && originComponent.getClassName().equals(\"TrustedClass\")) {\n    startActivity(forwardIntent);\n}\n\n```\n\n## References\n* Google: [Remediation for Intent Redirection Vulnerability](https://support.google.com/faqs/answer/9267555?hl=en).\n* OWASP Mobile Security Testing Guide: [Intents](https://mobile-security.gitbook.io/mobile-security-testing-guide/android-testing-guide/0x05a-platform-overview#intents).\n* Android Developers: [The android:exported attribute](https://developer.android.com/guide/topics/manifest/activity-element#exported).\n* Common Weakness Enumeration: [CWE-926](https://cwe.mitre.org/data/definitions/926.html).\n* Common Weakness Enumeration: [CWE-940](https://cwe.mitre.org/data/definitions/940.html).\n",
+                  "markdown": "# Android Intent redirection\nAn exported Android component that obtains a user-provided Intent and uses it to launch another component can be exploited to obtain access to private, unexported components of the same app or to launch other apps' components on behalf of the victim app.\n\n\n## Recommendation\nDo not export components that start other components from a user-provided Intent. They can be made private by setting the `android:exported` property to `false` in the app's Android Manifest.\n\nIf this is not possible, restrict either which apps can send Intents to the affected component, or which components can be started from it.\n\n\n## Example\nThe following snippet contains three examples. In the first example, an arbitrary component can be started from the externally provided `forward_intent` Intent. In the second example, the destination component of the Intent is first checked to make sure it is safe. In the third example, the component that created the Intent is first checked to make sure it comes from a trusted origin.\n\n\n```java\n// BAD: A user-provided Intent is used to launch an arbitrary component\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nstartActivity(forwardIntent);\n\n// GOOD: The destination component is checked before launching it\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nComponentName destinationComponent = forwardIntent.resolveActivity(getPackageManager());\nif (destinationComponent.getPackageName().equals(\"safe.package\") && \n    destinationComponent.getClassName().equals(\"SafeClass\")) {\n    startActivity(forwardIntent);\n}\n\n// GOOD: The component that sent the Intent is checked before launching the destination component\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nComponentName originComponent = getCallingActivity();\nif (originComponent.getPackageName().equals(\"trusted.package\") && originComponent.getClassName().equals(\"TrustedClass\")) {\n    startActivity(forwardIntent);\n}\n\n```\n\n## References\n* Google: [Remediation for Intent Redirection Vulnerability](https://support.google.com/faqs/answer/9267555?hl=en).\n* OWASP Mobile Security Testing Guide: [Intents](https://mobile-security.gitbook.io/mobile-security-testing-guide/android-testing-guide/0x05a-platform-overview#intents).\n* Android Developers: [The android:exported attribute](https://developer.android.com/guide/topics/manifest/activity-element#exported).\n* Common Weakness Enumeration: [CWE-926](https://cwe.mitre.org/data/definitions/926.html).\n* Common Weakness Enumeration: [CWE-940](https://cwe.mitre.org/data/definitions/940.html).\n"
+                },
+                "properties": {
+                  "security-severity": "7.500000",
+                  "tags": [
+                    "external/cwe/cwe-926",
+                    "external/cwe/cwe-940",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "Unsafe parsing of XML file from [user input](1).\nUnsafe parsing of XML file from [user input](2)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "1c93f3ad0a8f54:1"
-          },
-          "properties": {
-            "github/alertNumber": 21,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/21"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/ContentTypeAssignment.java"
+              {
+                "id": "java/android/intent-uri-permission-manipulation",
+                "name": "java/android/intent-uri-permission-manipulation",
+                "short_description": {
+                  "text": "Intent URI permission manipulation"
                 },
-                "region": {
-                  "endColumn": 97,
-                  "endLine": 59,
-                  "startColumn": 67,
-                  "startLine": 59
+                "full_description": {
+                  "text": "Returning an externally provided Intent via 'setResult' may allow a malicious application to access arbitrary content providers of the vulnerable application."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Intent URI permission manipulation\nWhen an Android component expects a result from an Activity, `startActivityForResult` can be used. The started Activity can then use `setResult` to return the appropriate data to the calling component.\n\nIf an Activity obtains the incoming, user-provided Intent and directly returns it via `setResult` without any checks, the application may be unintentionally giving arbitrary access to its content providers, even if they are not exported, as long as they are configured with the attribute `android:grantUriPermissions=\"true\"`. This happens because the attacker adds the appropriate URI permission flags to the provided Intent, which take effect once the Intent is reflected back.\n\n\n## Recommendation\nAvoid returning user-provided or untrusted Intents via `setResult`. Use a new Intent instead.\n\nIf it is required to use the received Intent, make sure that it does not contain URI permission flags, either by checking them with `Intent.getFlags` or removing them with `Intent.removeFlags`.\n\n\n## Example\nThe following sample contains three examples. In the first example, a user-provided Intent is obtained and directly returned back with `setResult`, which is dangerous. In the second example, a new Intent is created to safely return the desired data. The third example shows how the obtained Intent can be sanitized by removing dangerous flags before using it to return data to the calling component.\n\n\n```java\npublic class IntentUriPermissionManipulation extends Activity {\n\n    // BAD: the user-provided Intent is returned as-is\n    public void dangerous() {\n        Intent intent = getIntent();\n        intent.putExtra(\"result\", \"resultData\");\n        setResult(intent);\n    }\n\n    // GOOD: a new Intent is created and returned\n    public void safe() {\n        Intent intent = new Intent();\n        intent.putExtra(\"result\", \"resultData\");\n        setResult(intent);\n    }\n\n    // GOOD: the user-provided Intent is sanitized before being returned\n    public void sanitized() {\n        Intent intent = getIntent();\n        intent.putExtra(\"result\", \"resultData\");\n        intent.removeFlags(\n                Intent.FLAG_GRANT_WRITE_URI_PERMISSION | Intent.FLAG_GRANT_READ_URI_PERMISSION);\n        setResult(intent);\n    }\n}\n\n```\n\n## References\n* Google Help: [Remediation for Intent Redirection Vulnerability](https://support.google.com/faqs/answer/9267555?hl=en).\n* Common Weakness Enumeration: [CWE-266](https://cwe.mitre.org/data/definitions/266.html).\n* Common Weakness Enumeration: [CWE-926](https://cwe.mitre.org/data/definitions/926.html).\n",
+                  "markdown": "# Intent URI permission manipulation\nWhen an Android component expects a result from an Activity, `startActivityForResult` can be used. The started Activity can then use `setResult` to return the appropriate data to the calling component.\n\nIf an Activity obtains the incoming, user-provided Intent and directly returns it via `setResult` without any checks, the application may be unintentionally giving arbitrary access to its content providers, even if they are not exported, as long as they are configured with the attribute `android:grantUriPermissions=\"true\"`. This happens because the attacker adds the appropriate URI permission flags to the provided Intent, which take effect once the Intent is reflected back.\n\n\n## Recommendation\nAvoid returning user-provided or untrusted Intents via `setResult`. Use a new Intent instead.\n\nIf it is required to use the received Intent, make sure that it does not contain URI permission flags, either by checking them with `Intent.getFlags` or removing them with `Intent.removeFlags`.\n\n\n## Example\nThe following sample contains three examples. In the first example, a user-provided Intent is obtained and directly returned back with `setResult`, which is dangerous. In the second example, a new Intent is created to safely return the desired data. The third example shows how the obtained Intent can be sanitized by removing dangerous flags before using it to return data to the calling component.\n\n\n```java\npublic class IntentUriPermissionManipulation extends Activity {\n\n    // BAD: the user-provided Intent is returned as-is\n    public void dangerous() {\n        Intent intent = getIntent();\n        intent.putExtra(\"result\", \"resultData\");\n        setResult(intent);\n    }\n\n    // GOOD: a new Intent is created and returned\n    public void safe() {\n        Intent intent = new Intent();\n        intent.putExtra(\"result\", \"resultData\");\n        setResult(intent);\n    }\n\n    // GOOD: the user-provided Intent is sanitized before being returned\n    public void sanitized() {\n        Intent intent = getIntent();\n        intent.putExtra(\"result\", \"resultData\");\n        intent.removeFlags(\n                Intent.FLAG_GRANT_WRITE_URI_PERMISSION | Intent.FLAG_GRANT_READ_URI_PERMISSION);\n        setResult(intent);\n    }\n}\n\n```\n\n## References\n* Google Help: [Remediation for Intent Redirection Vulnerability](https://support.google.com/faqs/answer/9267555?hl=en).\n* Common Weakness Enumeration: [CWE-266](https://cwe.mitre.org/data/definitions/266.html).\n* Common Weakness Enumeration: [CWE-926](https://cwe.mitre.org/data/definitions/926.html).\n"
+                },
+                "properties": {
+                  "security-severity": "7.800000",
+                  "tags": [
+                    "external/cwe/cwe-266",
+                    "external/cwe/cwe-926",
+                    "security"
+                  ]
                 }
-              }
-            },
-            {
-              "id": 2,
-              "message": {
-                "text": "user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java"
+              {
+                "id": "java/cleartext-storage-in-cookie",
+                "name": "java/cleartext-storage-in-cookie",
+                "short_description": {
+                  "text": "Cleartext storage of sensitive information in cookie"
                 },
-                "region": {
-                  "endColumn": 100,
-                  "endLine": 69,
-                  "startColumn": 70,
-                  "startLine": 69
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 43
-          }
-        },
-        {
-          "codeFlows": [
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "payload : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 5,
-                            "uri": "webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java"
-                          },
-                          "region": {
-                            "endColumn": 56,
-                            "endLine": 41,
-                            "startColumn": 28,
-                            "startLine": 41
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "payload"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 5,
-                            "uri": "webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java"
-                          },
-                          "region": {
-                            "endColumn": 56,
-                            "endLine": 52,
-                            "startColumn": 49,
-                            "startLine": 52
-                          }
-                        }
-                      }
-                    }
+                "full_description": {
+                  "text": "Storing sensitive information in cleartext can expose it to an attacker."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Cleartext storage of sensitive information in cookie\nSensitive information that is stored unencrypted is accessible to an attacker who gains access to the storage.\n\n\n## Recommendation\nEnsure that sensitive information is always encrypted before being stored. It may be wise to encrypt information before it is put into a heap data structure (such as `Java.util.Properties`) that may be written to disk later. Objects that are serializable or marshallable should also always contain encrypted information unless you are certain that they are not ever going to be serialized.\n\nIn general, decrypt sensitive information only at the point where it is necessary for it to be used in cleartext.\n\n\n## Example\nThe following example shows two ways of storing user credentials in a cookie. In the 'BAD' case, the credentials are simply stored in cleartext. In the 'GOOD' case, the credentials are hashed before storing them.\n\n\n```java\npublic static void main(String[] args) {\n\t{\n\t\tString data;\n\t\tPasswordAuthentication credentials =\n\t\t\t\tnew PasswordAuthentication(\"user\", \"BP@ssw0rd\".toCharArray());\n\t\tdata = credentials.getUserName() + \":\" + new String(credentials.getPassword());\n\t\n\t\t// BAD: store data in a cookie in cleartext form\n\t\tresponse.addCookie(new Cookie(\"auth\", data));\n\t}\n\t\n\t{\n\t\tString data;\n\t\tPasswordAuthentication credentials =\n\t\t\t\tnew PasswordAuthentication(\"user\", \"GP@ssw0rd\".toCharArray());\n\t\tString salt = \"ThisIsMySalt\";\n\t\tMessageDigest messageDigest = MessageDigest.getInstance(\"SHA-512\");\n\t\tmessageDigest.reset();\n\t\tString credentialsToHash =\n\t\t\t\tcredentials.getUserName() + \":\" + credentials.getPassword();\n\t\tbyte[] hashedCredsAsBytes =\n\t\t\t\tmessageDigest.digest((salt+credentialsToHash).getBytes(\"UTF-8\"));\n\t\tdata = bytesToString(hashedCredsAsBytes);\n\t\t\n\t\t// GOOD: store data in a cookie in encrypted form\n\t\tresponse.addCookie(new Cookie(\"auth\", data));\n\t}\n}\n\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SER03-J. Do not serialize unencrypted, sensitive data](https://wiki.sei.cmu.edu/confluence/display/java/SER03-J.+Do+not+serialize+unencrypted+sensitive+data).\n* M. Dowd, J. McDonald and J. Schuhm, *The Art of Software Security Assessment*, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.\n* M. Howard and D. LeBlanc, *Writing Secure Code*, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.\n* Common Weakness Enumeration: [CWE-315](https://cwe.mitre.org/data/definitions/315.html).\n",
+                  "markdown": "# Cleartext storage of sensitive information in cookie\nSensitive information that is stored unencrypted is accessible to an attacker who gains access to the storage.\n\n\n## Recommendation\nEnsure that sensitive information is always encrypted before being stored. It may be wise to encrypt information before it is put into a heap data structure (such as `Java.util.Properties`) that may be written to disk later. Objects that are serializable or marshallable should also always contain encrypted information unless you are certain that they are not ever going to be serialized.\n\nIn general, decrypt sensitive information only at the point where it is necessary for it to be used in cleartext.\n\n\n## Example\nThe following example shows two ways of storing user credentials in a cookie. In the 'BAD' case, the credentials are simply stored in cleartext. In the 'GOOD' case, the credentials are hashed before storing them.\n\n\n```java\npublic static void main(String[] args) {\n\t{\n\t\tString data;\n\t\tPasswordAuthentication credentials =\n\t\t\t\tnew PasswordAuthentication(\"user\", \"BP@ssw0rd\".toCharArray());\n\t\tdata = credentials.getUserName() + \":\" + new String(credentials.getPassword());\n\t\n\t\t// BAD: store data in a cookie in cleartext form\n\t\tresponse.addCookie(new Cookie(\"auth\", data));\n\t}\n\t\n\t{\n\t\tString data;\n\t\tPasswordAuthentication credentials =\n\t\t\t\tnew PasswordAuthentication(\"user\", \"GP@ssw0rd\".toCharArray());\n\t\tString salt = \"ThisIsMySalt\";\n\t\tMessageDigest messageDigest = MessageDigest.getInstance(\"SHA-512\");\n\t\tmessageDigest.reset();\n\t\tString credentialsToHash =\n\t\t\t\tcredentials.getUserName() + \":\" + credentials.getPassword();\n\t\tbyte[] hashedCredsAsBytes =\n\t\t\t\tmessageDigest.digest((salt+credentialsToHash).getBytes(\"UTF-8\"));\n\t\tdata = bytesToString(hashedCredsAsBytes);\n\t\t\n\t\t// GOOD: store data in a cookie in encrypted form\n\t\tresponse.addCookie(new Cookie(\"auth\", data));\n\t}\n}\n\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SER03-J. Do not serialize unencrypted, sensitive data](https://wiki.sei.cmu.edu/confluence/display/java/SER03-J.+Do+not+serialize+unencrypted+sensitive+data).\n* M. Dowd, J. McDonald and J. Schuhm, *The Art of Software Security Assessment*, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.\n* M. Howard and D. LeBlanc, *Writing Secure Code*, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.\n* Common Weakness Enumeration: [CWE-315](https://cwe.mitre.org/data/definitions/315.html).\n"
+                },
+                "properties": {
+                  "security-severity": "5.000000",
+                  "tags": [
+                    "external/cwe/cwe-315",
+                    "security"
                   ]
                 }
-              ]
-            }
-          ],
-          "correlationGuid": "dc7a7a3c-5c30-41e9-b2bb-19b9da3fbd4e",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 5,
-                  "uri": "webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java"
+              },
+              {
+                "id": "java/command-line-injection",
+                "name": "java/command-line-injection",
+                "short_description": {
+                  "text": "Uncontrolled command line"
                 },
-                "region": {
-                  "endColumn": 57,
-                  "endLine": 52,
-                  "startColumn": 33,
-                  "startLine": 52
+                "full_description": {
+                  "text": "Using externally controlled strings in a command line is vulnerable to malicious changes in the strings."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Uncontrolled command line\nCode that passes user input directly to `Runtime.exec`, or some other library routine that executes a command, allows the user to execute malicious code.\n\n\n## Recommendation\nIf possible, use hard-coded string literals to specify the command to run or library to load. Instead of passing the user input directly to the process or library function, examine the user input and then choose among hard-coded string literals.\n\nIf the applicable libraries or commands cannot be determined at compile time, then add code to verify that the user input string is safe before using it.\n\n\n## Example\nThe following example shows code that takes a shell script that can be changed maliciously by a user, and passes it straight to `Runtime.exec` without examining it first.\n\n\n```java\nclass Test {\n    public static void main(String[] args) {\n        String script = System.getenv(\"SCRIPTNAME\");\n        if (script != null) {\n            // BAD: The script to be executed is controlled by the user.\n            Runtime.getRuntime().exec(script);\n        }\n    }\n}\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* SEI CERT Oracle Coding Standard for Java: [IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method](https://wiki.sei.cmu.edu/confluence/display/java/IDS07-J.+Sanitize+untrusted+data+passed+to+the+Runtime.exec()+method).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n",
+                  "markdown": "# Uncontrolled command line\nCode that passes user input directly to `Runtime.exec`, or some other library routine that executes a command, allows the user to execute malicious code.\n\n\n## Recommendation\nIf possible, use hard-coded string literals to specify the command to run or library to load. Instead of passing the user input directly to the process or library function, examine the user input and then choose among hard-coded string literals.\n\nIf the applicable libraries or commands cannot be determined at compile time, then add code to verify that the user input string is safe before using it.\n\n\n## Example\nThe following example shows code that takes a shell script that can be changed maliciously by a user, and passes it straight to `Runtime.exec` without examining it first.\n\n\n```java\nclass Test {\n    public static void main(String[] args) {\n        String script = System.getenv(\"SCRIPTNAME\");\n        if (script != null) {\n            // BAD: The script to be executed is controlled by the user.\n            Runtime.getRuntime().exec(script);\n        }\n    }\n}\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* SEI CERT Oracle Coding Standard for Java: [IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method](https://wiki.sei.cmu.edu/confluence/display/java/IDS07-J.+Sanitize+untrusted+data+passed+to+the+Runtime.exec()+method).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.800000",
+                  "tags": [
+                    "external/cwe/cwe-078",
+                    "external/cwe/cwe-088",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "java/concatenated-command-line",
+                "name": "java/concatenated-command-line",
+                "short_description": {
+                  "text": "Building a command line with string concatenation"
+                },
+                "full_description": {
+                  "text": "Using concatenated strings in a command line is vulnerable to malicious insertion of special characters in the strings."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Building a command line with string concatenation\nCode that builds a command line by concatenating strings that have been entered by a user allows the user to execute malicious code.\n\n\n## Recommendation\nExecute external commands using an array of strings rather than a single string. By using an array, many possible vulnerabilities in the formatting of the string are avoided.\n\n\n## Example\nIn the following example, `latlonCoords` contains a string that has been entered by a user but not validated by the program. This allows the user to, for example, append an ampersand (&amp;) followed by the command for a malicious program to the end of the string. The ampersand instructs Windows to execute another program. In the block marked 'BAD', `latlonCoords` is passed to `exec` as part of a concatenated string, which allows more than one command to be executed. However, in the block marked 'GOOD', `latlonCoords` is passed as part of an array, which means that `exec` treats it only as an argument.\n\n\n```java\nclass Test {\n    public static void main(String[] args) {\n        // BAD: user input might include special characters such as ampersands\n        {\n            String latlonCoords = args[1];\n            Runtime rt = Runtime.getRuntime();\n            Process exec = rt.exec(\"cmd.exe /C latlon2utm.exe \" + latlonCoords);\n        }\n\n        // GOOD: use an array of arguments instead of executing a string\n        {\n            String latlonCoords = args[1];\n            Runtime rt = Runtime.getRuntime();\n            Process exec = rt.exec(new String[] {\n                    \"c:\\\\path\\to\\latlon2utm.exe\",\n                    latlonCoords });\n        }\n    }\n}\n\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* SEI CERT Oracle Coding Standard for Java: [IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method](https://wiki.sei.cmu.edu/confluence/display/java/IDS07-J.+Sanitize+untrusted+data+passed+to+the+Runtime.exec()+method).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n",
+                  "markdown": "# Building a command line with string concatenation\nCode that builds a command line by concatenating strings that have been entered by a user allows the user to execute malicious code.\n\n\n## Recommendation\nExecute external commands using an array of strings rather than a single string. By using an array, many possible vulnerabilities in the formatting of the string are avoided.\n\n\n## Example\nIn the following example, `latlonCoords` contains a string that has been entered by a user but not validated by the program. This allows the user to, for example, append an ampersand (&amp;) followed by the command for a malicious program to the end of the string. The ampersand instructs Windows to execute another program. In the block marked 'BAD', `latlonCoords` is passed to `exec` as part of a concatenated string, which allows more than one command to be executed. However, in the block marked 'GOOD', `latlonCoords` is passed as part of an array, which means that `exec` treats it only as an argument.\n\n\n```java\nclass Test {\n    public static void main(String[] args) {\n        // BAD: user input might include special characters such as ampersands\n        {\n            String latlonCoords = args[1];\n            Runtime rt = Runtime.getRuntime();\n            Process exec = rt.exec(\"cmd.exe /C latlon2utm.exe \" + latlonCoords);\n        }\n\n        // GOOD: use an array of arguments instead of executing a string\n        {\n            String latlonCoords = args[1];\n            Runtime rt = Runtime.getRuntime();\n            Process exec = rt.exec(new String[] {\n                    \"c:\\\\path\\to\\latlon2utm.exe\",\n                    latlonCoords });\n        }\n    }\n}\n\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* SEI CERT Oracle Coding Standard for Java: [IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method](https://wiki.sei.cmu.edu/confluence/display/java/IDS07-J.+Sanitize+untrusted+data+passed+to+the+Runtime.exec()+method).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.800000",
+                  "tags": [
+                    "external/cwe/cwe-078",
+                    "external/cwe/cwe-088",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "Unsafe deserialization of [user input](1)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "350c8895428d29a7:1"
-          },
-          "properties": {
-            "github/alertNumber": 20,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/20"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java"
+              {
+                "id": "java/groovy-injection",
+                "name": "java/groovy-injection",
+                "short_description": {
+                  "text": "Groovy Language injection"
                 },
-                "region": {
-                  "endColumn": 56,
-                  "endLine": 41,
-                  "startColumn": 28,
-                  "startLine": 41
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 35
-          }
-        },
-        {
-          "correlationGuid": "4f30d956-166d-4303-b83c-70617b7f455a",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 1,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java"
+                "full_description": {
+                  "text": "Evaluation of a user-controlled Groovy script may lead to arbitrary code execution."
                 },
-                "region": {
-                  "endColumn": 68,
-                  "endLine": 170,
-                  "startColumn": 27,
-                  "startLine": 170
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Groovy Language injection\nApache Groovy is a powerful, optionally typed and dynamic language, with static-typing and static compilation capabilities. It integrates smoothly with any Java program, and immediately delivers to your application powerful features, including scripting capabilities, Domain-Specific Language authoring, runtime and compile-time meta-programming and functional programming. If a Groovy script is built using attacker-controlled data, and then evaluated, then it may allow the attacker to achieve RCE.\n\n\n## Recommendation\nIt is generally recommended to avoid using untrusted input in a Groovy evaluation. If this is not possible, use a sandbox solution. Developers must also take care that Groovy compile-time metaprogramming can also lead to RCE: it is possible to achieve RCE by compiling a Groovy script (see the article \"Abusing Meta Programming for Unauthenticated RCE!\" linked below). Groovy's `SecureASTCustomizer` allows securing source code by controlling what code constructs are permitted. This is typically done when using Groovy for its scripting or domain specific language (DSL) features. The fundamental problem is that Groovy is a dynamic language, yet `SecureASTCustomizer` works by looking at Groovy AST statically. This makes it very easy for an attacker to bypass many of the intended checks (see \\[Groovy SecureASTCustomizer is harmful\\](https://kohsuke.org/2012/04/27/groovy-secureastcustomizer-is-harmful/)). Therefore, besides `SecureASTCustomizer`, runtime checks are also necessary before calling Groovy methods (see \\[Improved sandboxing of Groovy scripts\\](https://melix.github.io/blog/2015/03/sandboxing.html)). It is also possible to use a block-list method, excluding unwanted classes from being loaded by the JVM. This method is not always recommended, because block-lists can be bypassed by unexpected values.\n\n\n## Example\nThe following example uses untrusted data to evaluate a Groovy script.\n\n\n```java\npublic class GroovyInjection {\n    void injectionViaClassLoader(HttpServletRequest request) {    \n        String script = request.getParameter(\"script\");\n        final GroovyClassLoader classLoader = new GroovyClassLoader();\n        Class groovy = classLoader.parseClass(script);\n        GroovyObject groovyObj = (GroovyObject) groovy.newInstance();\n    }\n\n    void injectionViaEval(HttpServletRequest request) {\n        String script = request.getParameter(\"script\");\n        Eval.me(script);\n    }\n\n    void injectionViaGroovyShell(HttpServletRequest request) {\n        GroovyShell shell = new GroovyShell();\n        String script = request.getParameter(\"script\");\n        shell.evaluate(script);\n    }\n\n    void injectionViaGroovyShellGroovyCodeSource(HttpServletRequest request) {\n        GroovyShell shell = new GroovyShell();\n        String script = request.getParameter(\"script\");\n        GroovyCodeSource gcs = new GroovyCodeSource(script, \"test\", \"Test\");\n        shell.evaluate(gcs);\n    }\n}\n\n\n```\nThe following example uses classloader block-list approach to exclude loading dangerous classes.\n\n\n```java\npublic class SandboxGroovyClassLoader extends ClassLoader {\n    public SandboxGroovyClassLoader(ClassLoader parent) {\n        super(parent);\n    }\n\n    /* override `loadClass` here to prevent loading sensitive classes, such as `java.lang.Runtime`, `java.lang.ProcessBuilder`, `java.lang.System`, etc.  */\n    /* Note we must also block `groovy.transform.ASTTest`, `groovy.lang.GrabConfig` and `org.buildobjects.process.ProcBuilder` to prevent compile-time RCE. */\n\n    static void runWithSandboxGroovyClassLoader() throws Exception {\n        // GOOD: route all class-loading via sand-boxing classloader.\n        SandboxGroovyClassLoader classLoader = new GroovyClassLoader(new SandboxGroovyClassLoader());\n        \n        Class<?> scriptClass = classLoader.parseClass(untrusted.getQueryString());\n        Object scriptInstance = scriptClass.newInstance();\n        Object result = scriptClass.getDeclaredMethod(\"bar\", new Class[]{}).invoke(scriptInstance, new Object[]{});\n    }\n}\n```\n\n## References\n* Orange Tsai: [Abusing Meta Programming for Unauthenticated RCE!](https://blog.orange.tw/2019/02/abusing-meta-programming-for-unauthenticated-rce.html).\n* Cédric Champeau: [Improved sandboxing of Groovy scripts](https://melix.github.io/blog/2015/03/sandboxing.html).\n* Kohsuke Kawaguchi: [Groovy SecureASTCustomizer is harmful](https://kohsuke.org/2012/04/27/groovy-secureastcustomizer-is-harmful/).\n* Welk1n: [Groovy Injection payloads](https://github.com/welk1n/exploiting-groovy-in-Java/).\n* Charles Chan: [Secure Groovy Script Execution in a Sandbox](https://levelup.gitconnected.com/secure-groovy-script-execution-in-a-sandbox-ea39f80ee87/).\n* Eugene: [Scripting and sandboxing in a JVM environment](https://stringconcat.com/en/scripting-and-sandboxing/).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n",
+                  "markdown": "# Groovy Language injection\nApache Groovy is a powerful, optionally typed and dynamic language, with static-typing and static compilation capabilities. It integrates smoothly with any Java program, and immediately delivers to your application powerful features, including scripting capabilities, Domain-Specific Language authoring, runtime and compile-time meta-programming and functional programming. If a Groovy script is built using attacker-controlled data, and then evaluated, then it may allow the attacker to achieve RCE.\n\n\n## Recommendation\nIt is generally recommended to avoid using untrusted input in a Groovy evaluation. If this is not possible, use a sandbox solution. Developers must also take care that Groovy compile-time metaprogramming can also lead to RCE: it is possible to achieve RCE by compiling a Groovy script (see the article \"Abusing Meta Programming for Unauthenticated RCE!\" linked below). Groovy's `SecureASTCustomizer` allows securing source code by controlling what code constructs are permitted. This is typically done when using Groovy for its scripting or domain specific language (DSL) features. The fundamental problem is that Groovy is a dynamic language, yet `SecureASTCustomizer` works by looking at Groovy AST statically. This makes it very easy for an attacker to bypass many of the intended checks (see \\[Groovy SecureASTCustomizer is harmful\\](https://kohsuke.org/2012/04/27/groovy-secureastcustomizer-is-harmful/)). Therefore, besides `SecureASTCustomizer`, runtime checks are also necessary before calling Groovy methods (see \\[Improved sandboxing of Groovy scripts\\](https://melix.github.io/blog/2015/03/sandboxing.html)). It is also possible to use a block-list method, excluding unwanted classes from being loaded by the JVM. This method is not always recommended, because block-lists can be bypassed by unexpected values.\n\n\n## Example\nThe following example uses untrusted data to evaluate a Groovy script.\n\n\n```java\npublic class GroovyInjection {\n    void injectionViaClassLoader(HttpServletRequest request) {    \n        String script = request.getParameter(\"script\");\n        final GroovyClassLoader classLoader = new GroovyClassLoader();\n        Class groovy = classLoader.parseClass(script);\n        GroovyObject groovyObj = (GroovyObject) groovy.newInstance();\n    }\n\n    void injectionViaEval(HttpServletRequest request) {\n        String script = request.getParameter(\"script\");\n        Eval.me(script);\n    }\n\n    void injectionViaGroovyShell(HttpServletRequest request) {\n        GroovyShell shell = new GroovyShell();\n        String script = request.getParameter(\"script\");\n        shell.evaluate(script);\n    }\n\n    void injectionViaGroovyShellGroovyCodeSource(HttpServletRequest request) {\n        GroovyShell shell = new GroovyShell();\n        String script = request.getParameter(\"script\");\n        GroovyCodeSource gcs = new GroovyCodeSource(script, \"test\", \"Test\");\n        shell.evaluate(gcs);\n    }\n}\n\n\n```\nThe following example uses classloader block-list approach to exclude loading dangerous classes.\n\n\n```java\npublic class SandboxGroovyClassLoader extends ClassLoader {\n    public SandboxGroovyClassLoader(ClassLoader parent) {\n        super(parent);\n    }\n\n    /* override `loadClass` here to prevent loading sensitive classes, such as `java.lang.Runtime`, `java.lang.ProcessBuilder`, `java.lang.System`, etc.  */\n    /* Note we must also block `groovy.transform.ASTTest`, `groovy.lang.GrabConfig` and `org.buildobjects.process.ProcBuilder` to prevent compile-time RCE. */\n\n    static void runWithSandboxGroovyClassLoader() throws Exception {\n        // GOOD: route all class-loading via sand-boxing classloader.\n        SandboxGroovyClassLoader classLoader = new GroovyClassLoader(new SandboxGroovyClassLoader());\n        \n        Class<?> scriptClass = classLoader.parseClass(untrusted.getQueryString());\n        Object scriptInstance = scriptClass.newInstance();\n        Object result = scriptClass.getDeclaredMethod(\"bar\", new Class[]{}).invoke(scriptInstance, new Object[]{});\n    }\n}\n```\n\n## References\n* Orange Tsai: [Abusing Meta Programming for Unauthenticated RCE!](https://blog.orange.tw/2019/02/abusing-meta-programming-for-unauthenticated-rce.html).\n* Cédric Champeau: [Improved sandboxing of Groovy scripts](https://melix.github.io/blog/2015/03/sandboxing.html).\n* Kohsuke Kawaguchi: [Groovy SecureASTCustomizer is harmful](https://kohsuke.org/2012/04/27/groovy-secureastcustomizer-is-harmful/).\n* Welk1n: [Groovy Injection payloads](https://github.com/welk1n/exploiting-groovy-in-Java/).\n* Charles Chan: [Secure Groovy Script Execution in a Sandbox](https://levelup.gitconnected.com/secure-groovy-script-execution-in-a-sandbox-ea39f80ee87/).\n* Eugene: [Scripting and sandboxing in a JVM environment](https://stringconcat.com/en/scripting-and-sandboxing/).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n"
+                },
+                "properties": {
+                  "tags": [
+                    "external/cwe/cwe-094",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "A signing key is set [here](1), but the signature is not verified."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "55fa3c43091de850:3"
-          },
-          "properties": {
-            "github/alertNumber": 19,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/19"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "here"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java"
+              {
+                "id": "java/http-response-splitting",
+                "name": "java/http-response-splitting",
+                "short_description": {
+                  "text": "HTTP response splitting"
                 },
-                "region": {
-                  "endColumn": 68,
-                  "endLine": 170,
-                  "startColumn": 27,
-                  "startLine": 170
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 20
-          }
-        },
-        {
-          "correlationGuid": "5d9c2e2d-9b33-4387-a9f9-db4ab5fdb0ff",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 1,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java"
+                "full_description": {
+                  "text": "Writing user input directly to an HTTP header makes code vulnerable to attack by header splitting."
                 },
-                "region": {
-                  "endColumn": 68,
-                  "endLine": 148,
-                  "startColumn": 27,
-                  "startLine": 148
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# HTTP response splitting\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability. If the user input includes blank lines in it, and if the servlet container does not itself escape the blank lines, then a remote user can cause the response to turn into two separate responses, one of which is controlled by the remote user.\n\n\n## Recommendation\nGuard against HTTP header splitting in the same way as guarding against cross-site scripting. Before passing any data into HTTP headers, either check the data for special characters, or escape any special characters that are present.\n\n\n## Example\nThe following example shows the 'name' parameter being written to a cookie in two different ways. The first way writes it directly to the cookie, and thus is vulnerable to response-splitting attacks. The second way first removes all special characters, thus avoiding the potential problem.\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: setting a cookie with an unvalidated parameter\n\t\tCookie cookie = new Cookie(\"name\", request.getParameter(\"name\"));\n\t\tresponse.addCookie(cookie);\n\n\t\t// GOOD: remove special characters before putting them in the header\n\t\tString name = removeSpecial(request.getParameter(\"name\"));\n\t\tCookie cookie2 = new Cookie(\"name\", name);\n\t\tresponse.addCookie(cookie2);\n\t}\n\n\tprivate static String removeSpecial(String str) {\n\t\treturn str.replaceAll(\"[^a-zA-Z ]\", \"\");\n\t}\n}\n\n```\n\n## Example\nThe following example shows the use of the library 'netty' with HTTP response-splitting verification configurations. The second way will verify the parameters before using them to build the HTTP response.\n\n\n```java\nimport io.netty.handler.codec.http.DefaultHttpHeaders;\n\npublic class ResponseSplitting {\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpHeaders badHeaders = new DefaultHttpHeaders(false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpHeaders goodHeaders = new DefaultHttpHeaders();\n\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpResponse badResponse = new DefaultHttpResponse(version, httpResponseStatus, false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpResponse goodResponse = new DefaultHttpResponse(version, httpResponseStatus);\n}\n\n```\n\n## References\n* InfosecWriters: [HTTP response splitting](http://www.infosecwriters.com/Papers/DCrab_HTTP_Response.pdf).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n",
+                  "markdown": "# HTTP response splitting\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability. If the user input includes blank lines in it, and if the servlet container does not itself escape the blank lines, then a remote user can cause the response to turn into two separate responses, one of which is controlled by the remote user.\n\n\n## Recommendation\nGuard against HTTP header splitting in the same way as guarding against cross-site scripting. Before passing any data into HTTP headers, either check the data for special characters, or escape any special characters that are present.\n\n\n## Example\nThe following example shows the 'name' parameter being written to a cookie in two different ways. The first way writes it directly to the cookie, and thus is vulnerable to response-splitting attacks. The second way first removes all special characters, thus avoiding the potential problem.\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: setting a cookie with an unvalidated parameter\n\t\tCookie cookie = new Cookie(\"name\", request.getParameter(\"name\"));\n\t\tresponse.addCookie(cookie);\n\n\t\t// GOOD: remove special characters before putting them in the header\n\t\tString name = removeSpecial(request.getParameter(\"name\"));\n\t\tCookie cookie2 = new Cookie(\"name\", name);\n\t\tresponse.addCookie(cookie2);\n\t}\n\n\tprivate static String removeSpecial(String str) {\n\t\treturn str.replaceAll(\"[^a-zA-Z ]\", \"\");\n\t}\n}\n\n```\n\n## Example\nThe following example shows the use of the library 'netty' with HTTP response-splitting verification configurations. The second way will verify the parameters before using them to build the HTTP response.\n\n\n```java\nimport io.netty.handler.codec.http.DefaultHttpHeaders;\n\npublic class ResponseSplitting {\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpHeaders badHeaders = new DefaultHttpHeaders(false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpHeaders goodHeaders = new DefaultHttpHeaders();\n\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpResponse badResponse = new DefaultHttpResponse(version, httpResponseStatus, false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpResponse goodResponse = new DefaultHttpResponse(version, httpResponseStatus);\n}\n\n```\n\n## References\n* InfosecWriters: [HTTP response splitting](http://www.infosecwriters.com/Papers/DCrab_HTTP_Response.pdf).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n"
+                },
+                "properties": {
+                  "security-severity": "6.100000",
+                  "tags": [
+                    "external/cwe/cwe-113",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "A signing key is set [here](1), but the signature is not verified."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "55fa3c43091de850:2"
-          },
-          "properties": {
-            "github/alertNumber": 18,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/18"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "here"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java"
+              {
+                "id": "java/implicit-cast-in-compound-assignment",
+                "name": "java/implicit-cast-in-compound-assignment",
+                "short_description": {
+                  "text": "Implicit narrowing conversion in compound assignment"
                 },
-                "region": {
-                  "endColumn": 68,
-                  "endLine": 148,
-                  "startColumn": 27,
-                  "startLine": 148
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 20
-          }
-        },
-        {
-          "correlationGuid": "0c1df2c8-5989-4ccd-b0e5-cce7fe2f1a0c",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 1,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java"
+                "full_description": {
+                  "text": "Compound assignment statements (for example 'intvar += longvar') that implicitly cast a value of a wider type to a narrower type may result in information loss and numeric errors such as overflows."
                 },
-                "region": {
-                  "endColumn": 68,
-                  "endLine": 125,
-                  "startColumn": 27,
-                  "startLine": 125
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Implicit narrowing conversion in compound assignment\nCompound assignment statements of the form `x += y` or `x *= y` perform an implicit narrowing conversion if the type of `x` is narrower than the type of `y`. For example, `x += y` is equivalent to `x = (T)(x + y)`, where `T` is the type of `x`. This can result in information loss and numeric errors such as overflows.\n\n\n## Recommendation\nEnsure that the type of the left-hand side of the compound assignment statement is at least as wide as the type of the right-hand side.\n\n\n## Example\nIf `x` is of type `short` and `y` is of type `int`, the expression `x + y` is of type `int`. However, the expression `x += y` is equivalent to `x = (short) (x + y)`. The expression `x + y` is cast to the type of the left-hand side of the assignment: `short`, possibly leading to information loss.\n\nTo avoid implicitly narrowing the type of `x + y`, change the type of `x` to `int`. Then the types of `x` and `x + y` are both `int` and there is no need for an implicit cast.\n\n\n## References\n* J. Bloch and N. Gafter, *Java Puzzlers: Traps, Pitfalls, and Corner Cases*, Puzzle 9. Addison-Wesley, 2005.\n* Java Language Specification: [Compound Assignment Operators](https://docs.oracle.com/javase/specs/jls/se11/html/jls-15.html#jls-15.26.2), [Narrowing Primitive Conversion](https://docs.oracle.com/javase/specs/jls/se11/html/jls-5.html#jls-5.1.3).\n* SEI CERT Oracle Coding Standard for Java: [NUM00-J. Detect or prevent integer overflow](https://wiki.sei.cmu.edu/confluence/display/java/NUM00-J.+Detect+or+prevent+integer+overflow).\n* Common Weakness Enumeration: [CWE-190](https://cwe.mitre.org/data/definitions/190.html).\n* Common Weakness Enumeration: [CWE-192](https://cwe.mitre.org/data/definitions/192.html).\n* Common Weakness Enumeration: [CWE-197](https://cwe.mitre.org/data/definitions/197.html).\n* Common Weakness Enumeration: [CWE-681](https://cwe.mitre.org/data/definitions/681.html).\n",
+                  "markdown": "# Implicit narrowing conversion in compound assignment\nCompound assignment statements of the form `x += y` or `x *= y` perform an implicit narrowing conversion if the type of `x` is narrower than the type of `y`. For example, `x += y` is equivalent to `x = (T)(x + y)`, where `T` is the type of `x`. This can result in information loss and numeric errors such as overflows.\n\n\n## Recommendation\nEnsure that the type of the left-hand side of the compound assignment statement is at least as wide as the type of the right-hand side.\n\n\n## Example\nIf `x` is of type `short` and `y` is of type `int`, the expression `x + y` is of type `int`. However, the expression `x += y` is equivalent to `x = (short) (x + y)`. The expression `x + y` is cast to the type of the left-hand side of the assignment: `short`, possibly leading to information loss.\n\nTo avoid implicitly narrowing the type of `x + y`, change the type of `x` to `int`. Then the types of `x` and `x + y` are both `int` and there is no need for an implicit cast.\n\n\n## References\n* J. Bloch and N. Gafter, *Java Puzzlers: Traps, Pitfalls, and Corner Cases*, Puzzle 9. Addison-Wesley, 2005.\n* Java Language Specification: [Compound Assignment Operators](https://docs.oracle.com/javase/specs/jls/se11/html/jls-15.html#jls-15.26.2), [Narrowing Primitive Conversion](https://docs.oracle.com/javase/specs/jls/se11/html/jls-5.html#jls-5.1.3).\n* SEI CERT Oracle Coding Standard for Java: [NUM00-J. Detect or prevent integer overflow](https://wiki.sei.cmu.edu/confluence/display/java/NUM00-J.+Detect+or+prevent+integer+overflow).\n* Common Weakness Enumeration: [CWE-190](https://cwe.mitre.org/data/definitions/190.html).\n* Common Weakness Enumeration: [CWE-192](https://cwe.mitre.org/data/definitions/192.html).\n* Common Weakness Enumeration: [CWE-197](https://cwe.mitre.org/data/definitions/197.html).\n* Common Weakness Enumeration: [CWE-681](https://cwe.mitre.org/data/definitions/681.html).\n"
+                },
+                "properties": {
+                  "security-severity": "8.100000",
+                  "tags": [
+                    "external/cwe/cwe-190",
+                    "external/cwe/cwe-192",
+                    "external/cwe/cwe-197",
+                    "external/cwe/cwe-681",
+                    "reliability",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "A signing key is set [here](1), but the signature is not verified."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "55fa3c43091de850:1"
-          },
-          "properties": {
-            "github/alertNumber": 17,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/17"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "here"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java"
+              {
+                "id": "java/insecure-bean-validation",
+                "name": "java/insecure-bean-validation",
+                "short_description": {
+                  "text": "Insecure Bean Validation"
                 },
-                "region": {
-                  "endColumn": 68,
-                  "endLine": 125,
-                  "startColumn": 27,
-                  "startLine": 125
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 20
-          }
-        },
-        {
-          "correlationGuid": "4b7b3fac-206d-459c-8e61-c348857dcd61",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 6,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java"
+                "full_description": {
+                  "text": "User-controlled data may be evaluated as a Java EL expression, leading to arbitrary code execution."
                 },
-                "region": {
-                  "endColumn": 80,
-                  "endLine": 129,
-                  "startColumn": 39,
-                  "startLine": 129
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Insecure Bean Validation\nCustom error messages for constraint validators support different types of interpolation, including [Java EL expressions](https://docs.jboss.org/hibernate/validator/5.1/reference/en-US/html/chapter-message-interpolation.html#section-interpolation-with-message-expressions). Controlling part of the message template being passed to `ConstraintValidatorContext.buildConstraintViolationWithTemplate()` argument can lead to arbitrary Java code execution. Unfortunately, it is common that validated (and therefore, normally untrusted) bean properties flow into the custom error message.\n\n\n## Recommendation\nThere are different approaches to remediate the issue:\n\n* Do not include validated bean properties in the custom error message.\n* Use parameterized messages instead of string concatenation. For example:\n```\nHibernateConstraintValidatorContext context =\n   constraintValidatorContext.unwrap(HibernateConstraintValidatorContext.class);\ncontext.addMessageParameter(\"foo\", \"bar\");\ncontext.buildConstraintViolationWithTemplate(\"My violation message contains a parameter {foo}\")\n   .addConstraintViolation();\n```\n* Sanitize the validated bean properties to make sure that there are no EL expressions. An example of valid sanitization logic can be found [here](https://github.com/hibernate/hibernate-validator/blob/master/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/util/InterpolationHelper.java#L17).\n* Disable the EL interpolation and only use `ParameterMessageInterpolator`:\n```\nValidator validator = Validation.byDefaultProvider()\n   .configure()\n   .messageInterpolator(new ParameterMessageInterpolator())\n   .buildValidatorFactory()\n   .getValidator();\n```\n* Replace Hibernate Validator with Apache BVal, which in its latest version does not interpolate EL expressions by default. Note that this replacement may not be a simple drop-in replacement.\n\n## Example\nThe following validator could result in arbitrary Java code execution:\n\n\n```java\nimport javax.validation.ConstraintValidator;\nimport javax.validation.ConstraintValidatorContext;\nimport org.hibernate.validator.constraintvalidation.HibernateConstraintValidatorContext;\nimport java.util.regex.Matcher;\nimport java.util.regex.Pattern;\n\npublic class TestValidator implements ConstraintValidator<Object, String> {\n\n    public static class InterpolationHelper {\n\n        public static final char BEGIN_TERM = '{';\n        public static final char END_TERM = '}';\n        public static final char EL_DESIGNATOR = '$';\n        public static final char ESCAPE_CHARACTER = '\\\\';\n\n        private static final Pattern ESCAPE_MESSAGE_PARAMETER_PATTERN = Pattern.compile( \"([\\\\\" + ESCAPE_CHARACTER + BEGIN_TERM + END_TERM + EL_DESIGNATOR + \"])\" );\n\n        private InterpolationHelper() {\n        }\n\n        public static String escapeMessageParameter(String messageParameter) {\n            if ( messageParameter == null ) {\n                return null;\n            }\n            return ESCAPE_MESSAGE_PARAMETER_PATTERN.matcher( messageParameter ).replaceAll( Matcher.quoteReplacement( String.valueOf( ESCAPE_CHARACTER ) ) + \"$1\" );\n        }\n\n    }\n\n    @Override\n    public boolean isValid(String object, ConstraintValidatorContext constraintContext) {\n        String value = object + \" is invalid\";\n\n        // Bad: Bean properties (normally user-controlled) are passed directly to `buildConstraintViolationWithTemplate`\n        constraintContext.buildConstraintViolationWithTemplate(value).addConstraintViolation().disableDefaultConstraintViolation();\n\n        // Good: Bean properties (normally user-controlled) are escaped \n        String escaped = InterpolationHelper.escapeMessageParameter(value);\n        constraintContext.buildConstraintViolationWithTemplate(escaped).addConstraintViolation().disableDefaultConstraintViolation();\n\n        // Good: Bean properties (normally user-controlled) are parameterized\n        HibernateConstraintValidatorContext context = constraintContext.unwrap( HibernateConstraintValidatorContext.class );\n        context.addMessageParameter( \"prop\", object );\n        context.buildConstraintViolationWithTemplate( \"{prop} is invalid\").addConstraintViolation();\n        return false;\n    }\n\n}\n\n```\n\n## References\n* Hibernate Reference Guide: [ConstraintValidatorContext](https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code).\n* GitHub Security Lab research: [Bean validation](https://securitylab.github.com/research/bean-validation-RCE).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n",
+                  "markdown": "# Insecure Bean Validation\nCustom error messages for constraint validators support different types of interpolation, including [Java EL expressions](https://docs.jboss.org/hibernate/validator/5.1/reference/en-US/html/chapter-message-interpolation.html#section-interpolation-with-message-expressions). Controlling part of the message template being passed to `ConstraintValidatorContext.buildConstraintViolationWithTemplate()` argument can lead to arbitrary Java code execution. Unfortunately, it is common that validated (and therefore, normally untrusted) bean properties flow into the custom error message.\n\n\n## Recommendation\nThere are different approaches to remediate the issue:\n\n* Do not include validated bean properties in the custom error message.\n* Use parameterized messages instead of string concatenation. For example:\n```\nHibernateConstraintValidatorContext context =\n   constraintValidatorContext.unwrap(HibernateConstraintValidatorContext.class);\ncontext.addMessageParameter(\"foo\", \"bar\");\ncontext.buildConstraintViolationWithTemplate(\"My violation message contains a parameter {foo}\")\n   .addConstraintViolation();\n```\n* Sanitize the validated bean properties to make sure that there are no EL expressions. An example of valid sanitization logic can be found [here](https://github.com/hibernate/hibernate-validator/blob/master/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/util/InterpolationHelper.java#L17).\n* Disable the EL interpolation and only use `ParameterMessageInterpolator`:\n```\nValidator validator = Validation.byDefaultProvider()\n   .configure()\n   .messageInterpolator(new ParameterMessageInterpolator())\n   .buildValidatorFactory()\n   .getValidator();\n```\n* Replace Hibernate Validator with Apache BVal, which in its latest version does not interpolate EL expressions by default. Note that this replacement may not be a simple drop-in replacement.\n\n## Example\nThe following validator could result in arbitrary Java code execution:\n\n\n```java\nimport javax.validation.ConstraintValidator;\nimport javax.validation.ConstraintValidatorContext;\nimport org.hibernate.validator.constraintvalidation.HibernateConstraintValidatorContext;\nimport java.util.regex.Matcher;\nimport java.util.regex.Pattern;\n\npublic class TestValidator implements ConstraintValidator<Object, String> {\n\n    public static class InterpolationHelper {\n\n        public static final char BEGIN_TERM = '{';\n        public static final char END_TERM = '}';\n        public static final char EL_DESIGNATOR = '$';\n        public static final char ESCAPE_CHARACTER = '\\\\';\n\n        private static final Pattern ESCAPE_MESSAGE_PARAMETER_PATTERN = Pattern.compile( \"([\\\\\" + ESCAPE_CHARACTER + BEGIN_TERM + END_TERM + EL_DESIGNATOR + \"])\" );\n\n        private InterpolationHelper() {\n        }\n\n        public static String escapeMessageParameter(String messageParameter) {\n            if ( messageParameter == null ) {\n                return null;\n            }\n            return ESCAPE_MESSAGE_PARAMETER_PATTERN.matcher( messageParameter ).replaceAll( Matcher.quoteReplacement( String.valueOf( ESCAPE_CHARACTER ) ) + \"$1\" );\n        }\n\n    }\n\n    @Override\n    public boolean isValid(String object, ConstraintValidatorContext constraintContext) {\n        String value = object + \" is invalid\";\n\n        // Bad: Bean properties (normally user-controlled) are passed directly to `buildConstraintViolationWithTemplate`\n        constraintContext.buildConstraintViolationWithTemplate(value).addConstraintViolation().disableDefaultConstraintViolation();\n\n        // Good: Bean properties (normally user-controlled) are escaped \n        String escaped = InterpolationHelper.escapeMessageParameter(value);\n        constraintContext.buildConstraintViolationWithTemplate(escaped).addConstraintViolation().disableDefaultConstraintViolation();\n\n        // Good: Bean properties (normally user-controlled) are parameterized\n        HibernateConstraintValidatorContext context = constraintContext.unwrap( HibernateConstraintValidatorContext.class );\n        context.addMessageParameter( \"prop\", object );\n        context.buildConstraintViolationWithTemplate( \"{prop} is invalid\").addConstraintViolation();\n        return false;\n    }\n\n}\n\n```\n\n## References\n* Hibernate Reference Guide: [ConstraintValidatorContext](https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code).\n* GitHub Security Lab research: [Bean validation](https://securitylab.github.com/research/bean-validation-RCE).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.300000",
+                  "tags": [
+                    "external/cwe/cwe-094",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "A signing key is set [here](1), but the signature is not verified."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "2d030bc00a086d8a:1"
-          },
-          "properties": {
-            "github/alertNumber": 16,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/16"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "here"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java"
+              {
+                "id": "java/insecure-cookie",
+                "name": "java/insecure-cookie",
+                "short_description": {
+                  "text": "Failure to use secure cookies"
                 },
-                "region": {
-                  "endColumn": 80,
-                  "endLine": 129,
-                  "startColumn": 39,
-                  "startLine": 129
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 20
-          }
-        },
-        {
-          "correlationGuid": "16aa40a1-82dd-43c1-81ba-2a25d51a809c",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 6,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java"
+                "full_description": {
+                  "text": "Insecure cookies may be sent in cleartext, which makes them vulnerable to interception."
                 },
-                "region": {
-                  "endColumn": 64,
-                  "endLine": 104,
-                  "startColumn": 23,
-                  "startLine": 104
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Failure to use secure cookies\nFailing to set the 'secure' flag on a cookie can cause it to be sent in cleartext. This makes it easier for an attacker to intercept.\n\n\n## Recommendation\nAlways use `setSecure` to set the 'secure' flag on a cookie before adding it to an `HttpServletResponse`.\n\n\n## Example\nThis example shows two ways of adding a cookie to an `HttpServletResponse`. The first way leaves out the setting of the 'secure' flag; the second way includes the setting of the flag.\n\n\n```java\npublic static void test(HttpServletRequest request, HttpServletResponse response) {\n\t{\n\t\tCookie cookie = new Cookie(\"secret\", \"fakesecret\");\n\t\t\n\t\t// BAD: 'secure' flag not set\n\t\tresponse.addCookie(cookie);\n\t}\n\n\t{\n\t\tCookie cookie = new Cookie(\"secret\", \"fakesecret\");\n\t\t\n\t\t// GOOD: set 'secure' flag\n\t\tcookie.setSecure(true);\n\t\tresponse.addCookie(cookie);\n\t}\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SER03-J. Do not serialize unencrypted, sensitive data](https://wiki.sei.cmu.edu/confluence/display/java/SER03-J.+Do+not+serialize+unencrypted+sensitive+data).\n* Java Platform, Enterprise Edition (Java EE) 7, API Specification: [Class Cookie](https://docs.oracle.com/javaee/7/api/javax/servlet/http/Cookie.html).\n* Common Weakness Enumeration: [CWE-614](https://cwe.mitre.org/data/definitions/614.html).\n",
+                  "markdown": "# Failure to use secure cookies\nFailing to set the 'secure' flag on a cookie can cause it to be sent in cleartext. This makes it easier for an attacker to intercept.\n\n\n## Recommendation\nAlways use `setSecure` to set the 'secure' flag on a cookie before adding it to an `HttpServletResponse`.\n\n\n## Example\nThis example shows two ways of adding a cookie to an `HttpServletResponse`. The first way leaves out the setting of the 'secure' flag; the second way includes the setting of the flag.\n\n\n```java\npublic static void test(HttpServletRequest request, HttpServletResponse response) {\n\t{\n\t\tCookie cookie = new Cookie(\"secret\", \"fakesecret\");\n\t\t\n\t\t// BAD: 'secure' flag not set\n\t\tresponse.addCookie(cookie);\n\t}\n\n\t{\n\t\tCookie cookie = new Cookie(\"secret\", \"fakesecret\");\n\t\t\n\t\t// GOOD: set 'secure' flag\n\t\tcookie.setSecure(true);\n\t\tresponse.addCookie(cookie);\n\t}\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SER03-J. Do not serialize unencrypted, sensitive data](https://wiki.sei.cmu.edu/confluence/display/java/SER03-J.+Do+not+serialize+unencrypted+sensitive+data).\n* Java Platform, Enterprise Edition (Java EE) 7, API Specification: [Class Cookie](https://docs.oracle.com/javaee/7/api/javax/servlet/http/Cookie.html).\n* Common Weakness Enumeration: [CWE-614](https://cwe.mitre.org/data/definitions/614.html).\n"
+                },
+                "properties": {
+                  "security-severity": "5.000000",
+                  "tags": [
+                    "external/cwe/cwe-614",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "java/insecure-trustmanager",
+                "name": "java/insecure-trustmanager",
+                "short_description": {
+                  "text": "`TrustManager` that accepts all certificates"
+                },
+                "full_description": {
+                  "text": "Trusting all certificates allows an attacker to perform a machine-in-the-middle attack."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# `TrustManager` that accepts all certificates\nIf the `checkServerTrusted` method of a `TrustManager` never throws a `CertificateException`, it trusts every certificate. This allows an attacker to perform a machine-in-the-middle attack against the application, therefore breaking any security Transport Layer Security (TLS) gives.\n\nAn attack might look like this:\n\n1. The vulnerable program connects to `https://example.com`.\n1. The attacker intercepts this connection and presents a valid, self-signed certificate for `https://example.com`.\n1. The vulnerable program calls the `checkServerTrusted` method to check whether it should trust the certificate.\n1. The `checkServerTrusted` method of your `TrustManager` does not throw a `CertificateException`.\n1. The vulnerable program accepts the certificate and proceeds with the connection since your `TrustManager` implicitly trusted it by not throwing an exception.\n1. The attacker can now read the data your program sends to `https://example.com` and/or alter its replies while the program thinks the connection is secure.\n\n## Recommendation\nDo not use a custom `TrustManager` that trusts any certificate. If you have to use a self-signed certificate, don't trust every certificate, but instead only trust this specific certificate. See below for an example of how to do this.\n\n\n## Example\nIn the first (bad) example, the `TrustManager` never throws a `CertificateException` and therefore implicitly trusts any certificate. This allows an attacker to perform a machine-in-the-middle attack. In the second (good) example, the self-signed certificate that should be trusted is loaded into a `KeyStore`. This explicitly defines the certificate as trusted and there is no need to create a custom `TrustManager`.\n\n\n```java\npublic static void main(String[] args) throws Exception {\n    {\n        class InsecureTrustManager implements X509TrustManager {\n            @Override\n            public X509Certificate[] getAcceptedIssuers() {\n                return null;\n            }\n\n            @Override\n            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {\n                // BAD: Does not verify the certificate chain, allowing any certificate.\n            }\n\n            @Override\n            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {\n\n            }\n        }\n        SSLContext context = SSLContext.getInstance(\"TLS\");\n        TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };\n        context.init(null, trustManager, null);\n    }\n    {\n        SSLContext context = SSLContext.getInstance(\"TLS\");\n        File certificateFile = new File(\"path/to/self-signed-certificate\");\n        // Create a `KeyStore` with default type\n        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());\n        // `keyStore` is initially empty\n        keyStore.load(null, null);\n        X509Certificate generatedCertificate;\n        try (InputStream cert = new FileInputStream(certificateFile)) {\n            generatedCertificate = (X509Certificate) CertificateFactory.getInstance(\"X509\")\n                    .generateCertificate(cert);\n        }\n        // Add the self-signed certificate to the key store\n        keyStore.setCertificateEntry(certificateFile.getName(), generatedCertificate);\n        // Get default `TrustManagerFactory`\n        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());\n        // Use it with our key store that trusts our self-signed certificate\n        tmf.init(keyStore);\n        TrustManager[] trustManagers = tmf.getTrustManagers();\n        context.init(null, trustManagers, null);\n        // GOOD, we are not using a custom `TrustManager` but instead have\n        // added the self-signed certificate we want to trust to the key\n        // store. Note, the `trustManagers` will **only** trust this one\n        // certificate.\n        \n        URL url = new URL(\"https://self-signed.badssl.com/\");\n        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();\n        conn.setSSLSocketFactory(context.getSocketFactory());\n    }\n}\n\n```\n\n## References\n* Android Developers: [Security with HTTPS and SSL](https://developer.android.com/training/articles/security-ssl).\n* Common Weakness Enumeration: [CWE-295](https://cwe.mitre.org/data/definitions/295.html).\n",
+                  "markdown": "# `TrustManager` that accepts all certificates\nIf the `checkServerTrusted` method of a `TrustManager` never throws a `CertificateException`, it trusts every certificate. This allows an attacker to perform a machine-in-the-middle attack against the application, therefore breaking any security Transport Layer Security (TLS) gives.\n\nAn attack might look like this:\n\n1. The vulnerable program connects to `https://example.com`.\n1. The attacker intercepts this connection and presents a valid, self-signed certificate for `https://example.com`.\n1. The vulnerable program calls the `checkServerTrusted` method to check whether it should trust the certificate.\n1. The `checkServerTrusted` method of your `TrustManager` does not throw a `CertificateException`.\n1. The vulnerable program accepts the certificate and proceeds with the connection since your `TrustManager` implicitly trusted it by not throwing an exception.\n1. The attacker can now read the data your program sends to `https://example.com` and/or alter its replies while the program thinks the connection is secure.\n\n## Recommendation\nDo not use a custom `TrustManager` that trusts any certificate. If you have to use a self-signed certificate, don't trust every certificate, but instead only trust this specific certificate. See below for an example of how to do this.\n\n\n## Example\nIn the first (bad) example, the `TrustManager` never throws a `CertificateException` and therefore implicitly trusts any certificate. This allows an attacker to perform a machine-in-the-middle attack. In the second (good) example, the self-signed certificate that should be trusted is loaded into a `KeyStore`. This explicitly defines the certificate as trusted and there is no need to create a custom `TrustManager`.\n\n\n```java\npublic static void main(String[] args) throws Exception {\n    {\n        class InsecureTrustManager implements X509TrustManager {\n            @Override\n            public X509Certificate[] getAcceptedIssuers() {\n                return null;\n            }\n\n            @Override\n            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {\n                // BAD: Does not verify the certificate chain, allowing any certificate.\n            }\n\n            @Override\n            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {\n\n            }\n        }\n        SSLContext context = SSLContext.getInstance(\"TLS\");\n        TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };\n        context.init(null, trustManager, null);\n    }\n    {\n        SSLContext context = SSLContext.getInstance(\"TLS\");\n        File certificateFile = new File(\"path/to/self-signed-certificate\");\n        // Create a `KeyStore` with default type\n        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());\n        // `keyStore` is initially empty\n        keyStore.load(null, null);\n        X509Certificate generatedCertificate;\n        try (InputStream cert = new FileInputStream(certificateFile)) {\n            generatedCertificate = (X509Certificate) CertificateFactory.getInstance(\"X509\")\n                    .generateCertificate(cert);\n        }\n        // Add the self-signed certificate to the key store\n        keyStore.setCertificateEntry(certificateFile.getName(), generatedCertificate);\n        // Get default `TrustManagerFactory`\n        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());\n        // Use it with our key store that trusts our self-signed certificate\n        tmf.init(keyStore);\n        TrustManager[] trustManagers = tmf.getTrustManagers();\n        context.init(null, trustManagers, null);\n        // GOOD, we are not using a custom `TrustManager` but instead have\n        // added the self-signed certificate we want to trust to the key\n        // store. Note, the `trustManagers` will **only** trust this one\n        // certificate.\n        \n        URL url = new URL(\"https://self-signed.badssl.com/\");\n        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();\n        conn.setSSLSocketFactory(context.getSocketFactory());\n    }\n}\n\n```\n\n## References\n* Android Developers: [Security with HTTPS and SSL](https://developer.android.com/training/articles/security-ssl).\n* Common Weakness Enumeration: [CWE-295](https://cwe.mitre.org/data/definitions/295.html).\n"
+                },
+                "properties": {
+                  "security-severity": "7.500000",
+                  "tags": [
+                    "external/cwe/cwe-295",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "A signing key is set [here](1), but the signature is not verified."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "25e8034b7fe5b633:1"
-          },
-          "properties": {
-            "github/alertNumber": 15,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/15"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "here"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java"
+              {
+                "id": "java/jexl-expression-injection",
+                "name": "java/jexl-expression-injection",
+                "short_description": {
+                  "text": "Expression language injection (JEXL)"
                 },
-                "region": {
-                  "endColumn": 64,
-                  "endLine": 104,
-                  "startColumn": 23,
-                  "startLine": 104
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 20
-          }
-        },
-        {
-          "correlationGuid": "efec0347-b530-46aa-ba26-90d8c13e2b04",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 7,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTSecretKeyEndpoint.java"
+                "full_description": {
+                  "text": "Evaluation of a user-controlled JEXL expression may lead to arbitrary code execution."
                 },
-                "region": {
-                  "endColumn": 62,
-                  "endLine": 78,
-                  "startColumn": 23,
-                  "startLine": 78
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Expression language injection (JEXL)\nJava EXpression Language (JEXL) is a simple expression language provided by the Apache Commons JEXL library. The syntax is close to a mix of ECMAScript and shell-script. The language allows invocation of methods available in the JVM. If a JEXL expression is built using attacker-controlled data, and then evaluated, then it may allow the attacker to run arbitrary code.\n\n\n## Recommendation\nIt is generally recommended to avoid using untrusted input in a JEXL expression. If it is not possible, JEXL expressions should be run in a sandbox that allows accessing only explicitly allowed classes.\n\n\n## Example\nThe following example uses untrusted data to build and run a JEXL expression.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    String input = reader.readLine();\n    JexlEngine jexl = new JexlBuilder().create();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n}\n```\nThe next example shows how an untrusted JEXL expression can be run in a sandbox that allows accessing only methods in the `java.lang.Math` class. The sandbox is implemented using `JexlSandbox` class that is provided by Apache Commons JEXL 3.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    JexlSandbox onlyMath = new JexlSandbox(false);\n    onlyMath.white(\"java.lang.Math\");\n    JexlEngine jexl = new JexlBuilder().sandbox(onlyMath).create();\n      \n    String input = reader.readLine();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n}\n```\nThe next example shows another way how a sandbox can be implemented. It uses a custom implementation of `JexlUberspect` that checks if callees are instances of allowed classes.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    JexlUberspect sandbox = new JexlUberspectSandbox();\n    JexlEngine jexl = new JexlBuilder().uberspect(sandbox).create();\n      \n    String input = reader.readLine();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n\n  private static class JexlUberspectSandbox implements JexlUberspect {\n\n    private static final List<String> ALLOWED_CLASSES =\n              Arrays.asList(\"java.lang.Math\", \"java.util.Random\");\n\n    private final JexlUberspect uberspect = new JexlBuilder().create().getUberspect();\n\n    private void checkAccess(Object obj) {\n      if (!ALLOWED_CLASSES.contains(obj.getClass().getCanonicalName())) {\n        throw new AccessControlException(\"Not allowed\");\n      }\n    }\n\n    @Override\n    public JexlMethod getMethod(Object obj, String method, Object... args) {\n      checkAccess(obj);\n      return uberspect.getMethod(obj, method, args);\n    }\n\n    @Override\n    public List<PropertyResolver> getResolvers(JexlOperator op, Object obj) {\n      checkAccess(obj);\n      return uberspect.getResolvers(op, obj);\n    }\n\n    @Override\n    public void setClassLoader(ClassLoader loader) {\n      uberspect.setClassLoader(loader);\n    }\n\n    @Override\n    public int getVersion() {\n      return uberspect.getVersion();\n    }\n\n    @Override\n    public JexlMethod getConstructor(Object obj, Object... args) {\n      checkAccess(obj);\n      return uberspect.getConstructor(obj, args);\n    }\n\n    @Override\n    public JexlPropertyGet getPropertyGet(Object obj, Object identifier) {\n      checkAccess(obj);\n      return uberspect.getPropertyGet(obj, identifier);\n    }\n\n    @Override\n    public JexlPropertyGet getPropertyGet(List<PropertyResolver> resolvers, Object obj, Object identifier) {\n      checkAccess(obj);\n      return uberspect.getPropertyGet(resolvers, obj, identifier);\n    }\n\n    @Override\n    public JexlPropertySet getPropertySet(Object obj, Object identifier, Object arg) {\n      checkAccess(obj);\n      return uberspect.getPropertySet(obj, identifier, arg);\n    }\n\n    @Override\n    public JexlPropertySet getPropertySet(List<PropertyResolver> resolvers, Object obj, Object identifier, Object arg) {\n      checkAccess(obj);\n      return uberspect.getPropertySet(resolvers, obj, identifier, arg);\n    }\n\n    @Override\n    public Iterator<?> getIterator(Object obj) {\n      checkAccess(obj);\n      return uberspect.getIterator(obj);\n    }\n\n    @Override\n    public JexlArithmetic.Uberspect getArithmetic(JexlArithmetic arithmetic) {\n      return uberspect.getArithmetic(arithmetic);\n    } \n  }\n}\n```\n\n## References\n* Apache Commons JEXL: [Project page](https://commons.apache.org/proper/commons-jexl/).\n* Apache Commons JEXL documentation: [JEXL 2.1.1 API](https://commons.apache.org/proper/commons-jexl/javadocs/apidocs-2.1.1/).\n* Apache Commons JEXL documentation: [JEXL 3.1 API](https://commons.apache.org/proper/commons-jexl/apidocs/index.html).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n",
+                  "markdown": "# Expression language injection (JEXL)\nJava EXpression Language (JEXL) is a simple expression language provided by the Apache Commons JEXL library. The syntax is close to a mix of ECMAScript and shell-script. The language allows invocation of methods available in the JVM. If a JEXL expression is built using attacker-controlled data, and then evaluated, then it may allow the attacker to run arbitrary code.\n\n\n## Recommendation\nIt is generally recommended to avoid using untrusted input in a JEXL expression. If it is not possible, JEXL expressions should be run in a sandbox that allows accessing only explicitly allowed classes.\n\n\n## Example\nThe following example uses untrusted data to build and run a JEXL expression.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    String input = reader.readLine();\n    JexlEngine jexl = new JexlBuilder().create();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n}\n```\nThe next example shows how an untrusted JEXL expression can be run in a sandbox that allows accessing only methods in the `java.lang.Math` class. The sandbox is implemented using `JexlSandbox` class that is provided by Apache Commons JEXL 3.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    JexlSandbox onlyMath = new JexlSandbox(false);\n    onlyMath.white(\"java.lang.Math\");\n    JexlEngine jexl = new JexlBuilder().sandbox(onlyMath).create();\n      \n    String input = reader.readLine();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n}\n```\nThe next example shows another way how a sandbox can be implemented. It uses a custom implementation of `JexlUberspect` that checks if callees are instances of allowed classes.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    JexlUberspect sandbox = new JexlUberspectSandbox();\n    JexlEngine jexl = new JexlBuilder().uberspect(sandbox).create();\n      \n    String input = reader.readLine();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n\n  private static class JexlUberspectSandbox implements JexlUberspect {\n\n    private static final List<String> ALLOWED_CLASSES =\n              Arrays.asList(\"java.lang.Math\", \"java.util.Random\");\n\n    private final JexlUberspect uberspect = new JexlBuilder().create().getUberspect();\n\n    private void checkAccess(Object obj) {\n      if (!ALLOWED_CLASSES.contains(obj.getClass().getCanonicalName())) {\n        throw new AccessControlException(\"Not allowed\");\n      }\n    }\n\n    @Override\n    public JexlMethod getMethod(Object obj, String method, Object... args) {\n      checkAccess(obj);\n      return uberspect.getMethod(obj, method, args);\n    }\n\n    @Override\n    public List<PropertyResolver> getResolvers(JexlOperator op, Object obj) {\n      checkAccess(obj);\n      return uberspect.getResolvers(op, obj);\n    }\n\n    @Override\n    public void setClassLoader(ClassLoader loader) {\n      uberspect.setClassLoader(loader);\n    }\n\n    @Override\n    public int getVersion() {\n      return uberspect.getVersion();\n    }\n\n    @Override\n    public JexlMethod getConstructor(Object obj, Object... args) {\n      checkAccess(obj);\n      return uberspect.getConstructor(obj, args);\n    }\n\n    @Override\n    public JexlPropertyGet getPropertyGet(Object obj, Object identifier) {\n      checkAccess(obj);\n      return uberspect.getPropertyGet(obj, identifier);\n    }\n\n    @Override\n    public JexlPropertyGet getPropertyGet(List<PropertyResolver> resolvers, Object obj, Object identifier) {\n      checkAccess(obj);\n      return uberspect.getPropertyGet(resolvers, obj, identifier);\n    }\n\n    @Override\n    public JexlPropertySet getPropertySet(Object obj, Object identifier, Object arg) {\n      checkAccess(obj);\n      return uberspect.getPropertySet(obj, identifier, arg);\n    }\n\n    @Override\n    public JexlPropertySet getPropertySet(List<PropertyResolver> resolvers, Object obj, Object identifier, Object arg) {\n      checkAccess(obj);\n      return uberspect.getPropertySet(resolvers, obj, identifier, arg);\n    }\n\n    @Override\n    public Iterator<?> getIterator(Object obj) {\n      checkAccess(obj);\n      return uberspect.getIterator(obj);\n    }\n\n    @Override\n    public JexlArithmetic.Uberspect getArithmetic(JexlArithmetic arithmetic) {\n      return uberspect.getArithmetic(arithmetic);\n    } \n  }\n}\n```\n\n## References\n* Apache Commons JEXL: [Project page](https://commons.apache.org/proper/commons-jexl/).\n* Apache Commons JEXL documentation: [JEXL 2.1.1 API](https://commons.apache.org/proper/commons-jexl/javadocs/apidocs-2.1.1/).\n* Apache Commons JEXL documentation: [JEXL 3.1 API](https://commons.apache.org/proper/commons-jexl/apidocs/index.html).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.300000",
+                  "tags": [
+                    "external/cwe/cwe-094",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "A signing key is set [here](1), but the signature is not verified."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "39200c3c4fe0b433:1"
-          },
-          "properties": {
-            "github/alertNumber": 14,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/14"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "here"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTSecretKeyEndpoint.java"
+              {
+                "id": "java/jhipster-prng",
+                "name": "java/jhipster-prng",
+                "short_description": {
+                  "text": "Detect JHipster Generator Vulnerability CVE-2019-16303"
                 },
-                "region": {
-                  "endColumn": 62,
-                  "endLine": 78,
-                  "startColumn": 23,
-                  "startLine": 78
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 20
-          }
-        },
-        {
-          "correlationGuid": "01523c23-9021-4e17-b215-4b662fa71b9c",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 8,
-                  "uri": "webgoat-integration-tests/src/test/java/org/owasp/webgoat/JWTLessonTest.java"
+                "full_description": {
+                  "text": "Using a vulnerable version of JHipster to generate random numbers makes it easier for attackers to take over accounts."
                 },
-                "region": {
-                  "endColumn": 75,
-                  "endLine": 72,
-                  "startColumn": 18,
-                  "startLine": 72
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Detect JHipster Generator Vulnerability CVE-2019-16303\nThis query detects instances of `RandomUtil.java` that were generated by a [JHipster](https://www.jhipster.tech/) version that is vulnerable to [CVE-2019-16303](https://github.com/jhipster/jhipster-kotlin/security/advisories/GHSA-j3rh-8vwq-wh84).\n\nIf an app uses `RandomUtil.java` generated by a vulnerable version of JHipster, attackers can request a password reset token and use this to predict the value of future reset tokens generated by this server. Using this information, they can create a reset link that allows them to take over any account.\n\nThis vulnerability has a [ CVSS v3.0 Base Score of 9.8/10 ](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2019-16303&vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.1&source=NIST).\n\n\n## Example\nThe example below shows the vulnerable `RandomUtil` class generated by [JHipster prior to version 6.3.0](https://www.jhipster.tech/2019/09/13/jhipster-release-6.3.0.html).\n\n\n```java\nimport org.apache.commons.lang3.RandomStringUtils;\n\n/**\n * Utility class for generating random Strings.\n */\npublic final class RandomUtil {\n\n    private static final int DEF_COUNT = 20;\n\n    private RandomUtil() {\n    }\n\n    /**\n     * Generate a password.\n     *\n     * @return the generated password.\n     */\n    public static String generatePassword() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate an activation key.\n     *\n     * @return the generated activation key.\n     */\n    public static String generateActivationKey() {\n        return RandomStringUtils.randomNumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a reset key.\n     *\n     * @return the generated reset key.\n     */\n    public static String generateResetKey() {\n        return RandomStringUtils.randomNumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a unique series to validate a persistent token, used in the\n     * authentication remember-me mechanism.\n     *\n     * @return the generated series data.\n     */\n    public static String generateSeriesData() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a persistent token, used in the authentication remember-me mechanism.\n     *\n     * @return the generated token data.\n     */\n    public static String generateTokenData() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n}\n\n```\nBelow is a fixed version of the `RandomUtil` class.\n\n\n```java\nimport org.apache.commons.lang3.RandomStringUtils;\n\nimport java.security.SecureRandom;\n\n/**\n * Utility class for generating random Strings.\n */\npublic final class RandomUtil {\n    private static final SecureRandom SECURE_RANDOM = new SecureRandom(); // GOOD: Using SecureRandom\n\n    private static final int DEF_COUNT = 20;\n\n    static {\n        SECURE_RANDOM.nextBytes(new byte[64]);\n    }\n\n    private RandomUtil() {\n    }\n\n    private static String generateRandomAlphanumericString() {\n        // GOOD: Passing Secure Random to RandomStringUtils::random\n        return RandomStringUtils.random(DEF_COUNT, 0, 0, true, true, null, SECURE_RANDOM);\n    }\n\n    /**\n     * Generate a password.\n     *\n     * @return the generated password.\n     */\n    public static String generatePassword() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate an activation key.\n     *\n     * @return the generated activation key.\n     */\n    public static String generateActivationKey() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a reset key.\n     *\n     * @return the generated reset key.\n     */\n    public static String generateResetKey() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a unique series to validate a persistent token, used in the\n     * authentication remember-me mechanism.\n     *\n     * @return the generated series data.\n     */\n    public static String generateSeriesData() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a persistent token, used in the authentication remember-me mechanism.\n     *\n     * @return the generated token data.\n     */\n    public static String generateTokenData() {\n        return generateRandomAlphanumericString();\n    }\n}\n\n```\n\n## Recommendation\nYou should refactor the `RandomUtil` class and replace every call to `RandomStringUtils.randomAlphaNumeric`. You could regenerate the class using the latest version of JHipster, or use an automated refactoring. For example, using the [Patching JHipster CWE-338](https://github.com/moderneinc/jhipster-cwe-338) for the [Rewrite project](https://github.com/openrewrite/rewrite).\n\n\n## References\n* Cloudflare Blog: [ Why secure systems require random numbers ](https://blog.cloudflare.com/why-randomness-matters/)\n* Hacker News: [ How I Hacked Hacker News (with arc security advisory) ](https://news.ycombinator.com/item?id=639976)\n* Posts by Pucara Information Security Team: [ The Java Soothsayer: A practical application for insecure randomness. (Includes free 0day) ](https://blog.pucarasec.com/2020/05/09/the-java-soothsayer-a-practical-application-for-insecure-randomness-includes-free-0day/)\n* Common Weakness Enumeration: [CWE-338](https://cwe.mitre.org/data/definitions/338.html).\n",
+                  "markdown": "# Detect JHipster Generator Vulnerability CVE-2019-16303\nThis query detects instances of `RandomUtil.java` that were generated by a [JHipster](https://www.jhipster.tech/) version that is vulnerable to [CVE-2019-16303](https://github.com/jhipster/jhipster-kotlin/security/advisories/GHSA-j3rh-8vwq-wh84).\n\nIf an app uses `RandomUtil.java` generated by a vulnerable version of JHipster, attackers can request a password reset token and use this to predict the value of future reset tokens generated by this server. Using this information, they can create a reset link that allows them to take over any account.\n\nThis vulnerability has a [ CVSS v3.0 Base Score of 9.8/10 ](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2019-16303&vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.1&source=NIST).\n\n\n## Example\nThe example below shows the vulnerable `RandomUtil` class generated by [JHipster prior to version 6.3.0](https://www.jhipster.tech/2019/09/13/jhipster-release-6.3.0.html).\n\n\n```java\nimport org.apache.commons.lang3.RandomStringUtils;\n\n/**\n * Utility class for generating random Strings.\n */\npublic final class RandomUtil {\n\n    private static final int DEF_COUNT = 20;\n\n    private RandomUtil() {\n    }\n\n    /**\n     * Generate a password.\n     *\n     * @return the generated password.\n     */\n    public static String generatePassword() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate an activation key.\n     *\n     * @return the generated activation key.\n     */\n    public static String generateActivationKey() {\n        return RandomStringUtils.randomNumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a reset key.\n     *\n     * @return the generated reset key.\n     */\n    public static String generateResetKey() {\n        return RandomStringUtils.randomNumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a unique series to validate a persistent token, used in the\n     * authentication remember-me mechanism.\n     *\n     * @return the generated series data.\n     */\n    public static String generateSeriesData() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a persistent token, used in the authentication remember-me mechanism.\n     *\n     * @return the generated token data.\n     */\n    public static String generateTokenData() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n}\n\n```\nBelow is a fixed version of the `RandomUtil` class.\n\n\n```java\nimport org.apache.commons.lang3.RandomStringUtils;\n\nimport java.security.SecureRandom;\n\n/**\n * Utility class for generating random Strings.\n */\npublic final class RandomUtil {\n    private static final SecureRandom SECURE_RANDOM = new SecureRandom(); // GOOD: Using SecureRandom\n\n    private static final int DEF_COUNT = 20;\n\n    static {\n        SECURE_RANDOM.nextBytes(new byte[64]);\n    }\n\n    private RandomUtil() {\n    }\n\n    private static String generateRandomAlphanumericString() {\n        // GOOD: Passing Secure Random to RandomStringUtils::random\n        return RandomStringUtils.random(DEF_COUNT, 0, 0, true, true, null, SECURE_RANDOM);\n    }\n\n    /**\n     * Generate a password.\n     *\n     * @return the generated password.\n     */\n    public static String generatePassword() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate an activation key.\n     *\n     * @return the generated activation key.\n     */\n    public static String generateActivationKey() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a reset key.\n     *\n     * @return the generated reset key.\n     */\n    public static String generateResetKey() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a unique series to validate a persistent token, used in the\n     * authentication remember-me mechanism.\n     *\n     * @return the generated series data.\n     */\n    public static String generateSeriesData() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a persistent token, used in the authentication remember-me mechanism.\n     *\n     * @return the generated token data.\n     */\n    public static String generateTokenData() {\n        return generateRandomAlphanumericString();\n    }\n}\n\n```\n\n## Recommendation\nYou should refactor the `RandomUtil` class and replace every call to `RandomStringUtils.randomAlphaNumeric`. You could regenerate the class using the latest version of JHipster, or use an automated refactoring. For example, using the [Patching JHipster CWE-338](https://github.com/moderneinc/jhipster-cwe-338) for the [Rewrite project](https://github.com/openrewrite/rewrite).\n\n\n## References\n* Cloudflare Blog: [ Why secure systems require random numbers ](https://blog.cloudflare.com/why-randomness-matters/)\n* Hacker News: [ How I Hacked Hacker News (with arc security advisory) ](https://news.ycombinator.com/item?id=639976)\n* Posts by Pucara Information Security Team: [ The Java Soothsayer: A practical application for insecure randomness. (Includes free 0day) ](https://blog.pucarasec.com/2020/05/09/the-java-soothsayer-a-practical-application-for-insecure-randomness-includes-free-0day/)\n* Common Weakness Enumeration: [CWE-338](https://cwe.mitre.org/data/definitions/338.html).\n"
+                },
+                "properties": {
+                  "security-severity": "7.800000",
+                  "tags": [
+                    "external/cwe/cwe-338",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "A signing key is set [here](1), but the signature is not verified."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "31eaf1239ab18658:1"
-          },
-          "properties": {
-            "github/alertNumber": 13,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/13"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "here"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-integration-tests/src/test/java/org/owasp/webgoat/JWTLessonTest.java"
+              {
+                "id": "java/jndi-injection",
+                "name": "java/jndi-injection",
+                "short_description": {
+                  "text": "JNDI lookup with user-controlled name"
                 },
-                "region": {
-                  "endColumn": 75,
-                  "endLine": 72,
-                  "startColumn": 18,
-                  "startLine": 72
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 20
-          }
-        },
-        {
-          "correlationGuid": "9a7f2bc9-a7ba-4974-b452-768a926ab837",
-          "level": "warning",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 9,
-                  "uri": "webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/HashingAssignment.java"
+                "full_description": {
+                  "text": "Performing a JNDI lookup with a user-controlled name can lead to the download of an untrusted object and to execution of arbitrary code."
                 },
-                "region": {
-                  "endColumn": 58,
-                  "endLine": 56,
-                  "startColumn": 26,
-                  "startLine": 56
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# JNDI lookup with user-controlled name\nThe Java Naming and Directory Interface (JNDI) is a Java API for a directory service that allows Java software clients to discover and look up data and resources (in the form of Java objects) via a name. If the name being used to look up the data is controlled by the user, it can point to a malicious server, which can return an arbitrary object. In the worst case, this can allow remote code execution.\n\n\n## Recommendation\nThe general recommendation is to avoid passing untrusted data to the `InitialContext.lookup ` method. If the name being used to look up the object must be provided by the user, make sure that it's not in the form of an absolute URL or that it's the URL pointing to a trused server.\n\n\n## Example\nIn the following examples, the code accepts a name from the user, which it uses to look up an object.\n\nIn the first example, the user provided name is used to look up an object.\n\nThe second example validates the name before using it to look up an object.\n\n\n```java\nimport javax.naming.Context;\nimport javax.naming.InitialContext;\n\npublic void jndiLookup(HttpServletRequest request) throws NamingException {\n  String name = request.getParameter(\"name\");\n\n  Hashtable<String, String> env = new Hashtable<String, String>();\n  env.put(Context.INITIAL_CONTEXT_FACTORY, \"com.sun.jndi.rmi.registry.RegistryContextFactory\");\n  env.put(Context.PROVIDER_URL, \"rmi://trusted-server:1099\");\n  InitialContext ctx = new InitialContext(env);\n\n  // BAD: User input used in lookup\n  ctx.lookup(name);\n\n  // GOOD: The name is validated before being used in lookup\n  if (isValid(name)) {\n    ctx.lookup(name);\n  } else {\n    // Reject the request\n  }\n}\n```\n\n## References\n* Oracle: [Java Naming and Directory Interface (JNDI)](https://docs.oracle.com/javase/8/docs/technotes/guides/jndi/).\n* Black Hat materials: [A Journey from JNDI/LDAP Manipulation to Remote Code Execution Dream Land](https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf).\n* Veracode: [Exploiting JNDI Injections in Java](https://www.veracode.com/blog/research/exploiting-jndi-injections-java).\n* Common Weakness Enumeration: [CWE-74](https://cwe.mitre.org/data/definitions/74.html).\n",
+                  "markdown": "# JNDI lookup with user-controlled name\nThe Java Naming and Directory Interface (JNDI) is a Java API for a directory service that allows Java software clients to discover and look up data and resources (in the form of Java objects) via a name. If the name being used to look up the data is controlled by the user, it can point to a malicious server, which can return an arbitrary object. In the worst case, this can allow remote code execution.\n\n\n## Recommendation\nThe general recommendation is to avoid passing untrusted data to the `InitialContext.lookup ` method. If the name being used to look up the object must be provided by the user, make sure that it's not in the form of an absolute URL or that it's the URL pointing to a trused server.\n\n\n## Example\nIn the following examples, the code accepts a name from the user, which it uses to look up an object.\n\nIn the first example, the user provided name is used to look up an object.\n\nThe second example validates the name before using it to look up an object.\n\n\n```java\nimport javax.naming.Context;\nimport javax.naming.InitialContext;\n\npublic void jndiLookup(HttpServletRequest request) throws NamingException {\n  String name = request.getParameter(\"name\");\n\n  Hashtable<String, String> env = new Hashtable<String, String>();\n  env.put(Context.INITIAL_CONTEXT_FACTORY, \"com.sun.jndi.rmi.registry.RegistryContextFactory\");\n  env.put(Context.PROVIDER_URL, \"rmi://trusted-server:1099\");\n  InitialContext ctx = new InitialContext(env);\n\n  // BAD: User input used in lookup\n  ctx.lookup(name);\n\n  // GOOD: The name is validated before being used in lookup\n  if (isValid(name)) {\n    ctx.lookup(name);\n  } else {\n    // Reject the request\n  }\n}\n```\n\n## References\n* Oracle: [Java Naming and Directory Interface (JNDI)](https://docs.oracle.com/javase/8/docs/technotes/guides/jndi/).\n* Black Hat materials: [A Journey from JNDI/LDAP Manipulation to Remote Code Execution Dream Land](https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf).\n* Veracode: [Exploiting JNDI Injections in Java](https://www.veracode.com/blog/research/exploiting-jndi-injections-java).\n* Common Weakness Enumeration: [CWE-74](https://cwe.mitre.org/data/definitions/74.html).\n"
+                },
+                "properties": {
+                  "tags": [
+                    "external/cwe/cwe-074",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "Cryptographic algorithm [MD5](1) is weak and should not be used."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "99e2d6034d1626c0:1"
-          },
-          "properties": {
-            "github/alertNumber": 12,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/12"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "MD5"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/HashingAssignment.java"
+              {
+                "id": "java/ldap-injection",
+                "name": "java/ldap-injection",
+                "short_description": {
+                  "text": "LDAP query built from user-controlled sources"
                 },
-                "region": {
-                  "endColumn": 57,
-                  "endLine": 56,
-                  "startColumn": 52,
-                  "startLine": 56
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 38
-          }
-        },
-        {
-          "correlationGuid": "2ff0b197-ca8f-4eb0-8fd5-3ad326540ea3",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 10,
-                  "uri": "webgoat-container/src/main/java/org/owasp/webgoat/AjaxAuthenticationEntryPoint.java"
+                "full_description": {
+                  "text": "Building an LDAP query from user-controlled sources is vulnerable to insertion of malicious LDAP code by the user."
                 },
-                "region": {
-                  "endColumn": 63,
-                  "endLine": 53,
-                  "startColumn": 37,
-                  "startLine": 53
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# LDAP query built from user-controlled sources\nIf an LDAP query is built using string concatenation, and the components of the concatenation include user input, a user is likely to be able to run malicious LDAP queries.\n\n\n## Recommendation\nIf user input must be included in an LDAP query, it should be escaped to avoid a malicious user providing special characters that change the meaning of the query. If possible build the LDAP query using framework helper methods, for example from Spring's `LdapQueryBuilder` and `LdapNameBuilder`, instead of string concatenation. Alternatively, escape user input using an appropriate LDAP encoding method, for example: `encodeForLDAP` or `encodeForDN` from OWASP ESAPI, `LdapEncoder.filterEncode` or `LdapEncoder.nameEncode` from Spring LDAP, or `Filter.encodeValue` from UnboundID library.\n\n\n## Example\nIn the following examples, the code accepts an \"organization name\" and a \"username\" from the user, which it uses to query LDAP.\n\nThe first example concatenates the unvalidated and unencoded user input directly into both the DN (Distinguished Name) and the search filter used for the LDAP query. A malicious user could provide special characters to change the meaning of these queries, and search for a completely different set of values. The LDAP query is executed using Java JNDI API.\n\nThe second example uses the OWASP ESAPI library to encode the user values before they are included in the DN and search filters. This ensures the meaning of the query cannot be changed by a malicious user.\n\n\n```java\nimport javax.naming.directory.DirContext;\nimport org.owasp.esapi.Encoder;\nimport org.owasp.esapi.reference.DefaultEncoder;\n\npublic void ldapQueryBad(HttpServletRequest request, DirContext ctx) throws NamingException {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // BAD: User input used in DN (Distinguished Name) without encoding\n  String dn = \"OU=People,O=\" + organizationName;\n\n  // BAD: User input used in search filter without encoding\n  String filter = \"username=\" + userName;\n\n  ctx.search(dn, filter, new SearchControls());\n}\n\npublic void ldapQueryGood(HttpServletRequest request, DirContext ctx) throws NamingException {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // ESAPI encoder\n  Encoder encoder = DefaultEncoder.getInstance();\n\n  // GOOD: Organization name is encoded before being used in DN\n  String safeOrganizationName = encoder.encodeForDN(organizationName);\n  String safeDn = \"OU=People,O=\" + safeOrganizationName;\n\n  // GOOD: User input is encoded before being used in search filter\n  String safeUsername = encoder.encodeForLDAP(username);\n  String safeFilter = \"username=\" + safeUsername;\n  \n  ctx.search(safeDn, safeFilter, new SearchControls());\n}\n```\nThe third example uses Spring `LdapQueryBuilder` to build an LDAP query. In addition to simplifying the building of complex search parameters, it also provides proper escaping of any unsafe characters in search filters. The DN is built using `LdapNameBuilder`, which also provides proper escaping.\n\n\n```java\nimport static org.springframework.ldap.query.LdapQueryBuilder.query;\nimport org.springframework.ldap.support.LdapNameBuilder;\n\npublic void ldapQueryGood(@RequestParam String organizationName, @RequestParam String username) {\n  // GOOD: Organization name is encoded before being used in DN\n  String safeDn = LdapNameBuilder.newInstance()\n    .add(\"O\", organizationName)\n    .add(\"OU=People\")\n    .build().toString();\n\n  // GOOD: User input is encoded before being used in search filter\n  LdapQuery query = query()\n    .base(safeDn)\n    .where(\"username\").is(username);\n\n  ldapTemplate.search(query, new AttributeCheckAttributesMapper());\n}\n```\nThe fourth example uses `UnboundID` classes, `Filter` and `DN`, to construct a safe filter and base DN.\n\n\n```java\nimport com.unboundid.ldap.sdk.LDAPConnection;\nimport com.unboundid.ldap.sdk.DN;\nimport com.unboundid.ldap.sdk.RDN;\nimport com.unboundid.ldap.sdk.Filter;\n\npublic void ldapQueryGood(HttpServletRequest request, LDAPConnection c) {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // GOOD: Organization name is encoded before being used in DN\n  DN safeDn = new DN(new RDN(\"OU\", \"People\"), new RDN(\"O\", organizationName));\n\n  // GOOD: User input is encoded before being used in search filter\n  Filter safeFilter = Filter.createEqualityFilter(\"username\", username);\n  \n  c.search(safeDn.toString(), SearchScope.ONE, safeFilter);\n}\n```\nThe fifth example shows how to build a safe filter and DN using the Apache LDAP API.\n\n\n```java\nimport org.apache.directory.ldap.client.api.LdapConnection;\nimport org.apache.directory.api.ldap.model.name.Dn;\nimport org.apache.directory.api.ldap.model.name.Rdn;\nimport org.apache.directory.api.ldap.model.message.SearchRequest;\nimport org.apache.directory.api.ldap.model.message.SearchRequestImpl;\nimport static org.apache.directory.ldap.client.api.search.FilterBuilder.equal;\n\npublic void ldapQueryGood(HttpServletRequest request, LdapConnection c) {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // GOOD: Organization name is encoded before being used in DN\n  Dn safeDn = new Dn(new Rdn(\"OU\", \"People\"), new Rdn(\"O\", organizationName));\n\n  // GOOD: User input is encoded before being used in search filter\n  String safeFilter = equal(\"username\", username);\n  \n  SearchRequest searchRequest = new SearchRequestImpl();\n  searchRequest.setBase(safeDn);\n  searchRequest.setFilter(safeFilter);\n  c.search(searchRequest);\n}\n```\n\n## References\n* OWASP: [LDAP Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html).\n* OWASP ESAPI: [OWASP ESAPI](https://owasp.org/www-project-enterprise-security-api/).\n* Spring LdapQueryBuilder doc: [LdapQueryBuilder](https://docs.spring.io/spring-ldap/docs/current/apidocs/org/springframework/ldap/query/LdapQueryBuilder.html).\n* Spring LdapNameBuilder doc: [LdapNameBuilder](https://docs.spring.io/spring-ldap/docs/current/apidocs/org/springframework/ldap/support/LdapNameBuilder.html).\n* UnboundID: [Understanding and Defending Against LDAP Injection Attacks](https://ldap.com/2018/05/04/understanding-and-defending-against-ldap-injection-attacks/).\n* Common Weakness Enumeration: [CWE-90](https://cwe.mitre.org/data/definitions/90.html).\n",
+                  "markdown": "# LDAP query built from user-controlled sources\nIf an LDAP query is built using string concatenation, and the components of the concatenation include user input, a user is likely to be able to run malicious LDAP queries.\n\n\n## Recommendation\nIf user input must be included in an LDAP query, it should be escaped to avoid a malicious user providing special characters that change the meaning of the query. If possible build the LDAP query using framework helper methods, for example from Spring's `LdapQueryBuilder` and `LdapNameBuilder`, instead of string concatenation. Alternatively, escape user input using an appropriate LDAP encoding method, for example: `encodeForLDAP` or `encodeForDN` from OWASP ESAPI, `LdapEncoder.filterEncode` or `LdapEncoder.nameEncode` from Spring LDAP, or `Filter.encodeValue` from UnboundID library.\n\n\n## Example\nIn the following examples, the code accepts an \"organization name\" and a \"username\" from the user, which it uses to query LDAP.\n\nThe first example concatenates the unvalidated and unencoded user input directly into both the DN (Distinguished Name) and the search filter used for the LDAP query. A malicious user could provide special characters to change the meaning of these queries, and search for a completely different set of values. The LDAP query is executed using Java JNDI API.\n\nThe second example uses the OWASP ESAPI library to encode the user values before they are included in the DN and search filters. This ensures the meaning of the query cannot be changed by a malicious user.\n\n\n```java\nimport javax.naming.directory.DirContext;\nimport org.owasp.esapi.Encoder;\nimport org.owasp.esapi.reference.DefaultEncoder;\n\npublic void ldapQueryBad(HttpServletRequest request, DirContext ctx) throws NamingException {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // BAD: User input used in DN (Distinguished Name) without encoding\n  String dn = \"OU=People,O=\" + organizationName;\n\n  // BAD: User input used in search filter without encoding\n  String filter = \"username=\" + userName;\n\n  ctx.search(dn, filter, new SearchControls());\n}\n\npublic void ldapQueryGood(HttpServletRequest request, DirContext ctx) throws NamingException {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // ESAPI encoder\n  Encoder encoder = DefaultEncoder.getInstance();\n\n  // GOOD: Organization name is encoded before being used in DN\n  String safeOrganizationName = encoder.encodeForDN(organizationName);\n  String safeDn = \"OU=People,O=\" + safeOrganizationName;\n\n  // GOOD: User input is encoded before being used in search filter\n  String safeUsername = encoder.encodeForLDAP(username);\n  String safeFilter = \"username=\" + safeUsername;\n  \n  ctx.search(safeDn, safeFilter, new SearchControls());\n}\n```\nThe third example uses Spring `LdapQueryBuilder` to build an LDAP query. In addition to simplifying the building of complex search parameters, it also provides proper escaping of any unsafe characters in search filters. The DN is built using `LdapNameBuilder`, which also provides proper escaping.\n\n\n```java\nimport static org.springframework.ldap.query.LdapQueryBuilder.query;\nimport org.springframework.ldap.support.LdapNameBuilder;\n\npublic void ldapQueryGood(@RequestParam String organizationName, @RequestParam String username) {\n  // GOOD: Organization name is encoded before being used in DN\n  String safeDn = LdapNameBuilder.newInstance()\n    .add(\"O\", organizationName)\n    .add(\"OU=People\")\n    .build().toString();\n\n  // GOOD: User input is encoded before being used in search filter\n  LdapQuery query = query()\n    .base(safeDn)\n    .where(\"username\").is(username);\n\n  ldapTemplate.search(query, new AttributeCheckAttributesMapper());\n}\n```\nThe fourth example uses `UnboundID` classes, `Filter` and `DN`, to construct a safe filter and base DN.\n\n\n```java\nimport com.unboundid.ldap.sdk.LDAPConnection;\nimport com.unboundid.ldap.sdk.DN;\nimport com.unboundid.ldap.sdk.RDN;\nimport com.unboundid.ldap.sdk.Filter;\n\npublic void ldapQueryGood(HttpServletRequest request, LDAPConnection c) {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // GOOD: Organization name is encoded before being used in DN\n  DN safeDn = new DN(new RDN(\"OU\", \"People\"), new RDN(\"O\", organizationName));\n\n  // GOOD: User input is encoded before being used in search filter\n  Filter safeFilter = Filter.createEqualityFilter(\"username\", username);\n  \n  c.search(safeDn.toString(), SearchScope.ONE, safeFilter);\n}\n```\nThe fifth example shows how to build a safe filter and DN using the Apache LDAP API.\n\n\n```java\nimport org.apache.directory.ldap.client.api.LdapConnection;\nimport org.apache.directory.api.ldap.model.name.Dn;\nimport org.apache.directory.api.ldap.model.name.Rdn;\nimport org.apache.directory.api.ldap.model.message.SearchRequest;\nimport org.apache.directory.api.ldap.model.message.SearchRequestImpl;\nimport static org.apache.directory.ldap.client.api.search.FilterBuilder.equal;\n\npublic void ldapQueryGood(HttpServletRequest request, LdapConnection c) {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // GOOD: Organization name is encoded before being used in DN\n  Dn safeDn = new Dn(new Rdn(\"OU\", \"People\"), new Rdn(\"O\", organizationName));\n\n  // GOOD: User input is encoded before being used in search filter\n  String safeFilter = equal(\"username\", username);\n  \n  SearchRequest searchRequest = new SearchRequestImpl();\n  searchRequest.setBase(safeDn);\n  searchRequest.setFilter(safeFilter);\n  c.search(searchRequest);\n}\n```\n\n## References\n* OWASP: [LDAP Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html).\n* OWASP ESAPI: [OWASP ESAPI](https://owasp.org/www-project-enterprise-security-api/).\n* Spring LdapQueryBuilder doc: [LdapQueryBuilder](https://docs.spring.io/spring-ldap/docs/current/apidocs/org/springframework/ldap/query/LdapQueryBuilder.html).\n* Spring LdapNameBuilder doc: [LdapNameBuilder](https://docs.spring.io/spring-ldap/docs/current/apidocs/org/springframework/ldap/support/LdapNameBuilder.html).\n* UnboundID: [Understanding and Defending Against LDAP Injection Attacks](https://ldap.com/2018/05/04/understanding-and-defending-against-ldap-injection-attacks/).\n* Common Weakness Enumeration: [CWE-90](https://cwe.mitre.org/data/definitions/90.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.800000",
+                  "tags": [
+                    "external/cwe/cwe-090",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "[Error information](1) can be exposed to an external user."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "69b1bde9108b11cf:1"
-          },
-          "properties": {
-            "github/alertNumber": 11,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/11"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "Error information"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-container/src/main/java/org/owasp/webgoat/AjaxAuthenticationEntryPoint.java"
+              {
+                "id": "java/maven/dependency-upon-bintray",
+                "name": "java/maven/dependency-upon-bintray",
+                "short_description": {
+                  "text": "Depending upon JCenter/Bintray as an artifact repository"
                 },
-                "region": {
-                  "endColumn": 63,
-                  "endLine": 53,
-                  "startColumn": 37,
-                  "startLine": 53
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 30
-          }
-        },
-        {
-          "codeFlows": [
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "name : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 11,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
-                          },
-                          "region": {
-                            "endColumn": 60,
-                            "endLine": 55,
-                            "startColumn": 35,
-                            "startLine": 55
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "name : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 11,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
-                          },
-                          "region": {
-                            "endColumn": 45,
-                            "endLine": 56,
-                            "startColumn": 41,
-                            "startLine": 56
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "name : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 11,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
-                          },
-                          "region": {
-                            "endColumn": 64,
-                            "endLine": 59,
-                            "startColumn": 53,
-                            "startLine": 59
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 11,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
-                          },
-                          "region": {
-                            "endColumn": 65,
-                            "endLine": 66,
-                            "startColumn": 60,
-                            "startLine": 66
-                          }
-                        }
-                      }
-                    }
+                "full_description": {
+                  "text": "Using a deprecated artifact repository may eventually give attackers access for a supply chain attack."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Depending upon JCenter/Bintray as an artifact repository\n[Bintray and JCenter are shutting down on February 1st, 2022](https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/). Relying upon repositories that are deprecated or scheduled to be shutdown can have unintended consequences; for example, artifacts being resolved from a different artifact server or a total failure of the CI build.\n\nWhen artifact repositories are left unmaintained for a long period of time, vulnerabilities may emerge. Theoretically, this could allow attackers to inject malicious code into the artifacts that you are resolving and infect build artifacts that are being produced. This can be used by attackers to perform a [supply chain attack](https://en.wikipedia.org/wiki/Supply_chain_attack) against your project's users.\n\n\n## Recommendation\nAlways use the canonical repository for resolving your dependencies.\n\n\n## Example\nThe following example shows locations in a Maven POM file where artifact repository upload/download is configured. The use of Bintray in any of these locations is not advised.\n\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Bintray Usage</name>\n    <description>An example of using bintray to download and upload dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </repository>\n        <snapshotRepository>\n            <id>jcenter-snapshots</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </repository>\n    </repositories>\n    <repositories>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use Bintray -->\n            <url>https://dl.bintray.com/groovy/maven</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>jcenter-plugins</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n## References\n* JFrog blog: [ Into the Sunset on May 1st: Bintray, JCenter, GoCenter, and ChartCenter ](https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/)\n* Common Weakness Enumeration: [CWE-1104](https://cwe.mitre.org/data/definitions/1104.html).\n",
+                  "markdown": "# Depending upon JCenter/Bintray as an artifact repository\n[Bintray and JCenter are shutting down on February 1st, 2022](https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/). Relying upon repositories that are deprecated or scheduled to be shutdown can have unintended consequences; for example, artifacts being resolved from a different artifact server or a total failure of the CI build.\n\nWhen artifact repositories are left unmaintained for a long period of time, vulnerabilities may emerge. Theoretically, this could allow attackers to inject malicious code into the artifacts that you are resolving and infect build artifacts that are being produced. This can be used by attackers to perform a [supply chain attack](https://en.wikipedia.org/wiki/Supply_chain_attack) against your project's users.\n\n\n## Recommendation\nAlways use the canonical repository for resolving your dependencies.\n\n\n## Example\nThe following example shows locations in a Maven POM file where artifact repository upload/download is configured. The use of Bintray in any of these locations is not advised.\n\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Bintray Usage</name>\n    <description>An example of using bintray to download and upload dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </repository>\n        <snapshotRepository>\n            <id>jcenter-snapshots</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </repository>\n    </repositories>\n    <repositories>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use Bintray -->\n            <url>https://dl.bintray.com/groovy/maven</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>jcenter-plugins</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n## References\n* JFrog blog: [ Into the Sunset on May 1st: Bintray, JCenter, GoCenter, and ChartCenter ](https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/)\n* Common Weakness Enumeration: [CWE-1104](https://cwe.mitre.org/data/definitions/1104.html).\n"
+                },
+                "properties": {
+                  "security-severity": "6.500000",
+                  "tags": [
+                    "external/cwe/cwe-1104",
+                    "security"
                   ]
                 }
-              ]
-            },
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "auth_tan : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 11,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
-                          },
-                          "region": {
-                            "endColumn": 91,
-                            "endLine": 55,
-                            "startColumn": 62,
-                            "startLine": 55
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "auth_tan : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 11,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
-                          },
-                          "region": {
-                            "endColumn": 55,
-                            "endLine": 56,
-                            "startColumn": 47,
-                            "startLine": 56
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "auth_tan : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 11,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
-                          },
-                          "region": {
-                            "endColumn": 81,
-                            "endLine": 59,
-                            "startColumn": 66,
-                            "startLine": 59
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 11,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
-                          },
-                          "region": {
-                            "endColumn": 65,
-                            "endLine": 66,
-                            "startColumn": 60,
-                            "startLine": 66
-                          }
-                        }
-                      }
-                    }
+              },
+              {
+                "id": "java/maven/non-https-url",
+                "name": "java/maven/non-https-url",
+                "short_description": {
+                  "text": "Failure to use HTTPS or SFTP URL in Maven artifact upload/download"
+                },
+                "full_description": {
+                  "text": "Non-HTTPS connections can be intercepted by third parties."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Failure to use HTTPS or SFTP URL in Maven artifact upload/download\nUsing an insecure protocol like HTTP or FTP to download your dependencies leaves your Maven build vulnerable to a [Man in the Middle (MITM)](https://en.wikipedia.org/wiki/Man-in-the-middle_attack). This can allow attackers to inject malicious code into the artifacts that you are resolving and infect build artifacts that are being produced. This can be used by attackers to perform a [Supply chain attack](https://en.wikipedia.org/wiki/Supply_chain_attack) against your project's users.\n\nThis vulnerability has a [ CVSS v3.1 base score of 8.1/10 ](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.1).\n\n\n## Recommendation\nAlways use HTTPS or SFTP to download artifacts from artifact servers.\n\n\n## Example\nThese examples show examples of locations in Maven POM files where artifact repository upload/download is configured. The first shows the use of HTTP, the second shows the use of HTTPS.\n\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Security Testing</name>\n    <description>An example of insecure download and upload of dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>insecure-releases</id>\n            <name>Insecure Repository Releases</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </repository>\n        <snapshotRepository>\n            <id>insecure-snapshots</id>\n            <name>Insecure Repository Snapshots</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>insecure</id>\n            <name>Insecure Repository</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>insecure-plugins</id>\n            <name>Insecure Repository Releases</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Security Testing</name>\n    <description>An example of secure download and upload of dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>insecure-releases</id>\n            <name>Secure Repository Releases</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </repository>\n        <snapshotRepository>\n            <id>insecure-snapshots</id>\n            <name>Secure Repository Snapshots</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>insecure</id>\n            <name>Secure Repository</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>insecure-plugins</id>\n            <name>Secure Repository Releases</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n## References\n* Research: [ Want to take over the Java ecosystem? All you need is a MITM! ](https://medium.com/bugbountywriteup/want-to-take-over-the-java-ecosystem-all-you-need-is-a-mitm-1fc329d898fb?source=friends_link&sk=3c99970c55a899ad9ef41f126efcde0e)\n* Research: [ How to take over the computer of any Java (or Closure or Scala) Developer. ](https://max.computer/blog/how-to-take-over-the-computer-of-any-java-or-clojure-or-scala-developer/)\n* Proof of Concept: [ mveytsman/dilettante ](https://github.com/mveytsman/dilettante)\n* Additional Gradle &amp; Maven plugin: [ Announcing nohttp ](https://spring.io/blog/2019/06/10/announcing-nohttp)\n* Java Ecosystem Announcement: [ HTTP Decommission Artifact Server Announcements ](https://gist.github.com/JLLeitschuh/789e49e3d34092a005031a0a1880af99)\n* Common Weakness Enumeration: [CWE-300](https://cwe.mitre.org/data/definitions/300.html).\n* Common Weakness Enumeration: [CWE-319](https://cwe.mitre.org/data/definitions/319.html).\n* Common Weakness Enumeration: [CWE-494](https://cwe.mitre.org/data/definitions/494.html).\n* Common Weakness Enumeration: [CWE-829](https://cwe.mitre.org/data/definitions/829.html).\n",
+                  "markdown": "# Failure to use HTTPS or SFTP URL in Maven artifact upload/download\nUsing an insecure protocol like HTTP or FTP to download your dependencies leaves your Maven build vulnerable to a [Man in the Middle (MITM)](https://en.wikipedia.org/wiki/Man-in-the-middle_attack). This can allow attackers to inject malicious code into the artifacts that you are resolving and infect build artifacts that are being produced. This can be used by attackers to perform a [Supply chain attack](https://en.wikipedia.org/wiki/Supply_chain_attack) against your project's users.\n\nThis vulnerability has a [ CVSS v3.1 base score of 8.1/10 ](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.1).\n\n\n## Recommendation\nAlways use HTTPS or SFTP to download artifacts from artifact servers.\n\n\n## Example\nThese examples show examples of locations in Maven POM files where artifact repository upload/download is configured. The first shows the use of HTTP, the second shows the use of HTTPS.\n\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Security Testing</name>\n    <description>An example of insecure download and upload of dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>insecure-releases</id>\n            <name>Insecure Repository Releases</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </repository>\n        <snapshotRepository>\n            <id>insecure-snapshots</id>\n            <name>Insecure Repository Snapshots</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>insecure</id>\n            <name>Insecure Repository</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>insecure-plugins</id>\n            <name>Insecure Repository Releases</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Security Testing</name>\n    <description>An example of secure download and upload of dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>insecure-releases</id>\n            <name>Secure Repository Releases</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </repository>\n        <snapshotRepository>\n            <id>insecure-snapshots</id>\n            <name>Secure Repository Snapshots</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>insecure</id>\n            <name>Secure Repository</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>insecure-plugins</id>\n            <name>Secure Repository Releases</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n## References\n* Research: [ Want to take over the Java ecosystem? All you need is a MITM! ](https://medium.com/bugbountywriteup/want-to-take-over-the-java-ecosystem-all-you-need-is-a-mitm-1fc329d898fb?source=friends_link&sk=3c99970c55a899ad9ef41f126efcde0e)\n* Research: [ How to take over the computer of any Java (or Closure or Scala) Developer. ](https://max.computer/blog/how-to-take-over-the-computer-of-any-java-or-clojure-or-scala-developer/)\n* Proof of Concept: [ mveytsman/dilettante ](https://github.com/mveytsman/dilettante)\n* Additional Gradle &amp; Maven plugin: [ Announcing nohttp ](https://spring.io/blog/2019/06/10/announcing-nohttp)\n* Java Ecosystem Announcement: [ HTTP Decommission Artifact Server Announcements ](https://gist.github.com/JLLeitschuh/789e49e3d34092a005031a0a1880af99)\n* Common Weakness Enumeration: [CWE-300](https://cwe.mitre.org/data/definitions/300.html).\n* Common Weakness Enumeration: [CWE-319](https://cwe.mitre.org/data/definitions/319.html).\n* Common Weakness Enumeration: [CWE-494](https://cwe.mitre.org/data/definitions/494.html).\n* Common Weakness Enumeration: [CWE-829](https://cwe.mitre.org/data/definitions/829.html).\n"
+                },
+                "properties": {
+                  "security-severity": "8.100000",
+                  "tags": [
+                    "external/cwe/cwe-300",
+                    "external/cwe/cwe-319",
+                    "external/cwe/cwe-494",
+                    "external/cwe/cwe-829",
+                    "security"
                   ]
                 }
-              ]
-            }
-          ],
-          "correlationGuid": "330d25ad-e2a2-4274-8677-46a67721abd5",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 11,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
+              },
+              {
+                "id": "java/missing-jwt-signature-check",
+                "name": "java/missing-jwt-signature-check",
+                "short_description": {
+                  "text": "Missing JWT signature check"
                 },
-                "region": {
-                  "endColumn": 65,
-                  "endLine": 66,
-                  "startColumn": 60,
-                  "startLine": 66
+                "full_description": {
+                  "text": "Failing to check the Json Web Token (JWT) signature may allow an attacker to forge their own tokens."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Missing JWT signature check\nA JSON Web Token (JWT) consists of three parts: header, payload, and signature. The `io.jsonwebtoken.jjwt` library is one of many libraries used for working with JWTs. It offers different methods for parsing tokens like `parse`, `parseClaimsJws`, and `parsePlaintextJws`. The last two correctly verify that the JWT is properly signed. This is done by computing the signature of the combination of header and payload and comparing the locally computed signature with the signature part of the JWT.\n\nTherefore it is necessary to provide the `JwtParser` with a key that is used for signature validation. Unfortunately the `parse` method **accepts** a JWT whose signature is empty although a signing key has been set for the parser. This means that an attacker can create arbitrary JWTs that will be accepted if this method is used.\n\n\n## Recommendation\nAlways verify the signature by using either the `parseClaimsJws` and `parsePlaintextJws` methods or by overriding the `onPlaintextJws` or `onClaimsJws` of `JwtHandlerAdapter`.\n\n\n## Example\nThe following example shows four cases where a signing key is set for a parser. In the first 'BAD' case the `parse` method is used, which will not validate the signature. The second 'BAD' case uses a `JwtHandlerAdapter` where the `onPlaintextJwt` method is overriden, so it will not validate the signature. The third and fourth 'GOOD' cases use `parseClaimsJws` method or override the `onPlaintextJws` method.\n\n\n```java\npublic void badJwt(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(token); // BAD: Does not verify the signature\n}\n\npublic void badJwtHandler(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(plaintextJwt, new JwtHandlerAdapter<Jwt<Header, String>>() {\n                    @Override\n                    public Jwt<Header, String> onPlaintextJwt(Jwt<Header, String> jwt) {\n                        return jwt;\n                    }\n                }); // BAD: The handler is called on an unverified JWT\n}\n\npublic void goodJwt(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parseClaimsJws(token) // GOOD: Verify the signature\n                .getBody();\n}\n\npublic void goodJwtHandler(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(plaintextJwt, new JwtHandlerAdapter<Jws<String>>() {\n                    @Override\n                    public Jws<String> onPlaintextJws(Jws<String> jws) {\n                        return jws;\n                    }\n                }); // GOOD: The handler is called on a verified JWS\n}\n```\n\n## References\n* zofrex: [How I Found An alg=none JWT Vulnerability in the NHS Contact Tracing App](https://www.zofrex.com/blog/2020/10/20/alg-none-jwt-nhs-contact-tracing-app/).\n* Common Weakness Enumeration: [CWE-347](https://cwe.mitre.org/data/definitions/347.html).\n",
+                  "markdown": "# Missing JWT signature check\nA JSON Web Token (JWT) consists of three parts: header, payload, and signature. The `io.jsonwebtoken.jjwt` library is one of many libraries used for working with JWTs. It offers different methods for parsing tokens like `parse`, `parseClaimsJws`, and `parsePlaintextJws`. The last two correctly verify that the JWT is properly signed. This is done by computing the signature of the combination of header and payload and comparing the locally computed signature with the signature part of the JWT.\n\nTherefore it is necessary to provide the `JwtParser` with a key that is used for signature validation. Unfortunately the `parse` method **accepts** a JWT whose signature is empty although a signing key has been set for the parser. This means that an attacker can create arbitrary JWTs that will be accepted if this method is used.\n\n\n## Recommendation\nAlways verify the signature by using either the `parseClaimsJws` and `parsePlaintextJws` methods or by overriding the `onPlaintextJws` or `onClaimsJws` of `JwtHandlerAdapter`.\n\n\n## Example\nThe following example shows four cases where a signing key is set for a parser. In the first 'BAD' case the `parse` method is used, which will not validate the signature. The second 'BAD' case uses a `JwtHandlerAdapter` where the `onPlaintextJwt` method is overriden, so it will not validate the signature. The third and fourth 'GOOD' cases use `parseClaimsJws` method or override the `onPlaintextJws` method.\n\n\n```java\npublic void badJwt(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(token); // BAD: Does not verify the signature\n}\n\npublic void badJwtHandler(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(plaintextJwt, new JwtHandlerAdapter<Jwt<Header, String>>() {\n                    @Override\n                    public Jwt<Header, String> onPlaintextJwt(Jwt<Header, String> jwt) {\n                        return jwt;\n                    }\n                }); // BAD: The handler is called on an unverified JWT\n}\n\npublic void goodJwt(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parseClaimsJws(token) // GOOD: Verify the signature\n                .getBody();\n}\n\npublic void goodJwtHandler(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(plaintextJwt, new JwtHandlerAdapter<Jws<String>>() {\n                    @Override\n                    public Jws<String> onPlaintextJws(Jws<String> jws) {\n                        return jws;\n                    }\n                }); // GOOD: The handler is called on a verified JWS\n}\n```\n\n## References\n* zofrex: [How I Found An alg=none JWT Vulnerability in the NHS Contact Tracing App](https://www.zofrex.com/blog/2020/10/20/alg-none-jwt-nhs-contact-tracing-app/).\n* Common Weakness Enumeration: [CWE-347](https://cwe.mitre.org/data/definitions/347.html).\n"
+                },
+                "properties": {
+                  "security-severity": "7.800000",
+                  "tags": [
+                    "external/cwe/cwe-347",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "Query might include code from [this user input](1).\nQuery might include code from [this user input](2)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "c3579bd895056390:1"
-          },
-          "properties": {
-            "github/alertNumber": 10,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/10"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "this user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
+              {
+                "id": "java/mvel-expression-injection",
+                "name": "java/mvel-expression-injection",
+                "short_description": {
+                  "text": "Expression language injection (MVEL)"
                 },
-                "region": {
-                  "endColumn": 60,
-                  "endLine": 55,
-                  "startColumn": 35,
-                  "startLine": 55
+                "full_description": {
+                  "text": "Evaluation of a user-controlled MVEL expression may lead to remote code execution."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Expression language injection (MVEL)\nMVEL is an expression language based on Java-syntax, which offers many features including invocation of methods available in the JVM. If a MVEL expression is built using attacker-controlled data, and then evaluated, then it may allow attackers to run arbitrary code.\n\n\n## Recommendation\nIncluding user input in a MVEL expression should be avoided.\n\n\n## Example\nIn the following sample, the first example uses untrusted data to build a MVEL expression and then runs it in the default context. In the second example, the untrusted data is validated with a custom method that checks that the expression does not contain unexpected code before evaluating it.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n    new InputStreamReader(socket.getInputStream()))) {\n  \n    String expression = reader.readLine();\n    // BAD: the user-provided expression is directly evaluated\n    MVEL.eval(expression);\n  }\n}\n\npublic void safeEvaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n    new InputStreamReader(socket.getInputStream()))) {\n  \n    String expression = reader.readLine();\n    // GOOD: the user-provided expression is validated before evaluation\n    validateExpression(expression);\n    MVEL.eval(expression);\n  }\n}\n\nprivate void validateExpression(String expression) {\n  // Validate that the expression does not contain unexpected code.\n  // For instance, this can be done with allow-lists or deny-lists of code patterns.\n}\n```\n\n## References\n* MVEL Documentation: [Language Guide for 2.0](http://mvel.documentnode.com/).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n",
+                  "markdown": "# Expression language injection (MVEL)\nMVEL is an expression language based on Java-syntax, which offers many features including invocation of methods available in the JVM. If a MVEL expression is built using attacker-controlled data, and then evaluated, then it may allow attackers to run arbitrary code.\n\n\n## Recommendation\nIncluding user input in a MVEL expression should be avoided.\n\n\n## Example\nIn the following sample, the first example uses untrusted data to build a MVEL expression and then runs it in the default context. In the second example, the untrusted data is validated with a custom method that checks that the expression does not contain unexpected code before evaluating it.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n    new InputStreamReader(socket.getInputStream()))) {\n  \n    String expression = reader.readLine();\n    // BAD: the user-provided expression is directly evaluated\n    MVEL.eval(expression);\n  }\n}\n\npublic void safeEvaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n    new InputStreamReader(socket.getInputStream()))) {\n  \n    String expression = reader.readLine();\n    // GOOD: the user-provided expression is validated before evaluation\n    validateExpression(expression);\n    MVEL.eval(expression);\n  }\n}\n\nprivate void validateExpression(String expression) {\n  // Validate that the expression does not contain unexpected code.\n  // For instance, this can be done with allow-lists or deny-lists of code patterns.\n}\n```\n\n## References\n* MVEL Documentation: [Language Guide for 2.0](http://mvel.documentnode.com/).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n"
+                },
+                "properties": {
+                  "tags": [
+                    "external/cwe/cwe-094",
+                    "security"
+                  ]
                 }
-              }
-            },
-            {
-              "id": 2,
-              "message": {
-                "text": "this user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java"
+              {
+                "id": "java/netty-http-response-splitting",
+                "name": "java/netty-http-response-splitting",
+                "short_description": {
+                  "text": "Disabled Netty HTTP header validation"
                 },
-                "region": {
-                  "endColumn": 91,
-                  "endLine": 55,
-                  "startColumn": 62,
-                  "startLine": 55
+                "full_description": {
+                  "text": "Disabling HTTP header validation makes code vulnerable to attack by header splitting if user input is written directly to an HTTP header."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Disabled Netty HTTP header validation\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability. If the user input includes blank lines in it, and if the servlet container does not itself escape the blank lines, then a remote user can cause the response to turn into two separate responses, one of which is controlled by the remote user.\n\n\n## Recommendation\nGuard against HTTP header splitting in the same way as guarding against cross-site scripting. Before passing any data into HTTP headers, either check the data for special characters, or escape any special characters that are present.\n\n\n## Example\nThe following example shows the 'name' parameter being written to a cookie in two different ways. The first way writes it directly to the cookie, and thus is vulnerable to response-splitting attacks. The second way first removes all special characters, thus avoiding the potential problem.\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: setting a cookie with an unvalidated parameter\n\t\tCookie cookie = new Cookie(\"name\", request.getParameter(\"name\"));\n\t\tresponse.addCookie(cookie);\n\n\t\t// GOOD: remove special characters before putting them in the header\n\t\tString name = removeSpecial(request.getParameter(\"name\"));\n\t\tCookie cookie2 = new Cookie(\"name\", name);\n\t\tresponse.addCookie(cookie2);\n\t}\n\n\tprivate static String removeSpecial(String str) {\n\t\treturn str.replaceAll(\"[^a-zA-Z ]\", \"\");\n\t}\n}\n\n```\n\n## Example\nThe following example shows the use of the library 'netty' with HTTP response-splitting verification configurations. The second way will verify the parameters before using them to build the HTTP response.\n\n\n```java\nimport io.netty.handler.codec.http.DefaultHttpHeaders;\n\npublic class ResponseSplitting {\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpHeaders badHeaders = new DefaultHttpHeaders(false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpHeaders goodHeaders = new DefaultHttpHeaders();\n\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpResponse badResponse = new DefaultHttpResponse(version, httpResponseStatus, false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpResponse goodResponse = new DefaultHttpResponse(version, httpResponseStatus);\n}\n\n```\n\n## References\n* InfosecWriters: [HTTP response splitting](http://www.infosecwriters.com/Papers/DCrab_HTTP_Response.pdf).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n",
+                  "markdown": "# Disabled Netty HTTP header validation\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability. If the user input includes blank lines in it, and if the servlet container does not itself escape the blank lines, then a remote user can cause the response to turn into two separate responses, one of which is controlled by the remote user.\n\n\n## Recommendation\nGuard against HTTP header splitting in the same way as guarding against cross-site scripting. Before passing any data into HTTP headers, either check the data for special characters, or escape any special characters that are present.\n\n\n## Example\nThe following example shows the 'name' parameter being written to a cookie in two different ways. The first way writes it directly to the cookie, and thus is vulnerable to response-splitting attacks. The second way first removes all special characters, thus avoiding the potential problem.\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: setting a cookie with an unvalidated parameter\n\t\tCookie cookie = new Cookie(\"name\", request.getParameter(\"name\"));\n\t\tresponse.addCookie(cookie);\n\n\t\t// GOOD: remove special characters before putting them in the header\n\t\tString name = removeSpecial(request.getParameter(\"name\"));\n\t\tCookie cookie2 = new Cookie(\"name\", name);\n\t\tresponse.addCookie(cookie2);\n\t}\n\n\tprivate static String removeSpecial(String str) {\n\t\treturn str.replaceAll(\"[^a-zA-Z ]\", \"\");\n\t}\n}\n\n```\n\n## Example\nThe following example shows the use of the library 'netty' with HTTP response-splitting verification configurations. The second way will verify the parameters before using them to build the HTTP response.\n\n\n```java\nimport io.netty.handler.codec.http.DefaultHttpHeaders;\n\npublic class ResponseSplitting {\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpHeaders badHeaders = new DefaultHttpHeaders(false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpHeaders goodHeaders = new DefaultHttpHeaders();\n\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpResponse badResponse = new DefaultHttpResponse(version, httpResponseStatus, false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpResponse goodResponse = new DefaultHttpResponse(version, httpResponseStatus);\n}\n\n```\n\n## References\n* InfosecWriters: [HTTP response splitting](http://www.infosecwriters.com/Papers/DCrab_HTTP_Response.pdf).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n"
+                },
+                "properties": {
+                  "security-severity": "6.100000",
+                  "tags": [
+                    "external/cwe/cwe-113",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 28
-          }
-        },
-        {
-          "codeFlows": [
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "name : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 12,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
-                          },
-                          "region": {
-                            "endColumn": 60,
-                            "endLine": 54,
-                            "startColumn": 35,
-                            "startLine": 54
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "name : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 12,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
-                          },
-                          "region": {
-                            "endColumn": 51,
-                            "endLine": 55,
-                            "startColumn": 47,
-                            "startLine": 55
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "name : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 12,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
-                          },
-                          "region": {
-                            "endColumn": 70,
-                            "endLine": 58,
-                            "startColumn": 59,
-                            "startLine": 58
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 12,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
-                          },
-                          "region": {
-                            "endColumn": 65,
-                            "endLine": 66,
-                            "startColumn": 60,
-                            "startLine": 66
-                          }
-                        }
-                      }
-                    }
+              },
+              {
+                "id": "java/ognl-injection",
+                "name": "java/ognl-injection",
+                "short_description": {
+                  "text": "OGNL Expression Language statement with user-controlled input"
+                },
+                "full_description": {
+                  "text": "Evaluation of OGNL Expression Language statement with user-controlled input can lead to execution of arbitrary code."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# OGNL Expression Language statement with user-controlled input\nObject-Graph Navigation Language (OGNL) is an open-source Expression Language (EL) for Java. OGNL can create or change executable code, consequently it can introduce critical security flaws to any application that uses it. Evaluation of unvalidated expressions is a common flaw in OGNL. This exposes the properties of Java objects to modification by an attacker and may allow them to execute arbitrary code.\n\n\n## Recommendation\nThe general recommendation is to avoid evaluating untrusted ONGL expressions. If user-provided OGNL expressions must be evaluated, do this in a sandbox and validate the expressions before evaluation.\n\n\n## Example\nIn the following examples, the code accepts an OGNL expression from the user and evaluates it.\n\nIn the first example, the user-provided OGNL expression is parsed and evaluated.\n\nThe second example validates the expression and evaluates it inside a sandbox. You can add a sandbox by setting a system property, as shown in the example, or by adding `-Dognl.security.manager` to JVM arguments.\n\n\n```java\nimport ognl.Ognl;\nimport ognl.OgnlException;\n\npublic void evaluate(HttpServletRequest request, Object root) throws OgnlException {\n  String expression = request.getParameter(\"expression\");\n\n  // BAD: User provided expression is evaluated\n  Ognl.getValue(expression, root);\n  \n  // GOOD: The name is validated and expression is evaluated in sandbox\n  System.setProperty(\"ognl.security.manager\", \"\"); // Or add -Dognl.security.manager to JVM args\n  if (isValid(expression)) {\n    Ognl.getValue(expression, root);\n  } else {\n    // Reject the request\n  }\n}\n\npublic void isValid(Strig expression) {\n  // Custom method to validate the expression.\n  // For instance, make sure it doesn't include unexpected code.\n}\n\n```\n\n## References\n* Apache Commons: [Apache Commons OGNL](https://commons.apache.org/proper/commons-ognl/).\n* Struts security: [Proactively protect from OGNL Expression Injections attacks](https://struts.apache.org/security/#proactively-protect-from-ognl-expression-injections-attacks-if-easily-applicable).\n* Common Weakness Enumeration: [CWE-917](https://cwe.mitre.org/data/definitions/917.html).\n",
+                  "markdown": "# OGNL Expression Language statement with user-controlled input\nObject-Graph Navigation Language (OGNL) is an open-source Expression Language (EL) for Java. OGNL can create or change executable code, consequently it can introduce critical security flaws to any application that uses it. Evaluation of unvalidated expressions is a common flaw in OGNL. This exposes the properties of Java objects to modification by an attacker and may allow them to execute arbitrary code.\n\n\n## Recommendation\nThe general recommendation is to avoid evaluating untrusted ONGL expressions. If user-provided OGNL expressions must be evaluated, do this in a sandbox and validate the expressions before evaluation.\n\n\n## Example\nIn the following examples, the code accepts an OGNL expression from the user and evaluates it.\n\nIn the first example, the user-provided OGNL expression is parsed and evaluated.\n\nThe second example validates the expression and evaluates it inside a sandbox. You can add a sandbox by setting a system property, as shown in the example, or by adding `-Dognl.security.manager` to JVM arguments.\n\n\n```java\nimport ognl.Ognl;\nimport ognl.OgnlException;\n\npublic void evaluate(HttpServletRequest request, Object root) throws OgnlException {\n  String expression = request.getParameter(\"expression\");\n\n  // BAD: User provided expression is evaluated\n  Ognl.getValue(expression, root);\n  \n  // GOOD: The name is validated and expression is evaluated in sandbox\n  System.setProperty(\"ognl.security.manager\", \"\"); // Or add -Dognl.security.manager to JVM args\n  if (isValid(expression)) {\n    Ognl.getValue(expression, root);\n  } else {\n    // Reject the request\n  }\n}\n\npublic void isValid(Strig expression) {\n  // Custom method to validate the expression.\n  // For instance, make sure it doesn't include unexpected code.\n}\n\n```\n\n## References\n* Apache Commons: [Apache Commons OGNL](https://commons.apache.org/proper/commons-ognl/).\n* Struts security: [Proactively protect from OGNL Expression Injections attacks](https://struts.apache.org/security/#proactively-protect-from-ognl-expression-injections-attacks-if-easily-applicable).\n* Common Weakness Enumeration: [CWE-917](https://cwe.mitre.org/data/definitions/917.html).\n"
+                },
+                "properties": {
+                  "tags": [
+                    "external/cwe/cwe-917",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "java/path-injection",
+                "name": "java/path-injection",
+                "short_description": {
+                  "text": "Uncontrolled data used in path expression"
+                },
+                "full_description": {
+                  "text": "Accessing paths influenced by users can allow an attacker to access unexpected resources."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Uncontrolled data used in path expression\nAccessing paths controlled by users can allow an attacker to access unexpected resources. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\nPaths that are naively constructed from data controlled by a user may contain unexpected special characters, such as \"..\". Such a path may potentially point to any directory on the file system.\n\n\n## Recommendation\nValidate user input before using it to construct a file path. Ideally, follow these rules:\n\n* Do not allow more than a single \".\" character.\n* Do not allow directory separators such as \"/\" or \"\\\\\" (depending on the file system).\n* Do not rely on simply replacing problematic sequences such as \"../\". For example, after applying this filter to \".../...//\" the resulting string would still be \"../\".\n* Ideally use a whitelist of known good patterns.\n\n## Example\nIn this example, a file name is read from a `java.net.Socket` and then used to access a file in the user's home directory and send it back over the socket. However, a malicious user could enter a file name which contains special characters. For example, the string \"../../etc/passwd\" will result in the code reading the file located at \"/home/\\[user\\]/../../etc/passwd\", which is the system's password file. This file would then be sent back to the user, giving them access to all the system's passwords.\n\n\n```java\npublic void sendUserFile(Socket sock, String user) {\n\tBufferedReader filenameReader = new BufferedReader(\n\t\t\tnew InputStreamReader(sock.getInputStream(), \"UTF-8\"));\n\tString filename = filenameReader.readLine();\n\t// BAD: read from a file using a path controlled by the user\n\tBufferedReader fileReader = new BufferedReader(\n\t\t\tnew FileReader(\"/home/\" + user + \"/\" + filename));\n\tString fileLine = fileReader.readLine();\n\twhile(fileLine != null) {\n\t\tsock.getOutputStream().write(fileLine.getBytes());\n\t\tfileLine = fileReader.readLine();\n\t}\n}\n\npublic void sendUserFileFixed(Socket sock, String user) {\n\t// ...\n\t\n\t// GOOD: remove all dots and directory delimiters from the filename before using\n\tString filename = filenameReader.readLine().replaceAll(\"\\.\", \"\").replaceAll(\"/\", \"\");\n\tBufferedReader fileReader = new BufferedReader(\n\t\t\tnew FileReader(\"/home/\" + user + \"/\" + filename));\n\n\t// ...\n}\n```\n\n## References\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n* Common Weakness Enumeration: [CWE-23](https://cwe.mitre.org/data/definitions/23.html).\n* Common Weakness Enumeration: [CWE-36](https://cwe.mitre.org/data/definitions/36.html).\n* Common Weakness Enumeration: [CWE-73](https://cwe.mitre.org/data/definitions/73.html).\n",
+                  "markdown": "# Uncontrolled data used in path expression\nAccessing paths controlled by users can allow an attacker to access unexpected resources. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\nPaths that are naively constructed from data controlled by a user may contain unexpected special characters, such as \"..\". Such a path may potentially point to any directory on the file system.\n\n\n## Recommendation\nValidate user input before using it to construct a file path. Ideally, follow these rules:\n\n* Do not allow more than a single \".\" character.\n* Do not allow directory separators such as \"/\" or \"\\\\\" (depending on the file system).\n* Do not rely on simply replacing problematic sequences such as \"../\". For example, after applying this filter to \".../...//\" the resulting string would still be \"../\".\n* Ideally use a whitelist of known good patterns.\n\n## Example\nIn this example, a file name is read from a `java.net.Socket` and then used to access a file in the user's home directory and send it back over the socket. However, a malicious user could enter a file name which contains special characters. For example, the string \"../../etc/passwd\" will result in the code reading the file located at \"/home/\\[user\\]/../../etc/passwd\", which is the system's password file. This file would then be sent back to the user, giving them access to all the system's passwords.\n\n\n```java\npublic void sendUserFile(Socket sock, String user) {\n\tBufferedReader filenameReader = new BufferedReader(\n\t\t\tnew InputStreamReader(sock.getInputStream(), \"UTF-8\"));\n\tString filename = filenameReader.readLine();\n\t// BAD: read from a file using a path controlled by the user\n\tBufferedReader fileReader = new BufferedReader(\n\t\t\tnew FileReader(\"/home/\" + user + \"/\" + filename));\n\tString fileLine = fileReader.readLine();\n\twhile(fileLine != null) {\n\t\tsock.getOutputStream().write(fileLine.getBytes());\n\t\tfileLine = fileReader.readLine();\n\t}\n}\n\npublic void sendUserFileFixed(Socket sock, String user) {\n\t// ...\n\t\n\t// GOOD: remove all dots and directory delimiters from the filename before using\n\tString filename = filenameReader.readLine().replaceAll(\"\\.\", \"\").replaceAll(\"/\", \"\");\n\tBufferedReader fileReader = new BufferedReader(\n\t\t\tnew FileReader(\"/home/\" + user + \"/\" + filename));\n\n\t// ...\n}\n```\n\n## References\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n* Common Weakness Enumeration: [CWE-23](https://cwe.mitre.org/data/definitions/23.html).\n* Common Weakness Enumeration: [CWE-36](https://cwe.mitre.org/data/definitions/36.html).\n* Common Weakness Enumeration: [CWE-73](https://cwe.mitre.org/data/definitions/73.html).\n"
+                },
+                "properties": {
+                  "security-severity": "7.500000",
+                  "tags": [
+                    "external/cwe/cwe-022",
+                    "external/cwe/cwe-023",
+                    "external/cwe/cwe-036",
+                    "external/cwe/cwe-073",
+                    "security"
+                  ]
+                }
+              },
+              {
+                "id": "java/predictable-seed",
+                "name": "java/predictable-seed",
+                "short_description": {
+                  "text": "Use of a predictable seed in a secure random number generator"
+                },
+                "full_description": {
+                  "text": "Using a predictable seed in a pseudo-random number generator can lead to predictability of the numbers generated by it."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Use of a predictable seed in a secure random number generator\nUsing a predictable seed in a pseudo-random number generator can lead to predictability of the numbers generated by it.\n\n\n## Recommendation\nIf the predictability of the pseudo-random number generator does not matter then consider using the faster `Random` class from `java.util`. If it is important that the pseudo-random number generator produces completely unpredictable values then either let the generator securely seed itself by not specifying a seed or specify a randomly generated, unpredictable seed.\n\n\n## Example\nIn the first example shown here, a constant value is used as a seed. Depending on the implementation of ` SecureRandom`, this could lead to the same random number being generated each time the code is executed.\n\nIn the second example shown here, the system time is used as a seed. Depending on the implementation of ` SecureRandom`, if an attacker knows what time the code was run, they could predict the generated random number.\n\nIn the third example shown here, the random number generator is allowed to generate its own seed, which it will do in a secure way.\n\n\n```java\nSecureRandom prng = new SecureRandom();\nint randomData = 0;\n\n// BAD: Using a constant value as a seed for a random number generator means all numbers it generates are predictable.\nprng.setSeed(12345L);\nrandomData = prng.next(32);\n\n// BAD: System.currentTimeMillis() returns the system time which is predictable.\nprng.setSeed(System.currentTimeMillis());\nrandomData = prng.next(32);\n\n// GOOD: SecureRandom implementations seed themselves securely by default.\nprng = new SecureRandom();\nrandomData = prng.next(32);\n\n```\n\n## References\n* Common Weakness Enumeration: [CWE-335](https://cwe.mitre.org/data/definitions/335.html).\n",
+                  "markdown": "# Use of a predictable seed in a secure random number generator\nUsing a predictable seed in a pseudo-random number generator can lead to predictability of the numbers generated by it.\n\n\n## Recommendation\nIf the predictability of the pseudo-random number generator does not matter then consider using the faster `Random` class from `java.util`. If it is important that the pseudo-random number generator produces completely unpredictable values then either let the generator securely seed itself by not specifying a seed or specify a randomly generated, unpredictable seed.\n\n\n## Example\nIn the first example shown here, a constant value is used as a seed. Depending on the implementation of ` SecureRandom`, this could lead to the same random number being generated each time the code is executed.\n\nIn the second example shown here, the system time is used as a seed. Depending on the implementation of ` SecureRandom`, if an attacker knows what time the code was run, they could predict the generated random number.\n\nIn the third example shown here, the random number generator is allowed to generate its own seed, which it will do in a secure way.\n\n\n```java\nSecureRandom prng = new SecureRandom();\nint randomData = 0;\n\n// BAD: Using a constant value as a seed for a random number generator means all numbers it generates are predictable.\nprng.setSeed(12345L);\nrandomData = prng.next(32);\n\n// BAD: System.currentTimeMillis() returns the system time which is predictable.\nprng.setSeed(System.currentTimeMillis());\nrandomData = prng.next(32);\n\n// GOOD: SecureRandom implementations seed themselves securely by default.\nprng = new SecureRandom();\nrandomData = prng.next(32);\n\n```\n\n## References\n* Common Weakness Enumeration: [CWE-335](https://cwe.mitre.org/data/definitions/335.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.800000",
+                  "tags": [
+                    "external/cwe/cwe-335",
+                    "security"
                   ]
                 }
-              ]
-            },
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "auth_tan : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 12,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
-                          },
-                          "region": {
-                            "endColumn": 91,
-                            "endLine": 54,
-                            "startColumn": 62,
-                            "startLine": 54
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "auth_tan : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 12,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
-                          },
-                          "region": {
-                            "endColumn": 61,
-                            "endLine": 55,
-                            "startColumn": 53,
-                            "startLine": 55
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "auth_tan : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 12,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
-                          },
-                          "region": {
-                            "endColumn": 87,
-                            "endLine": 58,
-                            "startColumn": 72,
-                            "startLine": 58
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 12,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
-                          },
-                          "region": {
-                            "endColumn": 65,
-                            "endLine": 66,
-                            "startColumn": 60,
-                            "startLine": 66
-                          }
-                        }
-                      }
-                    }
+              },
+              {
+                "id": "java/spel-expression-injection",
+                "name": "java/spel-expression-injection",
+                "short_description": {
+                  "text": "Expression language injection (Spring)"
+                },
+                "full_description": {
+                  "text": "Evaluation of a user-controlled Spring Expression Language (SpEL) expression may lead to remote code execution."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Expression language injection (Spring)\nThe Spring Expression Language (SpEL) is a powerful expression language provided by the Spring Framework. The language offers many features including invocation of methods available in the JVM. If a SpEL expression is built using attacker-controlled data, and then evaluated in a powerful context, then it may allow the attacker to run arbitrary code.\n\nThe `SpelExpressionParser` class parses a SpEL expression string and returns an `Expression` instance that can be then evaluated by calling one of its methods. By default, an expression is evaluated in a powerful `StandardEvaluationContext` that allows the expression to access other methods available in the JVM.\n\n\n## Recommendation\nIn general, including user input in a SpEL expression should be avoided. If user input must be included in the expression, it should be then evaluated in a limited context that doesn't allow arbitrary method invocation.\n\n\n## Example\nThe following example uses untrusted data to build a SpEL expression and then runs it in the default powerful context.\n\n\n```java\npublic Object evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n      new InputStreamReader(socket.getInputStream()))) {\n\n    String string = reader.readLine();\n    ExpressionParser parser = new SpelExpressionParser();\n    Expression expression = parser.parseExpression(string);\n    return expression.getValue();\n  }\n}\n```\nThe next example shows how an untrusted SpEL expression can be run in `SimpleEvaluationContext` that doesn't allow accessing arbitrary methods. However, it's recommended to avoid using untrusted input in SpEL expressions.\n\n\n```java\npublic Object evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n      new InputStreamReader(socket.getInputStream()))) {\n\n    String string = reader.readLine();\n    ExpressionParser parser = new SpelExpressionParser();\n    Expression expression = parser.parseExpression(string);\n    SimpleEvaluationContext context \n        = SimpleEvaluationContext.forReadWriteDataBinding().build();\n    return expression.getValue(context);\n  }\n}\n```\n\n## References\n* Spring Framework Reference Documentation: [Spring Expression Language (SpEL)](https://docs.spring.io/spring/docs/4.2.x/spring-framework-reference/html/expressions.html).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n",
+                  "markdown": "# Expression language injection (Spring)\nThe Spring Expression Language (SpEL) is a powerful expression language provided by the Spring Framework. The language offers many features including invocation of methods available in the JVM. If a SpEL expression is built using attacker-controlled data, and then evaluated in a powerful context, then it may allow the attacker to run arbitrary code.\n\nThe `SpelExpressionParser` class parses a SpEL expression string and returns an `Expression` instance that can be then evaluated by calling one of its methods. By default, an expression is evaluated in a powerful `StandardEvaluationContext` that allows the expression to access other methods available in the JVM.\n\n\n## Recommendation\nIn general, including user input in a SpEL expression should be avoided. If user input must be included in the expression, it should be then evaluated in a limited context that doesn't allow arbitrary method invocation.\n\n\n## Example\nThe following example uses untrusted data to build a SpEL expression and then runs it in the default powerful context.\n\n\n```java\npublic Object evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n      new InputStreamReader(socket.getInputStream()))) {\n\n    String string = reader.readLine();\n    ExpressionParser parser = new SpelExpressionParser();\n    Expression expression = parser.parseExpression(string);\n    return expression.getValue();\n  }\n}\n```\nThe next example shows how an untrusted SpEL expression can be run in `SimpleEvaluationContext` that doesn't allow accessing arbitrary methods. However, it's recommended to avoid using untrusted input in SpEL expressions.\n\n\n```java\npublic Object evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n      new InputStreamReader(socket.getInputStream()))) {\n\n    String string = reader.readLine();\n    ExpressionParser parser = new SpelExpressionParser();\n    Expression expression = parser.parseExpression(string);\n    SimpleEvaluationContext context \n        = SimpleEvaluationContext.forReadWriteDataBinding().build();\n    return expression.getValue(context);\n  }\n}\n```\n\n## References\n* Spring Framework Reference Documentation: [Spring Expression Language (SpEL)](https://docs.spring.io/spring/docs/4.2.x/spring-framework-reference/html/expressions.html).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n"
+                },
+                "properties": {
+                  "tags": [
+                    "external/cwe/cwe-094",
+                    "security"
                   ]
                 }
-              ]
-            }
-          ],
-          "correlationGuid": "003f2452-d35e-46ee-b919-38e38771d412",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 12,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
+              },
+              {
+                "id": "java/spring-disabled-csrf-protection",
+                "name": "java/spring-disabled-csrf-protection",
+                "short_description": {
+                  "text": "Disabled Spring CSRF protection"
                 },
-                "region": {
-                  "endColumn": 65,
-                  "endLine": 66,
-                  "startColumn": 60,
-                  "startLine": 66
+                "full_description": {
+                  "text": "Disabling CSRF protection makes the application vulnerable to a Cross-Site Request Forgery (CSRF) attack."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Disabled Spring CSRF protection\nWhen you set up a web server to receive a request from a client without any mechanism for verifying that it was intentionally sent, then it is vulnerable to attack. An attacker can trick a client into making an unintended request to the web server that will be treated as an authentic request. This can be done via a URL, image load, XMLHttpRequest, etc. and can result in exposure of data or unintended code execution.\n\n\n## Recommendation\nWhen you use Spring, Cross-Site Request Forgery (CSRF) protection is enabled by default. Spring's recommendation is to use CSRF protection for any request that could be processed by a browser client by normal users.\n\n\n## Example\nThe following example shows the Spring Java configuration with CSRF protection disabled. This type of configuration should only be used if you are creating a service that is used only by non-browser clients.\n\n\n```java\nimport org.springframework.context.annotation.Configuration;\nimport org.springframework.security.config.annotation.web.builders.HttpSecurity;\nimport org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;\nimport org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;\n\n@EnableWebSecurity\n@Configuration\npublic class WebSecurityConfig extends WebSecurityConfigurerAdapter {\n  @Override\n  protected void configure(HttpSecurity http) throws Exception {\n    http\n      .csrf(csrf ->\n        // BAD - CSRF protection shouldn't be disabled\n        csrf.disable() \n      );\n  }\n}\n\n```\n\n## References\n* OWASP: [Cross-Site Request Forgery (CSRF)](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)).\n* Spring Security Reference: [ Cross Site Request Forgery (CSRF) for Servlet Environments ](https://docs.spring.io/spring-security/site/docs/current/reference/html5/#servlet-csrf).\n* Common Weakness Enumeration: [CWE-352](https://cwe.mitre.org/data/definitions/352.html).\n",
+                  "markdown": "# Disabled Spring CSRF protection\nWhen you set up a web server to receive a request from a client without any mechanism for verifying that it was intentionally sent, then it is vulnerable to attack. An attacker can trick a client into making an unintended request to the web server that will be treated as an authentic request. This can be done via a URL, image load, XMLHttpRequest, etc. and can result in exposure of data or unintended code execution.\n\n\n## Recommendation\nWhen you use Spring, Cross-Site Request Forgery (CSRF) protection is enabled by default. Spring's recommendation is to use CSRF protection for any request that could be processed by a browser client by normal users.\n\n\n## Example\nThe following example shows the Spring Java configuration with CSRF protection disabled. This type of configuration should only be used if you are creating a service that is used only by non-browser clients.\n\n\n```java\nimport org.springframework.context.annotation.Configuration;\nimport org.springframework.security.config.annotation.web.builders.HttpSecurity;\nimport org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;\nimport org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;\n\n@EnableWebSecurity\n@Configuration\npublic class WebSecurityConfig extends WebSecurityConfigurerAdapter {\n  @Override\n  protected void configure(HttpSecurity http) throws Exception {\n    http\n      .csrf(csrf ->\n        // BAD - CSRF protection shouldn't be disabled\n        csrf.disable() \n      );\n  }\n}\n\n```\n\n## References\n* OWASP: [Cross-Site Request Forgery (CSRF)](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)).\n* Spring Security Reference: [ Cross Site Request Forgery (CSRF) for Servlet Environments ](https://docs.spring.io/spring-security/site/docs/current/reference/html5/#servlet-csrf).\n* Common Weakness Enumeration: [CWE-352](https://cwe.mitre.org/data/definitions/352.html).\n"
+                },
+                "properties": {
+                  "security-severity": "8.800000",
+                  "tags": [
+                    "external/cwe/cwe-352",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "Query might include code from [this user input](1).\nQuery might include code from [this user input](2)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "615295edb2bddc7:1"
-          },
-          "properties": {
-            "github/alertNumber": 9,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/9"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "this user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
+              {
+                "id": "java/sql-injection",
+                "name": "java/sql-injection",
+                "short_description": {
+                  "text": "Query built from user-controlled sources"
                 },
-                "region": {
-                  "endColumn": 60,
-                  "endLine": 54,
-                  "startColumn": 35,
-                  "startLine": 54
+                "full_description": {
+                  "text": "Building a SQL or Java Persistence query from user-controlled sources is vulnerable to insertion of malicious code by the user."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Query built from user-controlled sources\nIf a database query is built using string concatenation, and the components of the concatenation include user input, a user is likely to be able to run malicious database queries. This applies to various database query languages, including SQL and the Java Persistence Query Language.\n\n\n## Recommendation\nUsually, it is better to use a SQL prepared statement than to build a complete SQL query with string concatenation. A prepared statement can include a wildcard, written as a question mark (?), for each part of the SQL query that is expected to be filled in by a different value each time it is run. When the query is later executed, a value must be supplied for each wildcard in the query.\n\nIn the Java Persistence Query Language, it is better to use queries with parameters than to build a complete query with string concatenation. A Java Persistence query can include a parameter placeholder for each part of the query that is expected to be filled in by a different value when run. A parameter placeholder may be indicated by a colon (:) followed by a parameter name, or by a question mark (?) followed by an integer position. When the query is later executed, a value must be supplied for each parameter in the query, using the `setParameter` method. Specifying the query using the `@NamedQuery` annotation introduces an additional level of safety: the query must be a constant string literal, preventing construction by string concatenation, and the only way to fill in values for parts of the query is by setting positional parameters.\n\nIt is good practice to use prepared statements (in SQL) or query parameters (in the Java Persistence Query Language) for supplying parameter values to a query, whether or not any of the parameters are directly traceable to user input. Doing so avoids any need to worry about quoting and escaping.\n\n\n## Example\nIn the following example, the code runs a simple SQL query in two different ways.\n\nThe first way involves building a query, `query1`, by concatenating an environment variable with some string literals. The environment variable can include special characters, so this code allows for SQL injection attacks.\n\nThe second way, which shows good practice, involves building a query, `query2`, with a single string literal that includes a wildcard (`?`). The wildcard is then given a value by calling `setString`. This version is immune to injection attacks, because any special characters in the environment variable are not given any special treatment.\n\n\n```java\n{\n    // BAD: the category might have SQL special characters in it\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Statement statement = connection.createStatement();\n    String query1 = \"SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='\"\n        + category + \"' ORDER BY PRICE\";\n    ResultSet results = statement.executeQuery(query1);\n}\n\n{\n    // GOOD: use a prepared query\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query2 = \"SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=? ORDER BY PRICE\";\n    PreparedStatement statement = connection.prepareStatement(query2);\n    statement.setString(1, category);\n    ResultSet results = statement.executeQuery();\n}\n```\n\n## Example\nThe following code shows several different ways to run a Java Persistence query.\n\nThe first example involves building a query, `query1`, by concatenating an environment variable with some string literals. Just like the SQL example, the environment variable can include special characters, so this code allows for Java Persistence query injection attacks.\n\nThe remaining examples demonstrate different methods for safely building a Java Persistence query with user-supplied values:\n\n1. `query2` uses a single string literal that includes a placeholder for a parameter, indicated by a colon (`:`) and parameter name (`category`).\n1. `query3` uses a single string literal that includes a placeholder for a parameter, indicated by a question mark (`?`) and position number (`1`).\n1. `namedQuery1` is defined using the `@NamedQuery` annotation, whose `query` attribute is a string literal that includes a placeholder for a parameter, indicated by a colon (`:`) and parameter name (`category`).\n1. `namedQuery2` is defined using the `@NamedQuery` annotation, whose `query` attribute includes a placeholder for a parameter, indicated by a question mark (`?`) and position number (`1`).\nThe parameter is then given a value by calling `setParameter`. These versions are immune to injection attacks, because any special characters in the environment variable or user-supplied value are not given any special treatment.\n\n\n```java\n{\n    // BAD: the category might have Java Persistence Query Language special characters in it\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Statement statement = connection.createStatement();\n    String query1 = \"SELECT p FROM Product p WHERE p.category LIKE '\"\n        + category + \"' ORDER BY p.price\";\n    Query q = entityManager.createQuery(query1);\n}\n\n{\n    // GOOD: use a named parameter and set its value\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query2 = \"SELECT p FROM Product p WHERE p.category LIKE :category ORDER BY p.price\"\n    Query q = entityManager.createQuery(query2);\n    q.setParameter(\"category\", category);\n}\n\n{\n    // GOOD: use a positional parameter and set its value\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query3 = \"SELECT p FROM Product p WHERE p.category LIKE ?1 ORDER BY p.price\"\n    Query q = entityManager.createQuery(query3);\n    q.setParameter(1, category);\n}\n\n{\n    // GOOD: use a named query with a named parameter and set its value\n    @NamedQuery(\n            name=\"lookupByCategory\",\n            query=\"SELECT p FROM Product p WHERE p.category LIKE :category ORDER BY p.price\")\n    private static class NQ {}\n    ...\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Query namedQuery1 = entityManager.createNamedQuery(\"lookupByCategory\");\n    namedQuery1.setParameter(\"category\", category);\n}\n\n{\n    // GOOD: use a named query with a positional parameter and set its value\n    @NamedQuery(\n            name=\"lookupByCategory\",\n            query=\"SELECT p FROM Product p WHERE p.category LIKE ?1 ORDER BY p.price\")\n    private static class NQ {}\n    ...\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Query namedQuery2 = entityManager.createNamedQuery(\"lookupByCategory\");\n    namedQuery2.setParameter(1, category);\n}\n```\n\n## References\n* OWASP: [SQL Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html).\n* SEI CERT Oracle Coding Standard for Java: [IDS00-J. Prevent SQL injection](https://wiki.sei.cmu.edu/confluence/display/java/IDS00-J.+Prevent+SQL+injection).\n* The Java Tutorials: [Using Prepared Statements](https://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html).\n* The Java EE Tutorial: [The Java Persistence Query Language](https://docs.oracle.com/javaee/7/tutorial/persistence-querylanguage.htm).\n* Common Weakness Enumeration: [CWE-89](https://cwe.mitre.org/data/definitions/89.html).\n* Common Weakness Enumeration: [CWE-564](https://cwe.mitre.org/data/definitions/564.html).\n",
+                  "markdown": "# Query built from user-controlled sources\nIf a database query is built using string concatenation, and the components of the concatenation include user input, a user is likely to be able to run malicious database queries. This applies to various database query languages, including SQL and the Java Persistence Query Language.\n\n\n## Recommendation\nUsually, it is better to use a SQL prepared statement than to build a complete SQL query with string concatenation. A prepared statement can include a wildcard, written as a question mark (?), for each part of the SQL query that is expected to be filled in by a different value each time it is run. When the query is later executed, a value must be supplied for each wildcard in the query.\n\nIn the Java Persistence Query Language, it is better to use queries with parameters than to build a complete query with string concatenation. A Java Persistence query can include a parameter placeholder for each part of the query that is expected to be filled in by a different value when run. A parameter placeholder may be indicated by a colon (:) followed by a parameter name, or by a question mark (?) followed by an integer position. When the query is later executed, a value must be supplied for each parameter in the query, using the `setParameter` method. Specifying the query using the `@NamedQuery` annotation introduces an additional level of safety: the query must be a constant string literal, preventing construction by string concatenation, and the only way to fill in values for parts of the query is by setting positional parameters.\n\nIt is good practice to use prepared statements (in SQL) or query parameters (in the Java Persistence Query Language) for supplying parameter values to a query, whether or not any of the parameters are directly traceable to user input. Doing so avoids any need to worry about quoting and escaping.\n\n\n## Example\nIn the following example, the code runs a simple SQL query in two different ways.\n\nThe first way involves building a query, `query1`, by concatenating an environment variable with some string literals. The environment variable can include special characters, so this code allows for SQL injection attacks.\n\nThe second way, which shows good practice, involves building a query, `query2`, with a single string literal that includes a wildcard (`?`). The wildcard is then given a value by calling `setString`. This version is immune to injection attacks, because any special characters in the environment variable are not given any special treatment.\n\n\n```java\n{\n    // BAD: the category might have SQL special characters in it\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Statement statement = connection.createStatement();\n    String query1 = \"SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='\"\n        + category + \"' ORDER BY PRICE\";\n    ResultSet results = statement.executeQuery(query1);\n}\n\n{\n    // GOOD: use a prepared query\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query2 = \"SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=? ORDER BY PRICE\";\n    PreparedStatement statement = connection.prepareStatement(query2);\n    statement.setString(1, category);\n    ResultSet results = statement.executeQuery();\n}\n```\n\n## Example\nThe following code shows several different ways to run a Java Persistence query.\n\nThe first example involves building a query, `query1`, by concatenating an environment variable with some string literals. Just like the SQL example, the environment variable can include special characters, so this code allows for Java Persistence query injection attacks.\n\nThe remaining examples demonstrate different methods for safely building a Java Persistence query with user-supplied values:\n\n1. `query2` uses a single string literal that includes a placeholder for a parameter, indicated by a colon (`:`) and parameter name (`category`).\n1. `query3` uses a single string literal that includes a placeholder for a parameter, indicated by a question mark (`?`) and position number (`1`).\n1. `namedQuery1` is defined using the `@NamedQuery` annotation, whose `query` attribute is a string literal that includes a placeholder for a parameter, indicated by a colon (`:`) and parameter name (`category`).\n1. `namedQuery2` is defined using the `@NamedQuery` annotation, whose `query` attribute includes a placeholder for a parameter, indicated by a question mark (`?`) and position number (`1`).\nThe parameter is then given a value by calling `setParameter`. These versions are immune to injection attacks, because any special characters in the environment variable or user-supplied value are not given any special treatment.\n\n\n```java\n{\n    // BAD: the category might have Java Persistence Query Language special characters in it\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Statement statement = connection.createStatement();\n    String query1 = \"SELECT p FROM Product p WHERE p.category LIKE '\"\n        + category + \"' ORDER BY p.price\";\n    Query q = entityManager.createQuery(query1);\n}\n\n{\n    // GOOD: use a named parameter and set its value\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query2 = \"SELECT p FROM Product p WHERE p.category LIKE :category ORDER BY p.price\"\n    Query q = entityManager.createQuery(query2);\n    q.setParameter(\"category\", category);\n}\n\n{\n    // GOOD: use a positional parameter and set its value\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query3 = \"SELECT p FROM Product p WHERE p.category LIKE ?1 ORDER BY p.price\"\n    Query q = entityManager.createQuery(query3);\n    q.setParameter(1, category);\n}\n\n{\n    // GOOD: use a named query with a named parameter and set its value\n    @NamedQuery(\n            name=\"lookupByCategory\",\n            query=\"SELECT p FROM Product p WHERE p.category LIKE :category ORDER BY p.price\")\n    private static class NQ {}\n    ...\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Query namedQuery1 = entityManager.createNamedQuery(\"lookupByCategory\");\n    namedQuery1.setParameter(\"category\", category);\n}\n\n{\n    // GOOD: use a named query with a positional parameter and set its value\n    @NamedQuery(\n            name=\"lookupByCategory\",\n            query=\"SELECT p FROM Product p WHERE p.category LIKE ?1 ORDER BY p.price\")\n    private static class NQ {}\n    ...\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Query namedQuery2 = entityManager.createNamedQuery(\"lookupByCategory\");\n    namedQuery2.setParameter(1, category);\n}\n```\n\n## References\n* OWASP: [SQL Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html).\n* SEI CERT Oracle Coding Standard for Java: [IDS00-J. Prevent SQL injection](https://wiki.sei.cmu.edu/confluence/display/java/IDS00-J.+Prevent+SQL+injection).\n* The Java Tutorials: [Using Prepared Statements](https://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html).\n* The Java EE Tutorial: [The Java Persistence Query Language](https://docs.oracle.com/javaee/7/tutorial/persistence-querylanguage.htm).\n* Common Weakness Enumeration: [CWE-89](https://cwe.mitre.org/data/definitions/89.html).\n* Common Weakness Enumeration: [CWE-564](https://cwe.mitre.org/data/definitions/564.html).\n"
+                },
+                "properties": {
+                  "security-severity": "8.800000",
+                  "tags": [
+                    "external/cwe/cwe-089",
+                    "external/cwe/cwe-564",
+                    "security"
+                  ]
                 }
-              }
-            },
-            {
-              "id": 2,
-              "message": {
-                "text": "this user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java"
+              {
+                "id": "java/ssrf",
+                "name": "java/ssrf",
+                "short_description": {
+                  "text": "Server-side request forgery"
                 },
-                "region": {
-                  "endColumn": 91,
-                  "endLine": 54,
-                  "startColumn": 62,
-                  "startLine": 54
+                "full_description": {
+                  "text": "Making web requests based on unvalidated user-input may cause the server to communicate with malicious servers."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Server-side request forgery\nDirectly incorporating user input into an HTTP request without validating the input can facilitate server-side request forgery (SSRF) attacks. In these attacks, the server may be tricked into making a request and interacting with an attacker-controlled server.\n\n\n## Recommendation\nTo guard against SSRF attacks, you should avoid putting user-provided input directly into a request URL. Instead, maintain a list of authorized URLs on the server; then choose from that list based on the input provided. Alternatively, ensure requests constructed from user input are limited to a particular host or more restrictive URL prefix.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly to form a new request without validating the input, which facilitates SSRF attacks. It also shows how to remedy the problem by validating the user input against a known fixed string.\n\n\n```java\nimport java.net.http.HttpClient;\n\npublic class SSRF extends HttpServlet {\n\tprivate static final String VALID_URI = \"http://lgtm.com\";\n\tprivate HttpClient client = HttpClient.newHttpClient();\n\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\t\tthrows ServletException, IOException {\n\t\tURI uri = new URI(request.getParameter(\"uri\"));\n\t\t// BAD: a request parameter is incorporated without validation into a Http request\n\t\tHttpRequest r = HttpRequest.newBuilder(uri).build();\n\t\tclient.send(r, null);\n\n\t\t// GOOD: the request parameter is validated against a known fixed string\n\t\tif (VALID_URI.equals(request.getParameter(\"uri\"))) {\n\t\t\tHttpRequest r2 = HttpRequest.newBuilder(uri).build();\n\t\t\tclient.send(r2, null);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* [OWASP SSRF](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n* Common Weakness Enumeration: [CWE-918](https://cwe.mitre.org/data/definitions/918.html).\n",
+                  "markdown": "# Server-side request forgery\nDirectly incorporating user input into an HTTP request without validating the input can facilitate server-side request forgery (SSRF) attacks. In these attacks, the server may be tricked into making a request and interacting with an attacker-controlled server.\n\n\n## Recommendation\nTo guard against SSRF attacks, you should avoid putting user-provided input directly into a request URL. Instead, maintain a list of authorized URLs on the server; then choose from that list based on the input provided. Alternatively, ensure requests constructed from user input are limited to a particular host or more restrictive URL prefix.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly to form a new request without validating the input, which facilitates SSRF attacks. It also shows how to remedy the problem by validating the user input against a known fixed string.\n\n\n```java\nimport java.net.http.HttpClient;\n\npublic class SSRF extends HttpServlet {\n\tprivate static final String VALID_URI = \"http://lgtm.com\";\n\tprivate HttpClient client = HttpClient.newHttpClient();\n\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\t\tthrows ServletException, IOException {\n\t\tURI uri = new URI(request.getParameter(\"uri\"));\n\t\t// BAD: a request parameter is incorporated without validation into a Http request\n\t\tHttpRequest r = HttpRequest.newBuilder(uri).build();\n\t\tclient.send(r, null);\n\n\t\t// GOOD: the request parameter is validated against a known fixed string\n\t\tif (VALID_URI.equals(request.getParameter(\"uri\"))) {\n\t\t\tHttpRequest r2 = HttpRequest.newBuilder(uri).build();\n\t\t\tclient.send(r2, null);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* [OWASP SSRF](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n* Common Weakness Enumeration: [CWE-918](https://cwe.mitre.org/data/definitions/918.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.100000",
+                  "tags": [
+                    "external/cwe/cwe-918",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 28
-          }
-        },
-        {
-          "codeFlows": [
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "userid : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 13,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java"
-                          },
-                          "region": {
-                            "endColumn": 62,
-                            "endLine": 51,
-                            "startColumn": 35,
-                            "startLine": 51
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "userid : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 13,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java"
-                          },
-                          "region": {
-                            "endColumn": 51,
-                            "endLine": 52,
-                            "startColumn": 45,
-                            "startLine": 52
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "accountName : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 13,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java"
-                          },
-                          "region": {
-                            "endColumn": 82,
-                            "endLine": 55,
-                            "startColumn": 64,
-                            "startLine": 55
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "queryString"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 13,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java"
-                          },
-                          "region": {
-                            "endColumn": 78,
-                            "endLine": 58,
-                            "startColumn": 67,
-                            "startLine": 58
-                          }
-                        }
-                      }
-                    }
+              },
+              {
+                "id": "java/stack-trace-exposure",
+                "name": "java/stack-trace-exposure",
+                "short_description": {
+                  "text": "Information exposure through a stack trace"
+                },
+                "full_description": {
+                  "text": "Information from a stack trace propagates to an external user. Stack traces can unintentionally reveal implementation details that are useful to an attacker for developing a subsequent exploit."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Information exposure through a stack trace\nSoftware developers often add stack traces to error messages, as a debugging aid. Whenever that error message occurs for an end user, the developer can use the stack trace to help identify how to fix the problem. In particular, stack traces can tell the developer more about the sequence of events that led to a failure, as opposed to merely the final state of the software when the error occurred.\n\nUnfortunately, the same information can be useful to an attacker. The sequence of class names in a stack trace can reveal the structure of the application as well as any internal components it relies on. Furthermore, the error message at the top of a stack trace can include information such as server-side file names and SQL code that the application relies on, allowing an attacker to fine-tune a subsequent injection attack.\n\n\n## Recommendation\nSend the user a more generic error message that reveals less information. Either suppress the stack trace entirely, or log it only on the server.\n\n\n## Example\nIn the following example, an exception is handled in two different ways. In the first version, labeled BAD, the exception is sent back to the remote user using the `sendError()` method. As such, the user is able to see a detailed stack trace, which may contain sensitive information. In the second version, the error message is logged only on the server. That way, the developers can still access and use the error log, but remote users will not see the information.\n\n\n```java\nprotected void doGet(HttpServletRequest request, HttpServletResponse response) {\n\ttry {\n\t\tdoSomeWork();\n\t} catch (NullPointerException ex) {\n\t\t// BAD: printing a stack trace back to the response\n\t\tex.printStackTrace(response.getWriter());\n\t\treturn;\n\t}\n\n\ttry {\n\t\tdoSomeWork();\n\t} catch (NullPointerException ex) {\n\t\t// GOOD: log the stack trace, and send back a non-revealing response\n\t\tlog(\"Exception occurred\", ex);\n\t\tresponse.sendError(\n\t\t\tHttpServletResponse.SC_INTERNAL_SERVER_ERROR,\n\t\t\t\"Exception occurred\");\n\t\treturn;\n\t}\n}\n\n```\n\n## References\n* OWASP: [Improper Error Handling](https://owasp.org/www-community/Improper_Error_Handling).\n* CERT Java Coding Standard: [ERR01-J. Do not allow exceptions to expose sensitive information](https://www.securecoding.cert.org/confluence/display/java/ERR01-J.+Do+not+allow+exceptions+to+expose+sensitive+information).\n* Common Weakness Enumeration: [CWE-209](https://cwe.mitre.org/data/definitions/209.html).\n* Common Weakness Enumeration: [CWE-497](https://cwe.mitre.org/data/definitions/497.html).\n",
+                  "markdown": "# Information exposure through a stack trace\nSoftware developers often add stack traces to error messages, as a debugging aid. Whenever that error message occurs for an end user, the developer can use the stack trace to help identify how to fix the problem. In particular, stack traces can tell the developer more about the sequence of events that led to a failure, as opposed to merely the final state of the software when the error occurred.\n\nUnfortunately, the same information can be useful to an attacker. The sequence of class names in a stack trace can reveal the structure of the application as well as any internal components it relies on. Furthermore, the error message at the top of a stack trace can include information such as server-side file names and SQL code that the application relies on, allowing an attacker to fine-tune a subsequent injection attack.\n\n\n## Recommendation\nSend the user a more generic error message that reveals less information. Either suppress the stack trace entirely, or log it only on the server.\n\n\n## Example\nIn the following example, an exception is handled in two different ways. In the first version, labeled BAD, the exception is sent back to the remote user using the `sendError()` method. As such, the user is able to see a detailed stack trace, which may contain sensitive information. In the second version, the error message is logged only on the server. That way, the developers can still access and use the error log, but remote users will not see the information.\n\n\n```java\nprotected void doGet(HttpServletRequest request, HttpServletResponse response) {\n\ttry {\n\t\tdoSomeWork();\n\t} catch (NullPointerException ex) {\n\t\t// BAD: printing a stack trace back to the response\n\t\tex.printStackTrace(response.getWriter());\n\t\treturn;\n\t}\n\n\ttry {\n\t\tdoSomeWork();\n\t} catch (NullPointerException ex) {\n\t\t// GOOD: log the stack trace, and send back a non-revealing response\n\t\tlog(\"Exception occurred\", ex);\n\t\tresponse.sendError(\n\t\t\tHttpServletResponse.SC_INTERNAL_SERVER_ERROR,\n\t\t\t\"Exception occurred\");\n\t\treturn;\n\t}\n}\n\n```\n\n## References\n* OWASP: [Improper Error Handling](https://owasp.org/www-community/Improper_Error_Handling).\n* CERT Java Coding Standard: [ERR01-J. Do not allow exceptions to expose sensitive information](https://www.securecoding.cert.org/confluence/display/java/ERR01-J.+Do+not+allow+exceptions+to+expose+sensitive+information).\n* Common Weakness Enumeration: [CWE-209](https://cwe.mitre.org/data/definitions/209.html).\n* Common Weakness Enumeration: [CWE-497](https://cwe.mitre.org/data/definitions/497.html).\n"
+                },
+                "properties": {
+                  "security-severity": "5.400000",
+                  "tags": [
+                    "external/cwe/cwe-209",
+                    "external/cwe/cwe-497",
+                    "security"
                   ]
                 }
-              ]
-            }
-          ],
-          "correlationGuid": "e1dde0ca-f78f-43f1-a434-b7b036ef6ccd",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 13,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java"
+              },
+              {
+                "id": "java/summary/lines-of-code",
+                "name": "java/summary/lines-of-code",
+                "short_description": {
+                  "text": "Total lines of code in the database"
+                },
+                "full_description": {
+                  "text": "The total number of lines of code across all files. This is a useful metric of the size of a database. For all files that were seen during the build, this query counts the lines of code, excluding whitespace or comments."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "properties": {
+                  "tags": [
+                    "lines-of-code",
+                    "summary"
+                  ]
+                }
+              },
+              {
+                "id": "java/tainted-format-string",
+                "name": "java/tainted-format-string",
+                "short_description": {
+                  "text": "Use of externally-controlled format string"
                 },
-                "region": {
-                  "endColumn": 78,
-                  "endLine": 58,
-                  "startColumn": 67,
-                  "startLine": 58
+                "full_description": {
+                  "text": "Using external input in format strings can lead to exceptions or information leaks."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Use of externally-controlled format string\nThe `String.format` method and related methods, like `PrintStream.printf` and `Formatter.format`, all accept a format string that is used to format the trailing arguments to the format call by providing inline format specifiers. If the format string contains unsanitized input from an untrusted source, then that string may contain extra format specifiers that cause an exception to be thrown or information to be leaked.\n\nThe Java standard library implementation for the format methods throws an exception if either the format specifier does not match the type of the argument, or if there are too few or too many arguments. If unsanitized input is used in the format string, it may contain invalid extra format specifiers which cause an exception to be thrown.\n\nPositional format specifiers may be used to access an argument to the format call by position. Unsanitized input in the format string may use a positional format specifier to access information that was not intended to be visible. For example, when formatting a Calendar instance we may intend to print only the year, but a user-specified format string may include a specifier to access the month and day.\n\n\n## Recommendation\nIf the argument passed as a format string is meant to be a plain string rather than a format string, then pass `%s` as the format string, and pass the original argument as the sole trailing argument.\n\n\n## Example\nThe following program is meant to check a card security code for a stored credit card:\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n  protected void doGet(HttpServletRequest request, HttpServletResponse response)\n  throws ServletException, IOException {\n    Calendar expirationDate = new GregorianCalendar(2017, GregorianCalendar.SEPTEMBER, 1);\n    // User provided value\n    String cardSecurityCode = request.getParameter(\"cardSecurityCode\");\n    \n    if (notValid(cardSecurityCode)) {\n      \n      /*\n       * BAD: user provided value is included in the format string.\n       * A malicious user could provide an extra format specifier, which causes an\n       * exception to be thrown. Or they could provide a %1$tm or %1$te format specifier to\n       * access the month or day of the expiration date.\n       */\n      System.out.format(cardSecurityCode +\n                          \" is not the right value. Hint: the card expires in %1$ty.\",\n                        expirationDate);\n      \n      // GOOD: %s is used to include the user-provided cardSecurityCode in the output\n      System.out.format(\"%s is not the right value. Hint: the card expires in %2$ty.\",\n                        cardSecurityCode,\n                        expirationDate);\n    }\n\n  }\n}\n```\nHowever, in the first format call it uses the cardSecurityCode provided by the user in a format string. If the user includes a format specifier in the cardSecurityCode field, they may be able to cause an exception to be thrown, or to be able to access extra information about the stored card expiration date.\n\nThe second format call shows the correct approach. The user-provided value is passed as an argument to the format call. This prevents any format specifiers in the user provided value from being evaluated.\n\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [IDS06-J. Exclude unsanitized user input from format strings](https://wiki.sei.cmu.edu/confluence/display/java/IDS06-J.+Exclude+unsanitized+user+input+from+format+strings).\n* The Java Tutorials: [Formatting Numeric Print Output](https://docs.oracle.com/javase/tutorial/java/data/numberformat.html).\n* Java API Specification: [Formatter](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/Formatter.html).\n* Common Weakness Enumeration: [CWE-134](https://cwe.mitre.org/data/definitions/134.html).\n",
+                  "markdown": "# Use of externally-controlled format string\nThe `String.format` method and related methods, like `PrintStream.printf` and `Formatter.format`, all accept a format string that is used to format the trailing arguments to the format call by providing inline format specifiers. If the format string contains unsanitized input from an untrusted source, then that string may contain extra format specifiers that cause an exception to be thrown or information to be leaked.\n\nThe Java standard library implementation for the format methods throws an exception if either the format specifier does not match the type of the argument, or if there are too few or too many arguments. If unsanitized input is used in the format string, it may contain invalid extra format specifiers which cause an exception to be thrown.\n\nPositional format specifiers may be used to access an argument to the format call by position. Unsanitized input in the format string may use a positional format specifier to access information that was not intended to be visible. For example, when formatting a Calendar instance we may intend to print only the year, but a user-specified format string may include a specifier to access the month and day.\n\n\n## Recommendation\nIf the argument passed as a format string is meant to be a plain string rather than a format string, then pass `%s` as the format string, and pass the original argument as the sole trailing argument.\n\n\n## Example\nThe following program is meant to check a card security code for a stored credit card:\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n  protected void doGet(HttpServletRequest request, HttpServletResponse response)\n  throws ServletException, IOException {\n    Calendar expirationDate = new GregorianCalendar(2017, GregorianCalendar.SEPTEMBER, 1);\n    // User provided value\n    String cardSecurityCode = request.getParameter(\"cardSecurityCode\");\n    \n    if (notValid(cardSecurityCode)) {\n      \n      /*\n       * BAD: user provided value is included in the format string.\n       * A malicious user could provide an extra format specifier, which causes an\n       * exception to be thrown. Or they could provide a %1$tm or %1$te format specifier to\n       * access the month or day of the expiration date.\n       */\n      System.out.format(cardSecurityCode +\n                          \" is not the right value. Hint: the card expires in %1$ty.\",\n                        expirationDate);\n      \n      // GOOD: %s is used to include the user-provided cardSecurityCode in the output\n      System.out.format(\"%s is not the right value. Hint: the card expires in %2$ty.\",\n                        cardSecurityCode,\n                        expirationDate);\n    }\n\n  }\n}\n```\nHowever, in the first format call it uses the cardSecurityCode provided by the user in a format string. If the user includes a format specifier in the cardSecurityCode field, they may be able to cause an exception to be thrown, or to be able to access extra information about the stored card expiration date.\n\nThe second format call shows the correct approach. The user-provided value is passed as an argument to the format call. This prevents any format specifiers in the user provided value from being evaluated.\n\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [IDS06-J. Exclude unsanitized user input from format strings](https://wiki.sei.cmu.edu/confluence/display/java/IDS06-J.+Exclude+unsanitized+user+input+from+format+strings).\n* The Java Tutorials: [Formatting Numeric Print Output](https://docs.oracle.com/javase/tutorial/java/data/numberformat.html).\n* Java API Specification: [Formatter](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/Formatter.html).\n* Common Weakness Enumeration: [CWE-134](https://cwe.mitre.org/data/definitions/134.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.300000",
+                  "tags": [
+                    "external/cwe/cwe-134",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "Query might include code from [this user input](1)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "c54383daa06514cd:1"
-          },
-          "properties": {
-            "github/alertNumber": 8,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/8"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "this user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java"
+              {
+                "id": "java/tainted-numeric-cast",
+                "name": "java/tainted-numeric-cast",
+                "short_description": {
+                  "text": "User-controlled data in numeric cast"
                 },
-                "region": {
-                  "endColumn": 62,
-                  "endLine": 51,
-                  "startColumn": 35,
-                  "startLine": 51
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 28
-          }
-        },
-        {
-          "codeFlows": [
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "account : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 63,
-                            "endLine": 53,
-                            "startColumn": 35,
-                            "startLine": 53
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "... + ... : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 74,
-                            "endLine": 54,
-                            "startColumn": 32,
-                            "startLine": 54
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "accountName : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 62,
-                            "endLine": 57,
-                            "startColumn": 44,
-                            "startLine": 57
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 65,
-                            "endLine": 62,
-                            "startColumn": 60,
-                            "startLine": 62
-                          }
-                        }
-                      }
-                    }
+                "full_description": {
+                  "text": "Casting user-controlled numeric data to a narrower type without validation can cause unexpected truncation."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# User-controlled data in numeric cast\nCasting a user-controlled numeric value to a narrower type can result in truncated values unless the input is validated.\n\nNarrowing conversions may cause potentially unintended results. For example, casting the positive integer value `128` to type `byte` yields the negative value `-128`.\n\n\n## Recommendation\nGuard against unexpected truncation of user-controlled arithmetic data by doing one of the following:\n\n* Validate the user input.\n* Define a guard on the cast expression, so that the cast is performed only if the input is known to be within the range of the resulting type.\n* Avoid casting to a narrower type, and instead continue to use a wider type.\n\n## Example\nIn this example, a value is read from standard input into a `long`. Because the value is a user-controlled value, it could be extremely large. Casting this value to a narrower type could therefore cause unexpected truncation. The `scaled2` example uses a guard to avoid this problem and checks the range of the input before performing the cast. If the value is too large to cast to type `int` it is rejected as invalid.\n\n\n```java\nclass Test {\n\tpublic static void main(String[] args) throws IOException {\n\t\t{\n\t\t\tlong data;\n\n\t\t\tBufferedReader readerBuffered = new BufferedReader(\n\t\t\t\t\tnew InputStreamReader(System.in, \"UTF-8\"));\n\t\t\tString stringNumber = readerBuffered.readLine();\n\t\t\tif (stringNumber != null) {\n\t\t\t\tdata = Long.parseLong(stringNumber.trim());\n\t\t\t} else {\n\t\t\t\tdata = 0;\n\t\t\t}\n\n\t\t\t// AVOID: potential truncation if input data is very large,\n\t\t\t// for example 'Long.MAX_VALUE'\n\t\t\tint scaled = (int)data;\n\n\t\t\t//...\n\n\t\t\t// GOOD: use a guard to ensure no truncation occurs\n\t\t\tint scaled2;\n\t\t\tif (data > Integer.MIN_VALUE && data < Integer.MAX_VALUE)\n\t\t\t\tscaled2 = (int)data;\n\t\t\telse\n\t\t\t\tthrow new IllegalArgumentException(\"Invalid input\");\n\t\t}\n\t}\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data](https://wiki.sei.cmu.edu/confluence/display/java/NUM12-J.+Ensure+conversions+of+numeric+types+to+narrower+types+do+not+result+in+lost+or+misinterpreted+data).\n* Common Weakness Enumeration: [CWE-197](https://cwe.mitre.org/data/definitions/197.html).\n* Common Weakness Enumeration: [CWE-681](https://cwe.mitre.org/data/definitions/681.html).\n",
+                  "markdown": "# User-controlled data in numeric cast\nCasting a user-controlled numeric value to a narrower type can result in truncated values unless the input is validated.\n\nNarrowing conversions may cause potentially unintended results. For example, casting the positive integer value `128` to type `byte` yields the negative value `-128`.\n\n\n## Recommendation\nGuard against unexpected truncation of user-controlled arithmetic data by doing one of the following:\n\n* Validate the user input.\n* Define a guard on the cast expression, so that the cast is performed only if the input is known to be within the range of the resulting type.\n* Avoid casting to a narrower type, and instead continue to use a wider type.\n\n## Example\nIn this example, a value is read from standard input into a `long`. Because the value is a user-controlled value, it could be extremely large. Casting this value to a narrower type could therefore cause unexpected truncation. The `scaled2` example uses a guard to avoid this problem and checks the range of the input before performing the cast. If the value is too large to cast to type `int` it is rejected as invalid.\n\n\n```java\nclass Test {\n\tpublic static void main(String[] args) throws IOException {\n\t\t{\n\t\t\tlong data;\n\n\t\t\tBufferedReader readerBuffered = new BufferedReader(\n\t\t\t\t\tnew InputStreamReader(System.in, \"UTF-8\"));\n\t\t\tString stringNumber = readerBuffered.readLine();\n\t\t\tif (stringNumber != null) {\n\t\t\t\tdata = Long.parseLong(stringNumber.trim());\n\t\t\t} else {\n\t\t\t\tdata = 0;\n\t\t\t}\n\n\t\t\t// AVOID: potential truncation if input data is very large,\n\t\t\t// for example 'Long.MAX_VALUE'\n\t\t\tint scaled = (int)data;\n\n\t\t\t//...\n\n\t\t\t// GOOD: use a guard to ensure no truncation occurs\n\t\t\tint scaled2;\n\t\t\tif (data > Integer.MIN_VALUE && data < Integer.MAX_VALUE)\n\t\t\t\tscaled2 = (int)data;\n\t\t\telse\n\t\t\t\tthrow new IllegalArgumentException(\"Invalid input\");\n\t\t}\n\t}\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data](https://wiki.sei.cmu.edu/confluence/display/java/NUM12-J.+Ensure+conversions+of+numeric+types+to+narrower+types+do+not+result+in+lost+or+misinterpreted+data).\n* Common Weakness Enumeration: [CWE-197](https://cwe.mitre.org/data/definitions/197.html).\n* Common Weakness Enumeration: [CWE-681](https://cwe.mitre.org/data/definitions/681.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.000000",
+                  "tags": [
+                    "external/cwe/cwe-197",
+                    "external/cwe/cwe-681",
+                    "security"
                   ]
                 }
-              ]
-            },
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "operator : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 94,
-                            "endLine": 53,
-                            "startColumn": 65,
-                            "startLine": 53
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "... + ... : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 74,
-                            "endLine": 54,
-                            "startColumn": 32,
-                            "startLine": 54
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "accountName : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 62,
-                            "endLine": 57,
-                            "startColumn": 44,
-                            "startLine": 57
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 65,
-                            "endLine": 62,
-                            "startColumn": 60,
-                            "startLine": 62
-                          }
-                        }
-                      }
-                    }
+              },
+              {
+                "id": "java/tainted-permissions-check",
+                "name": "java/tainted-permissions-check",
+                "short_description": {
+                  "text": "User-controlled data used in permissions check"
+                },
+                "full_description": {
+                  "text": "Using user-controlled data in a permissions check may result in inappropriate permissions being granted."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# User-controlled data used in permissions check\nUsing user-controlled data in a permissions check may allow a user to gain unauthorized access to protected functionality or data.\n\n\n## Recommendation\nWhen checking whether a user is authorized for a particular activity, do not use data that is controlled by that user in the permissions check. If necessary, always validate the input, ideally against a fixed list of expected values.\n\nSimilarly, do not decide which permission to check for based on user data. In particular, avoid using computation to decide which permissions to check for. Use fixed permissions for particular actions, rather than generating the permission to check for.\n\n\n## Example\nThis example, using the Apache Shiro security framework, shows two ways to specify the permissions to check. The first way uses a string, `whatDoTheyWantToDo`, to specify the permissions to check. However, this string is built from user input. This can allow an attacker to force a check against a permission that they know they have, rather than the permission that should be checked. For example, while trying to access the account details of another user, the attacker could force the system to check whether they had permissions to access their *own* account details, which is incorrect, and would allow them to perform the action. The second, more secure way uses a fixed check that does not depend on data that is controlled by the user.\n\n\n```java\npublic static void main(String[] args) {\n\tString whatDoTheyWantToDo = args[0];\n\tSubject subject = SecurityUtils.getSubject();\n\n\t// BAD: permissions decision made using tainted data\n\tif(subject.isPermitted(\"domain:sublevel:\" + whatDoTheyWantToDo))\n\t\tdoIt();\n\n\t// GOOD: use fixed checks\n\tif(subject.isPermitted(\"domain:sublevel:whatTheMethodDoes\"))\n\t\tdoIt();\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SEC02-J. Do not base security checks on untrusted sources](https://wiki.sei.cmu.edu/confluence/display/java/SEC02-J.+Do+not+base+security+checks+on+untrusted+sources).\n* Common Weakness Enumeration: [CWE-807](https://cwe.mitre.org/data/definitions/807.html).\n* Common Weakness Enumeration: [CWE-290](https://cwe.mitre.org/data/definitions/290.html).\n",
+                  "markdown": "# User-controlled data used in permissions check\nUsing user-controlled data in a permissions check may allow a user to gain unauthorized access to protected functionality or data.\n\n\n## Recommendation\nWhen checking whether a user is authorized for a particular activity, do not use data that is controlled by that user in the permissions check. If necessary, always validate the input, ideally against a fixed list of expected values.\n\nSimilarly, do not decide which permission to check for based on user data. In particular, avoid using computation to decide which permissions to check for. Use fixed permissions for particular actions, rather than generating the permission to check for.\n\n\n## Example\nThis example, using the Apache Shiro security framework, shows two ways to specify the permissions to check. The first way uses a string, `whatDoTheyWantToDo`, to specify the permissions to check. However, this string is built from user input. This can allow an attacker to force a check against a permission that they know they have, rather than the permission that should be checked. For example, while trying to access the account details of another user, the attacker could force the system to check whether they had permissions to access their *own* account details, which is incorrect, and would allow them to perform the action. The second, more secure way uses a fixed check that does not depend on data that is controlled by the user.\n\n\n```java\npublic static void main(String[] args) {\n\tString whatDoTheyWantToDo = args[0];\n\tSubject subject = SecurityUtils.getSubject();\n\n\t// BAD: permissions decision made using tainted data\n\tif(subject.isPermitted(\"domain:sublevel:\" + whatDoTheyWantToDo))\n\t\tdoIt();\n\n\t// GOOD: use fixed checks\n\tif(subject.isPermitted(\"domain:sublevel:whatTheMethodDoes\"))\n\t\tdoIt();\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SEC02-J. Do not base security checks on untrusted sources](https://wiki.sei.cmu.edu/confluence/display/java/SEC02-J.+Do+not+base+security+checks+on+untrusted+sources).\n* Common Weakness Enumeration: [CWE-807](https://cwe.mitre.org/data/definitions/807.html).\n* Common Weakness Enumeration: [CWE-290](https://cwe.mitre.org/data/definitions/290.html).\n"
+                },
+                "properties": {
+                  "security-severity": "7.800000",
+                  "tags": [
+                    "external/cwe/cwe-290",
+                    "external/cwe/cwe-807",
+                    "security"
                   ]
                 }
-              ]
-            },
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "injection : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 126,
-                            "endLine": 53,
-                            "startColumn": 96,
-                            "startLine": 53
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "... + ... : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 74,
-                            "endLine": 54,
-                            "startColumn": 32,
-                            "startLine": 54
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "accountName : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 62,
-                            "endLine": 57,
-                            "startColumn": 44,
-                            "startLine": 57
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 14,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
-                          },
-                          "region": {
-                            "endColumn": 65,
-                            "endLine": 62,
-                            "startColumn": 60,
-                            "startLine": 62
-                          }
-                        }
-                      }
-                    }
+              },
+              {
+                "id": "java/unsafe-deserialization",
+                "name": "java/unsafe-deserialization",
+                "short_description": {
+                  "text": "Deserialization of user-controlled data"
+                },
+                "full_description": {
+                  "text": "Deserializing user-controlled data may allow attackers to execute arbitrary code."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Deserialization of user-controlled data\nDeserializing untrusted data using any deserialization framework that allows the construction of arbitrary serializable objects is easily exploitable and in many cases allows an attacker to execute arbitrary code. Even before a deserialized object is returned to the caller of a deserialization method a lot of code may have been executed, including static initializers, constructors, and finalizers. Automatic deserialization of fields means that an attacker may craft a nested combination of objects on which the executed initialization code may have unforeseen effects, such as the execution of arbitrary code.\n\nThere are many different serialization frameworks. This query currently supports Kryo, XmlDecoder, XStream, SnakeYaml, JYaml, JsonIO, YAMLBeans, HessianBurlap, Castor, Burlap, Jackson, Jabsorb, Jodd JSON, Flexjson, Gson and Java IO serialization through `ObjectInputStream`/`ObjectOutputStream`.\n\n\n## Recommendation\nAvoid deserialization of untrusted data if at all possible. If the architecture permits it then use other formats instead of serialized objects, for example JSON or XML. However, these formats should not be deserialized into complex objects because this provides further opportunities for attack. For example, XML-based deserialization attacks are possible through libraries such as XStream and XmlDecoder. Alternatively, a tightly controlled whitelist can limit the vulnerability of code, but be aware of the existence of so-called Bypass Gadgets, which can circumvent such protection measures.\n\n\n## Example\nThe following example calls `readObject` directly on an `ObjectInputStream` that is constructed from untrusted data, and is therefore inherently unsafe.\n\n\n```java\npublic MyObject {\n  public int field;\n  MyObject(int field) {\n    this.field = field;\n  }\n}\n\npublic MyObject deserialize(Socket sock) {\n  try(ObjectInputStream in = new ObjectInputStream(sock.getInputStream())) {\n    return (MyObject)in.readObject(); // unsafe\n  }\n}\n\n```\nRewriting the communication protocol to only rely on reading primitive types from the input stream removes the vulnerability.\n\n\n```java\npublic MyObject deserialize(Socket sock) {\n  try(DataInputStream in = new DataInputStream(sock.getInputStream())) {\n    return new MyObject(in.readInt());\n  }\n}\n\n```\n\n## References\n* OWASP vulnerability description: [Deserialization of untrusted data](https://www.owasp.org/index.php/Deserialization_of_untrusted_data).\n* OWASP guidance on deserializing objects: [Deserialization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html).\n* Talks by Chris Frohoff &amp; Gabriel Lawrence: [ AppSecCali 2015: Marshalling Pickles - how deserializing objects will ruin your day](http://frohoff.github.io/appseccali-marshalling-pickles/), [OWASP SD: Deserialize My Shorts: Or How I Learned to Start Worrying and Hate Java Object Deserialization](http://frohoff.github.io/owaspsd-deserialize-my-shorts/).\n* Alvaro Muñoz &amp; Christian Schneider, RSAConference 2016: [Serial Killer: Silently Pwning Your Java Endpoints](https://speakerdeck.com/pwntester/serial-killer-silently-pwning-your-java-endpoints).\n* SnakeYaml documentation on deserialization: [SnakeYaml deserialization](https://bitbucket.org/asomov/snakeyaml/wiki/Documentation#markdown-header-loading-yaml).\n* Hessian deserialization and related gadget chains: [Hessian deserialization](https://paper.seebug.org/1137/).\n* Castor and Hessian java deserialization vulnerabilities: [Castor and Hessian deserialization](https://securitylab.github.com/research/hessian-java-deserialization-castor-vulnerabilities/).\n* Remote code execution in JYaml library: [JYaml deserialization](https://www.cybersecurity-help.cz/vdb/SB2020022512).\n* JsonIO deserialization vulnerabilities: [JsonIO deserialization](https://klezvirus.github.io/Advanced-Web-Hacking/Serialisation/).\n* Research by Moritz Bechler: [Java Unmarshaller Security - Turning your data into code execution](https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true)\n* Blog posts by the developer of Jackson libraries: [On Jackson CVEs: Don’t Panic — Here is what you need to know](https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062) [Jackson 2.10: Safe Default Typing](https://cowtowncoder.medium.com/jackson-2-10-safe-default-typing-2d018f0ce2ba)\n* Jabsorb documentation on deserialization: [Jabsorb JSON Serializer](https://github.com/Servoy/jabsorb/blob/master/src/org/jabsorb/).\n* Jodd JSON documentation on deserialization: [JoddJson Parser](https://json.jodd.org/parser).\n* RCE in Flexjson: [Flexjson deserialization](https://codewhitesec.blogspot.com/2020/03/liferay-portal-json-vulns.html).\n* Android Intent deserialization vulnerabilities with GSON parser: [Insecure use of JSON parsers](https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android/#insecure-use-of-json-parsers).\n* Common Weakness Enumeration: [CWE-502](https://cwe.mitre.org/data/definitions/502.html).\n",
+                  "markdown": "# Deserialization of user-controlled data\nDeserializing untrusted data using any deserialization framework that allows the construction of arbitrary serializable objects is easily exploitable and in many cases allows an attacker to execute arbitrary code. Even before a deserialized object is returned to the caller of a deserialization method a lot of code may have been executed, including static initializers, constructors, and finalizers. Automatic deserialization of fields means that an attacker may craft a nested combination of objects on which the executed initialization code may have unforeseen effects, such as the execution of arbitrary code.\n\nThere are many different serialization frameworks. This query currently supports Kryo, XmlDecoder, XStream, SnakeYaml, JYaml, JsonIO, YAMLBeans, HessianBurlap, Castor, Burlap, Jackson, Jabsorb, Jodd JSON, Flexjson, Gson and Java IO serialization through `ObjectInputStream`/`ObjectOutputStream`.\n\n\n## Recommendation\nAvoid deserialization of untrusted data if at all possible. If the architecture permits it then use other formats instead of serialized objects, for example JSON or XML. However, these formats should not be deserialized into complex objects because this provides further opportunities for attack. For example, XML-based deserialization attacks are possible through libraries such as XStream and XmlDecoder. Alternatively, a tightly controlled whitelist can limit the vulnerability of code, but be aware of the existence of so-called Bypass Gadgets, which can circumvent such protection measures.\n\n\n## Example\nThe following example calls `readObject` directly on an `ObjectInputStream` that is constructed from untrusted data, and is therefore inherently unsafe.\n\n\n```java\npublic MyObject {\n  public int field;\n  MyObject(int field) {\n    this.field = field;\n  }\n}\n\npublic MyObject deserialize(Socket sock) {\n  try(ObjectInputStream in = new ObjectInputStream(sock.getInputStream())) {\n    return (MyObject)in.readObject(); // unsafe\n  }\n}\n\n```\nRewriting the communication protocol to only rely on reading primitive types from the input stream removes the vulnerability.\n\n\n```java\npublic MyObject deserialize(Socket sock) {\n  try(DataInputStream in = new DataInputStream(sock.getInputStream())) {\n    return new MyObject(in.readInt());\n  }\n}\n\n```\n\n## References\n* OWASP vulnerability description: [Deserialization of untrusted data](https://www.owasp.org/index.php/Deserialization_of_untrusted_data).\n* OWASP guidance on deserializing objects: [Deserialization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html).\n* Talks by Chris Frohoff &amp; Gabriel Lawrence: [ AppSecCali 2015: Marshalling Pickles - how deserializing objects will ruin your day](http://frohoff.github.io/appseccali-marshalling-pickles/), [OWASP SD: Deserialize My Shorts: Or How I Learned to Start Worrying and Hate Java Object Deserialization](http://frohoff.github.io/owaspsd-deserialize-my-shorts/).\n* Alvaro Muñoz &amp; Christian Schneider, RSAConference 2016: [Serial Killer: Silently Pwning Your Java Endpoints](https://speakerdeck.com/pwntester/serial-killer-silently-pwning-your-java-endpoints).\n* SnakeYaml documentation on deserialization: [SnakeYaml deserialization](https://bitbucket.org/asomov/snakeyaml/wiki/Documentation#markdown-header-loading-yaml).\n* Hessian deserialization and related gadget chains: [Hessian deserialization](https://paper.seebug.org/1137/).\n* Castor and Hessian java deserialization vulnerabilities: [Castor and Hessian deserialization](https://securitylab.github.com/research/hessian-java-deserialization-castor-vulnerabilities/).\n* Remote code execution in JYaml library: [JYaml deserialization](https://www.cybersecurity-help.cz/vdb/SB2020022512).\n* JsonIO deserialization vulnerabilities: [JsonIO deserialization](https://klezvirus.github.io/Advanced-Web-Hacking/Serialisation/).\n* Research by Moritz Bechler: [Java Unmarshaller Security - Turning your data into code execution](https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true)\n* Blog posts by the developer of Jackson libraries: [On Jackson CVEs: Don’t Panic — Here is what you need to know](https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062) [Jackson 2.10: Safe Default Typing](https://cowtowncoder.medium.com/jackson-2-10-safe-default-typing-2d018f0ce2ba)\n* Jabsorb documentation on deserialization: [Jabsorb JSON Serializer](https://github.com/Servoy/jabsorb/blob/master/src/org/jabsorb/).\n* Jodd JSON documentation on deserialization: [JoddJson Parser](https://json.jodd.org/parser).\n* RCE in Flexjson: [Flexjson deserialization](https://codewhitesec.blogspot.com/2020/03/liferay-portal-json-vulns.html).\n* Android Intent deserialization vulnerabilities with GSON parser: [Insecure use of JSON parsers](https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android/#insecure-use-of-json-parsers).\n* Common Weakness Enumeration: [CWE-502](https://cwe.mitre.org/data/definitions/502.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.800000",
+                  "tags": [
+                    "external/cwe/cwe-502",
+                    "security"
                   ]
                 }
-              ]
-            }
-          ],
-          "correlationGuid": "19fc92ea-119e-4db5-874a-a9406524dd8b",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 14,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
+              },
+              {
+                "id": "java/unsafe-hostname-verification",
+                "name": "java/unsafe-hostname-verification",
+                "short_description": {
+                  "text": "Unsafe hostname verification"
+                },
+                "full_description": {
+                  "text": "Marking a certificate as valid for a host without checking the certificate hostname allows an attacker to perform a machine-in-the-middle attack."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Unsafe hostname verification\nIf a `HostnameVerifier` always returns `true` it will not verify the hostname at all. This stops Transport Layer Security (TLS) providing any security and allows an attacker to perform a man-in-the-middle attack against the application.\n\nAn attack might look like this:\n\n1. The program connects to `https://example.com`.\n1. The attacker intercepts this connection and presents an apparently-valid certificate of their choosing.\n1. The `TrustManager` of the program verifies that the certificate has been issued by a trusted certificate authority.\n1. The Java HTTPS library checks whether the certificate has been issued for the host `example.com`. This check fails because the certificate has been issued for a domain controlled by the attacker, for example: `malicious.domain`.\n1. The HTTPS library wants to reject the certificate because the hostname does not match. Before doing this it checks whether a `HostnameVerifier` exists.\n1. Your `HostnameVerifier` is called which returns `true` for any certificate so also for this one.\n1. The program proceeds with the connection since your `HostnameVerifier` accepted it.\n1. The attacker can now read the data your program sends to `https://example.com` and/or alter its replies while the program thinks the connection is secure.\n\n## Recommendation\nDo not use an open `HostnameVerifier`. If you have a configuration problem with TLS/HTTPS, you should always solve the configuration problem instead of using an open verifier.\n\n\n## Example\nIn the first (bad) example, the `HostnameVerifier` always returns `true`. This allows an attacker to perform a man-in-the-middle attack, because any certificate is accepted despite an incorrect hostname. In the second (good) example, the `HostnameVerifier` only returns `true` when the certificate has been correctly checked.\n\n\n```java\npublic static void main(String[] args) {\n\n\t{\n\t\tHostnameVerifier verifier = new HostnameVerifier() {\n\t\t\t@Override\n\t\t\tpublic boolean verify(String hostname, SSLSession session) {\n\t\t\t\treturn true; // BAD: accept even if the hostname doesn't match\n\t\t\t}\n\t\t};\n\t\tHttpsURLConnection.setDefaultHostnameVerifier(verifier);\n\t}\n\n\t{\n\t\tHostnameVerifier verifier = new HostnameVerifier() {\n\t\t\t@Override\n\t\t\tpublic boolean verify(String hostname, SSLSession session) {\n\t\t\t\ttry { // GOOD: verify the certificate\n\t\t\t\t\tCertificate[] certs = session.getPeerCertificates();\n\t\t\t\t\tX509Certificate x509 = (X509Certificate) certs[0];\n\t\t\t\t\tcheck(new String[]{host}, x509);\n\t\t\t\t\treturn true;\n\t\t\t\t} catch (SSLException e) {\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\t\t\t}\n\t\t};\n\t\tHttpsURLConnection.setDefaultHostnameVerifier(verifier);\n\t}\n\n}\n```\n\n## References\n* Android developers: [Security with HTTPS and SSL](https://developer.android.com/training/articles/security-ssl).\n* Terse systems blog: [Fixing Hostname Verification](https://tersesystems.com/blog/2014/03/23/fixing-hostname-verification/).\n* Common Weakness Enumeration: [CWE-297](https://cwe.mitre.org/data/definitions/297.html).\n",
+                  "markdown": "# Unsafe hostname verification\nIf a `HostnameVerifier` always returns `true` it will not verify the hostname at all. This stops Transport Layer Security (TLS) providing any security and allows an attacker to perform a man-in-the-middle attack against the application.\n\nAn attack might look like this:\n\n1. The program connects to `https://example.com`.\n1. The attacker intercepts this connection and presents an apparently-valid certificate of their choosing.\n1. The `TrustManager` of the program verifies that the certificate has been issued by a trusted certificate authority.\n1. The Java HTTPS library checks whether the certificate has been issued for the host `example.com`. This check fails because the certificate has been issued for a domain controlled by the attacker, for example: `malicious.domain`.\n1. The HTTPS library wants to reject the certificate because the hostname does not match. Before doing this it checks whether a `HostnameVerifier` exists.\n1. Your `HostnameVerifier` is called which returns `true` for any certificate so also for this one.\n1. The program proceeds with the connection since your `HostnameVerifier` accepted it.\n1. The attacker can now read the data your program sends to `https://example.com` and/or alter its replies while the program thinks the connection is secure.\n\n## Recommendation\nDo not use an open `HostnameVerifier`. If you have a configuration problem with TLS/HTTPS, you should always solve the configuration problem instead of using an open verifier.\n\n\n## Example\nIn the first (bad) example, the `HostnameVerifier` always returns `true`. This allows an attacker to perform a man-in-the-middle attack, because any certificate is accepted despite an incorrect hostname. In the second (good) example, the `HostnameVerifier` only returns `true` when the certificate has been correctly checked.\n\n\n```java\npublic static void main(String[] args) {\n\n\t{\n\t\tHostnameVerifier verifier = new HostnameVerifier() {\n\t\t\t@Override\n\t\t\tpublic boolean verify(String hostname, SSLSession session) {\n\t\t\t\treturn true; // BAD: accept even if the hostname doesn't match\n\t\t\t}\n\t\t};\n\t\tHttpsURLConnection.setDefaultHostnameVerifier(verifier);\n\t}\n\n\t{\n\t\tHostnameVerifier verifier = new HostnameVerifier() {\n\t\t\t@Override\n\t\t\tpublic boolean verify(String hostname, SSLSession session) {\n\t\t\t\ttry { // GOOD: verify the certificate\n\t\t\t\t\tCertificate[] certs = session.getPeerCertificates();\n\t\t\t\t\tX509Certificate x509 = (X509Certificate) certs[0];\n\t\t\t\t\tcheck(new String[]{host}, x509);\n\t\t\t\t\treturn true;\n\t\t\t\t} catch (SSLException e) {\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\t\t\t}\n\t\t};\n\t\tHttpsURLConnection.setDefaultHostnameVerifier(verifier);\n\t}\n\n}\n```\n\n## References\n* Android developers: [Security with HTTPS and SSL](https://developer.android.com/training/articles/security-ssl).\n* Terse systems blog: [Fixing Hostname Verification](https://tersesystems.com/blog/2014/03/23/fixing-hostname-verification/).\n* Common Weakness Enumeration: [CWE-297](https://cwe.mitre.org/data/definitions/297.html).\n"
                 },
-                "region": {
-                  "endColumn": 65,
-                  "endLine": 62,
-                  "startColumn": 60,
-                  "startLine": 62
+                "properties": {
+                  "security-severity": "5.900000",
+                  "tags": [
+                    "external/cwe/cwe-297",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "Query might include code from [this user input](1).\nQuery might include code from [this user input](2).\nQuery might include code from [this user input](3)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "2b95e3c48ba92cd0:1"
-          },
-          "properties": {
-            "github/alertNumber": 7,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/7"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "this user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
+              {
+                "id": "java/unvalidated-url-redirection",
+                "name": "java/unvalidated-url-redirection",
+                "short_description": {
+                  "text": "URL redirection from remote source"
                 },
-                "region": {
-                  "endColumn": 63,
-                  "endLine": 53,
-                  "startColumn": 35,
-                  "startLine": 53
+                "full_description": {
+                  "text": "URL redirection based on unvalidated user-input may cause redirection to malicious web sites."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# URL redirection from remote source\nDirectly incorporating user input into a URL redirect request without validating the input can facilitate phishing attacks. In these attacks, unsuspecting users can be redirected to a malicious site that looks very similar to the real site they intend to visit, but which is controlled by the attacker.\n\n\n## Recommendation\nTo guard against untrusted URL redirection, it is advisable to avoid putting user input directly into a redirect URL. Instead, maintain a list of authorized redirects on the server; then choose from that list based on the user input provided.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly in a URL redirect without validating the input, which facilitates phishing attacks. It also shows how to remedy the problem by validating the user input against a known fixed string.\n\n\n```java\npublic class UrlRedirect extends HttpServlet {\n\tprivate static final String VALID_REDIRECT = \"http://cwe.mitre.org/data/definitions/601.html\";\n\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: a request parameter is incorporated without validation into a URL redirect\n\t\tresponse.sendRedirect(request.getParameter(\"target\"));\n\n\t\t// GOOD: the request parameter is validated against a known fixed string\n\t\tif (VALID_REDIRECT.equals(request.getParameter(\"target\"))) {\n\t\t\tresponse.sendRedirect(VALID_REDIRECT);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* Common Weakness Enumeration: [CWE-601](https://cwe.mitre.org/data/definitions/601.html).\n",
+                  "markdown": "# URL redirection from remote source\nDirectly incorporating user input into a URL redirect request without validating the input can facilitate phishing attacks. In these attacks, unsuspecting users can be redirected to a malicious site that looks very similar to the real site they intend to visit, but which is controlled by the attacker.\n\n\n## Recommendation\nTo guard against untrusted URL redirection, it is advisable to avoid putting user input directly into a redirect URL. Instead, maintain a list of authorized redirects on the server; then choose from that list based on the user input provided.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly in a URL redirect without validating the input, which facilitates phishing attacks. It also shows how to remedy the problem by validating the user input against a known fixed string.\n\n\n```java\npublic class UrlRedirect extends HttpServlet {\n\tprivate static final String VALID_REDIRECT = \"http://cwe.mitre.org/data/definitions/601.html\";\n\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: a request parameter is incorporated without validation into a URL redirect\n\t\tresponse.sendRedirect(request.getParameter(\"target\"));\n\n\t\t// GOOD: the request parameter is validated against a known fixed string\n\t\tif (VALID_REDIRECT.equals(request.getParameter(\"target\"))) {\n\t\t\tresponse.sendRedirect(VALID_REDIRECT);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* Common Weakness Enumeration: [CWE-601](https://cwe.mitre.org/data/definitions/601.html).\n"
+                },
+                "properties": {
+                  "security-severity": "6.100000",
+                  "tags": [
+                    "external/cwe/cwe-601",
+                    "security"
+                  ]
                 }
-              }
-            },
-            {
-              "id": 2,
-              "message": {
-                "text": "this user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
+              {
+                "id": "java/weak-cryptographic-algorithm",
+                "name": "java/weak-cryptographic-algorithm",
+                "short_description": {
+                  "text": "Use of a broken or risky cryptographic algorithm"
                 },
-                "region": {
-                  "endColumn": 94,
-                  "endLine": 53,
-                  "startColumn": 65,
-                  "startLine": 53
+                "full_description": {
+                  "text": "Using broken or weak cryptographic algorithms can allow an attacker to compromise security."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "warning"
+                },
+                "help": {
+                  "text": "# Use of a broken or risky cryptographic algorithm\nUsing broken or weak cryptographic algorithms can leave data vulnerable to being decrypted.\n\nMany cryptographic algorithms provided by cryptography libraries are known to be weak, or flawed. Using such an algorithm means that an attacker may be able to easily decrypt the encrypted data.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic algorithm. Use at least AES-128 or RSA-2048. Do not use the ECB encryption mode since it is vulnerable to replay and other attacks.\n\n\n## Example\nThe following code shows an example of using a java `Cipher` to encrypt some data. When creating a `Cipher` instance, you must specify the encryption algorithm to use. The first example uses DES, which is an older algorithm that is now considered weak. The second example uses AES, which is a strong modern algorithm.\n\n\n```java\n// BAD: DES is a weak algorithm \nCipher des = Cipher.getInstance(\"DES\");\ncipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);\n\nbyte[] encrypted = cipher.doFinal(input.getBytes(\"UTF-8\"));\n\n// ...\n\n// GOOD: AES is a strong algorithm\nCipher des = Cipher.getInstance(\"AES\");\n\n// ...\n```\n\n## References\n* NIST, FIPS 140 Annex a: [ Approved Security Functions](http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf).\n* NIST, SP 800-131A: [ Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n* Common Weakness Enumeration: [CWE-328](https://cwe.mitre.org/data/definitions/328.html).\n",
+                  "markdown": "# Use of a broken or risky cryptographic algorithm\nUsing broken or weak cryptographic algorithms can leave data vulnerable to being decrypted.\n\nMany cryptographic algorithms provided by cryptography libraries are known to be weak, or flawed. Using such an algorithm means that an attacker may be able to easily decrypt the encrypted data.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic algorithm. Use at least AES-128 or RSA-2048. Do not use the ECB encryption mode since it is vulnerable to replay and other attacks.\n\n\n## Example\nThe following code shows an example of using a java `Cipher` to encrypt some data. When creating a `Cipher` instance, you must specify the encryption algorithm to use. The first example uses DES, which is an older algorithm that is now considered weak. The second example uses AES, which is a strong modern algorithm.\n\n\n```java\n// BAD: DES is a weak algorithm \nCipher des = Cipher.getInstance(\"DES\");\ncipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);\n\nbyte[] encrypted = cipher.doFinal(input.getBytes(\"UTF-8\"));\n\n// ...\n\n// GOOD: AES is a strong algorithm\nCipher des = Cipher.getInstance(\"AES\");\n\n// ...\n```\n\n## References\n* NIST, FIPS 140 Annex a: [ Approved Security Functions](http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf).\n* NIST, SP 800-131A: [ Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n* Common Weakness Enumeration: [CWE-328](https://cwe.mitre.org/data/definitions/328.html).\n"
+                },
+                "properties": {
+                  "security-severity": "7.500000",
+                  "tags": [
+                    "external/cwe/cwe-327",
+                    "external/cwe/cwe-328",
+                    "security"
+                  ]
                 }
-              }
-            },
-            {
-              "id": 3,
-              "message": {
-                "text": "this user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java"
+              {
+                "id": "java/world-writable-file-read",
+                "name": "java/world-writable-file-read",
+                "short_description": {
+                  "text": "Reading from a world writable file"
                 },
-                "region": {
-                  "endColumn": 126,
-                  "endLine": 53,
-                  "startColumn": 96,
-                  "startLine": 53
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 28
-          }
-        },
-        {
-          "codeFlows": [
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 15,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java"
-                          },
-                          "region": {
-                            "endColumn": 47,
-                            "endLine": 65,
-                            "startColumn": 35,
-                            "startLine": 65
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 15,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java"
-                          },
-                          "region": {
-                            "endColumn": 37,
-                            "endLine": 66,
-                            "startColumn": 32,
-                            "startLine": 66
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 15,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java"
-                          },
-                          "region": {
-                            "endColumn": 56,
-                            "endLine": 69,
-                            "startColumn": 44,
-                            "startLine": 69
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 15,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java"
-                          },
-                          "region": {
-                            "endColumn": 45,
-                            "endLine": 72,
-                            "startColumn": 40,
-                            "startLine": 72
-                          }
-                        }
-                      }
-                    }
+                "full_description": {
+                  "text": "Reading from a file which is set as world writable is dangerous because the file may be modified or removed by external actors."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Reading from a world writable file\nReading from a world-writable file is dangerous on a multi-user system because other users may be able to affect program execution by modifying or deleting the file.\n\n\n## Recommendation\nDo not make files explicitly world writable unless the file is intended to be written by multiple users on a multi-user system. In many cases, the file may only need to be writable for the current user.\n\nFor some file systems, there may be alternatives to setting the file to be world writable. For example, POSIX file systems support \"groups\" which may be used to ensure that only subset of all the users can write to the file. Access Control Lists (ACLs) are available for many operating system and file system combinations, and can provide fine-grained read and write support without resorting to world writable permissions.\n\n\n## Example\nIn the following example, we are loading some configuration parameters from a file:\n\n```java\n\nprivate void readConfig(File configFile) {\n  if (!configFile.exists()) {\n    // Create an empty config file\n    configFile.createNewFile();\n    // Make the file writable for all\n    configFile.setWritable(true, false);\n  }\n  // Now read the config\n  loadConfig(configFile);\n}\n\n```\nIf the configuration file does not yet exist, an empty file is created. Creating an empty file can simplify the later code and is a convenience for the user. However, by setting the file to be world writable, we allow any user on the system to modify the configuration, not just the current user. If there may be untrusted users on the system, this is potentially dangerous.\n\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [FIO01-J. Create files with appropriate access permissions](https://wiki.sei.cmu.edu/confluence/display/java/FIO01-J.+Create+files+with+appropriate+access+permissions).\n* Common Weakness Enumeration: [CWE-732](https://cwe.mitre.org/data/definitions/732.html).\n",
+                  "markdown": "# Reading from a world writable file\nReading from a world-writable file is dangerous on a multi-user system because other users may be able to affect program execution by modifying or deleting the file.\n\n\n## Recommendation\nDo not make files explicitly world writable unless the file is intended to be written by multiple users on a multi-user system. In many cases, the file may only need to be writable for the current user.\n\nFor some file systems, there may be alternatives to setting the file to be world writable. For example, POSIX file systems support \"groups\" which may be used to ensure that only subset of all the users can write to the file. Access Control Lists (ACLs) are available for many operating system and file system combinations, and can provide fine-grained read and write support without resorting to world writable permissions.\n\n\n## Example\nIn the following example, we are loading some configuration parameters from a file:\n\n```java\n\nprivate void readConfig(File configFile) {\n  if (!configFile.exists()) {\n    // Create an empty config file\n    configFile.createNewFile();\n    // Make the file writable for all\n    configFile.setWritable(true, false);\n  }\n  // Now read the config\n  loadConfig(configFile);\n}\n\n```\nIf the configuration file does not yet exist, an empty file is created. Creating an empty file can simplify the later code and is a convenience for the user. However, by setting the file to be world writable, we allow any user on the system to modify the configuration, not just the current user. If there may be untrusted users on the system, this is potentially dangerous.\n\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [FIO01-J. Create files with appropriate access permissions](https://wiki.sei.cmu.edu/confluence/display/java/FIO01-J.+Create+files+with+appropriate+access+permissions).\n* Common Weakness Enumeration: [CWE-732](https://cwe.mitre.org/data/definitions/732.html).\n"
+                },
+                "properties": {
+                  "security-severity": "7.800000",
+                  "tags": [
+                    "external/cwe/cwe-732",
+                    "security"
                   ]
                 }
-              ]
-            }
-          ],
-          "correlationGuid": "3a93a5b9-6728-4c54-821b-8f16e9f62d47",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 15,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java"
+              },
+              {
+                "id": "java/xml/xpath-injection",
+                "name": "java/xml/xpath-injection",
+                "short_description": {
+                  "text": "XPath injection"
                 },
-                "region": {
-                  "endColumn": 45,
-                  "endLine": 72,
-                  "startColumn": 40,
-                  "startLine": 72
+                "full_description": {
+                  "text": "Building an XPath expression from user-controlled sources is vulnerable to insertion of malicious code by the user."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# XPath injection\nIf an XPath expression is built using string concatenation, and the components of the concatenation include user input, it makes it very easy for a user to create a malicious XPath expression.\n\n\n## Recommendation\nIf user input must be included in an XPath expression, either sanitize the data or pre-compile the query and use variable references to include the user input.\n\nXPath injection can also be prevented by using XQuery.\n\n\n## Example\nIn the first three examples, the code accepts a name and password specified by the user, and uses this unvalidated and unsanitized value in an XPath expression. This is vulnerable to the user providing special characters or string sequences that change the meaning of the XPath expression to search for different values.\n\nIn the fourth example, the code uses `setXPathVariableResolver` which prevents XPath injection.\n\nThe final two examples are for dom4j. They show an example of XPath injection and one method of preventing it.\n\n\n```java\nfinal String xmlStr = \"<users>\" + \n                        \"   <user name=\\\"aaa\\\" pass=\\\"pass1\\\"></user>\" + \n                        \"   <user name=\\\"bbb\\\" pass=\\\"pass2\\\"></user>\" + \n                        \"</users>\";\ntry {\n    DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance();\n    domFactory.setNamespaceAware(true);\n    DocumentBuilder builder = domFactory.newDocumentBuilder();\n    //Document doc = builder.parse(\"user.xml\");\n    Document doc = builder.parse(new InputSource(new StringReader(xmlStr)));\n\n    XPathFactory factory = XPathFactory.newInstance();\n    XPath xpath = factory.newXPath();\n\n    // Injectable data\n    String user = request.getParameter(\"user\");\n    String pass = request.getParameter(\"pass\");\n    if (user != null && pass != null) {\n        boolean isExist = false;\n\n        // Bad expression\n        String expression1 = \"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\";\n        isExist = (boolean)xpath.evaluate(expression1, doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Bad expression\n        XPathExpression expression2 = xpath.compile(\"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\");\n        isExist = (boolean)expression2.evaluate(doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Bad expression\n        StringBuffer sb = new StringBuffer(\"/users/user[@name=\");\n        sb.append(user);\n        sb.append(\"' and @pass='\");\n        sb.append(pass);\n        sb.append(\"']\");\n        String query = sb.toString();\n        XPathExpression expression3 = xpath.compile(query);\n        isExist = (boolean)expression3.evaluate(doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Good expression\n        String expression4 = \"/users/user[@name=$user and @pass=$pass]\";\n        xpath.setXPathVariableResolver(v -> {\n        switch (v.getLocalPart()) {\n            case \"user\":\n                return user;\n            case \"pass\":\n                return pass;\n            default:\n                throw new IllegalArgumentException();\n            }\n        });\n        isExist = (boolean)xpath.evaluate(expression4, doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n\n        // Bad Dom4j \n        org.dom4j.io.SAXReader reader = new org.dom4j.io.SAXReader();\n        org.dom4j.Document document = reader.read(new InputSource(new StringReader(xmlStr)));\n        isExist = document.selectSingleNode(\"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\") != null;\n        // or document.selectNodes\n        System.out.println(isExist);\n\n        // Good Dom4j\n        org.jaxen.SimpleVariableContext svc = new org.jaxen.SimpleVariableContext();\n        svc.setVariableValue(\"user\", user);\n        svc.setVariableValue(\"pass\", pass);\n        String xpathString = \"/users/user[@name=$user and @pass=$pass]\";\n        org.dom4j.XPath safeXPath = document.createXPath(xpathString);\n        safeXPath.setVariableContext(svc);\n        isExist = safeXPath.selectSingleNode(document) != null;\n        System.out.println(isExist);\n    }\n} catch (ParserConfigurationException e) {\n\n} catch (SAXException e) {\n\n} catch (XPathExpressionException e) {\n\n} catch (org.dom4j.DocumentException e) {\n\n}\n```\n\n## References\n* OWASP: [Testing for XPath Injection](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/09-Testing_for_XPath_Injection).\n* OWASP: [XPath Injection](https://owasp.org/www-community/attacks/XPATH_Injection).\n* Common Weakness Enumeration: [CWE-643](https://cwe.mitre.org/data/definitions/643.html).\n",
+                  "markdown": "# XPath injection\nIf an XPath expression is built using string concatenation, and the components of the concatenation include user input, it makes it very easy for a user to create a malicious XPath expression.\n\n\n## Recommendation\nIf user input must be included in an XPath expression, either sanitize the data or pre-compile the query and use variable references to include the user input.\n\nXPath injection can also be prevented by using XQuery.\n\n\n## Example\nIn the first three examples, the code accepts a name and password specified by the user, and uses this unvalidated and unsanitized value in an XPath expression. This is vulnerable to the user providing special characters or string sequences that change the meaning of the XPath expression to search for different values.\n\nIn the fourth example, the code uses `setXPathVariableResolver` which prevents XPath injection.\n\nThe final two examples are for dom4j. They show an example of XPath injection and one method of preventing it.\n\n\n```java\nfinal String xmlStr = \"<users>\" + \n                        \"   <user name=\\\"aaa\\\" pass=\\\"pass1\\\"></user>\" + \n                        \"   <user name=\\\"bbb\\\" pass=\\\"pass2\\\"></user>\" + \n                        \"</users>\";\ntry {\n    DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance();\n    domFactory.setNamespaceAware(true);\n    DocumentBuilder builder = domFactory.newDocumentBuilder();\n    //Document doc = builder.parse(\"user.xml\");\n    Document doc = builder.parse(new InputSource(new StringReader(xmlStr)));\n\n    XPathFactory factory = XPathFactory.newInstance();\n    XPath xpath = factory.newXPath();\n\n    // Injectable data\n    String user = request.getParameter(\"user\");\n    String pass = request.getParameter(\"pass\");\n    if (user != null && pass != null) {\n        boolean isExist = false;\n\n        // Bad expression\n        String expression1 = \"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\";\n        isExist = (boolean)xpath.evaluate(expression1, doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Bad expression\n        XPathExpression expression2 = xpath.compile(\"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\");\n        isExist = (boolean)expression2.evaluate(doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Bad expression\n        StringBuffer sb = new StringBuffer(\"/users/user[@name=\");\n        sb.append(user);\n        sb.append(\"' and @pass='\");\n        sb.append(pass);\n        sb.append(\"']\");\n        String query = sb.toString();\n        XPathExpression expression3 = xpath.compile(query);\n        isExist = (boolean)expression3.evaluate(doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Good expression\n        String expression4 = \"/users/user[@name=$user and @pass=$pass]\";\n        xpath.setXPathVariableResolver(v -> {\n        switch (v.getLocalPart()) {\n            case \"user\":\n                return user;\n            case \"pass\":\n                return pass;\n            default:\n                throw new IllegalArgumentException();\n            }\n        });\n        isExist = (boolean)xpath.evaluate(expression4, doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n\n        // Bad Dom4j \n        org.dom4j.io.SAXReader reader = new org.dom4j.io.SAXReader();\n        org.dom4j.Document document = reader.read(new InputSource(new StringReader(xmlStr)));\n        isExist = document.selectSingleNode(\"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\") != null;\n        // or document.selectNodes\n        System.out.println(isExist);\n\n        // Good Dom4j\n        org.jaxen.SimpleVariableContext svc = new org.jaxen.SimpleVariableContext();\n        svc.setVariableValue(\"user\", user);\n        svc.setVariableValue(\"pass\", pass);\n        String xpathString = \"/users/user[@name=$user and @pass=$pass]\";\n        org.dom4j.XPath safeXPath = document.createXPath(xpathString);\n        safeXPath.setVariableContext(svc);\n        isExist = safeXPath.selectSingleNode(document) != null;\n        System.out.println(isExist);\n    }\n} catch (ParserConfigurationException e) {\n\n} catch (SAXException e) {\n\n} catch (XPathExpressionException e) {\n\n} catch (org.dom4j.DocumentException e) {\n\n}\n```\n\n## References\n* OWASP: [Testing for XPath Injection](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/09-Testing_for_XPath_Injection).\n* OWASP: [XPath Injection](https://owasp.org/www-community/attacks/XPATH_Injection).\n* Common Weakness Enumeration: [CWE-643](https://cwe.mitre.org/data/definitions/643.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.800000",
+                  "tags": [
+                    "external/cwe/cwe-643",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "Query might include code from [this user input](1)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "31dcbb8961cbab44:1"
-          },
-          "properties": {
-            "github/alertNumber": 6,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/6"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "this user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java"
+              {
+                "id": "java/xslt-injection",
+                "name": "java/xslt-injection",
+                "short_description": {
+                  "text": "XSLT transformation with user-controlled stylesheet"
                 },
-                "region": {
-                  "endColumn": 47,
-                  "endLine": 65,
-                  "startColumn": 35,
-                  "startLine": 65
+                "full_description": {
+                  "text": "Performing an XSLT transformation with user-controlled stylesheets can lead to information disclosure or execution of arbitrary code."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# XSLT transformation with user-controlled stylesheet\nXSLT (Extensible Stylesheet Language Transformations) is a language for transforming XML documents into other XML documents or other formats. Processing unvalidated XSLT stylesheets can allow attackers to read arbitrary files from the filesystem or to execute arbitrary code.\n\n\n## Recommendation\nThe general recommendation is to not process untrusted XSLT stylesheets. If user-provided stylesheets must be processed, enable the secure processing mode.\n\n\n## Example\nIn the following examples, the code accepts an XSLT stylesheet from the user and processes it.\n\nIn the first example, the user-provided XSLT stylesheet is parsed and processed.\n\nIn the second example, secure processing mode is enabled.\n\n\n```java\nimport javax.xml.XMLConstants;\nimport javax.xml.transform.TransformerFactory;\nimport javax.xml.transform.stream.StreamResult;\nimport javax.xml.transform.stream.StreamSource;\n\npublic void transform(Socket socket, String inputXml) throws Exception {\n  StreamSource xslt = new StreamSource(socket.getInputStream());\n  StreamSource xml = new StreamSource(new StringReader(inputXml));\n  StringWriter result = new StringWriter();\n  TransformerFactory factory = TransformerFactory.newInstance();\n\n  // BAD: User provided XSLT stylesheet is processed\n  factory.newTransformer(xslt).transform(xml, new StreamResult(result));\n\n  // GOOD: The secure processing mode is enabled\n  factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);\n  factory.newTransformer(xslt).transform(xml, new StreamResult(result));\n}  \n```\n\n## References\n* Wikipedia: [XSLT](https://en.wikipedia.org/wiki/XSLT).\n* The Java Tutorials: [Transforming XML Data with XSLT](https://docs.oracle.com/javase/tutorial/jaxp/xslt/transformingXML.html).\n* [XSLT Injection Basics](https://blog.hunniccyber.com/ektron-cms-remote-code-execution-xslt-transform-injection-java/).\n* Common Weakness Enumeration: [CWE-74](https://cwe.mitre.org/data/definitions/74.html).\n",
+                  "markdown": "# XSLT transformation with user-controlled stylesheet\nXSLT (Extensible Stylesheet Language Transformations) is a language for transforming XML documents into other XML documents or other formats. Processing unvalidated XSLT stylesheets can allow attackers to read arbitrary files from the filesystem or to execute arbitrary code.\n\n\n## Recommendation\nThe general recommendation is to not process untrusted XSLT stylesheets. If user-provided stylesheets must be processed, enable the secure processing mode.\n\n\n## Example\nIn the following examples, the code accepts an XSLT stylesheet from the user and processes it.\n\nIn the first example, the user-provided XSLT stylesheet is parsed and processed.\n\nIn the second example, secure processing mode is enabled.\n\n\n```java\nimport javax.xml.XMLConstants;\nimport javax.xml.transform.TransformerFactory;\nimport javax.xml.transform.stream.StreamResult;\nimport javax.xml.transform.stream.StreamSource;\n\npublic void transform(Socket socket, String inputXml) throws Exception {\n  StreamSource xslt = new StreamSource(socket.getInputStream());\n  StreamSource xml = new StreamSource(new StringReader(inputXml));\n  StringWriter result = new StringWriter();\n  TransformerFactory factory = TransformerFactory.newInstance();\n\n  // BAD: User provided XSLT stylesheet is processed\n  factory.newTransformer(xslt).transform(xml, new StreamResult(result));\n\n  // GOOD: The secure processing mode is enabled\n  factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);\n  factory.newTransformer(xslt).transform(xml, new StreamResult(result));\n}  \n```\n\n## References\n* Wikipedia: [XSLT](https://en.wikipedia.org/wiki/XSLT).\n* The Java Tutorials: [Transforming XML Data with XSLT](https://docs.oracle.com/javase/tutorial/jaxp/xslt/transformingXML.html).\n* [XSLT Injection Basics](https://blog.hunniccyber.com/ektron-cms-remote-code-execution-xslt-transform-injection-java/).\n* Common Weakness Enumeration: [CWE-74](https://cwe.mitre.org/data/definitions/74.html).\n"
+                },
+                "properties": {
+                  "tags": [
+                    "external/cwe/cwe-074",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 28
-          }
-        },
-        {
-          "codeFlows": [
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 16,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java"
-                          },
-                          "region": {
-                            "endColumn": 61,
-                            "endLine": 56,
-                            "startColumn": 35,
-                            "startLine": 56
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 16,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java"
-                          },
-                          "region": {
-                            "endColumn": 37,
-                            "endLine": 57,
-                            "startColumn": 32,
-                            "startLine": 57
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 16,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java"
-                          },
-                          "region": {
-                            "endColumn": 56,
-                            "endLine": 60,
-                            "startColumn": 44,
-                            "startLine": 60
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 16,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java"
-                          },
-                          "region": {
-                            "endColumn": 46,
-                            "endLine": 63,
-                            "startColumn": 41,
-                            "startLine": 63
-                          }
-                        }
-                      }
-                    }
+              },
+              {
+                "id": "java/xss",
+                "name": "java/xss",
+                "short_description": {
+                  "text": "Cross-site scripting"
+                },
+                "full_description": {
+                  "text": "Writing user input directly to a web page allows for a cross-site scripting vulnerability."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Cross-site scripting\nDirectly writing user input (for example, an HTTP request parameter) to a web page, without properly sanitizing the input first, allows for a cross-site scripting vulnerability.\n\n\n## Recommendation\nTo guard against cross-site scripting, consider using contextual output encoding/escaping before writing user input to the page, or one of the other solutions that are mentioned in the reference.\n\n\n## Example\nThe following example shows the page parameter being written directly to the server error page, leaving the website vulnerable to cross-site scripting.\n\n\n```java\npublic class XSS extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: a request parameter is written directly to an error response page\n\t\tresponse.sendError(HttpServletResponse.SC_NOT_FOUND,\n\t\t\t\t\"The page \\\"\" + request.getParameter(\"page\") + \"\\\" was not found.\");\n\t}\n}\n\n```\n\n## References\n* OWASP: [XSS (Cross Site Scripting) Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html).\n* Wikipedia: [Cross-site scripting](http://en.wikipedia.org/wiki/Cross-site_scripting).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n",
+                  "markdown": "# Cross-site scripting\nDirectly writing user input (for example, an HTTP request parameter) to a web page, without properly sanitizing the input first, allows for a cross-site scripting vulnerability.\n\n\n## Recommendation\nTo guard against cross-site scripting, consider using contextual output encoding/escaping before writing user input to the page, or one of the other solutions that are mentioned in the reference.\n\n\n## Example\nThe following example shows the page parameter being written directly to the server error page, leaving the website vulnerable to cross-site scripting.\n\n\n```java\npublic class XSS extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: a request parameter is written directly to an error response page\n\t\tresponse.sendError(HttpServletResponse.SC_NOT_FOUND,\n\t\t\t\t\"The page \\\"\" + request.getParameter(\"page\") + \"\\\" was not found.\");\n\t}\n}\n\n```\n\n## References\n* OWASP: [XSS (Cross Site Scripting) Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html).\n* Wikipedia: [Cross-site scripting](http://en.wikipedia.org/wiki/Cross-site_scripting).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n"
+                },
+                "properties": {
+                  "security-severity": "6.100000",
+                  "tags": [
+                    "external/cwe/cwe-079",
+                    "security"
                   ]
                 }
-              ]
-            }
-          ],
-          "correlationGuid": "6a76563a-8f5a-449f-8349-31bb71545891",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 16,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java"
+              },
+              {
+                "id": "java/xxe",
+                "name": "java/xxe",
+                "short_description": {
+                  "text": "Resolving XML external entity in user-controlled data"
                 },
-                "region": {
-                  "endColumn": 46,
-                  "endLine": 63,
-                  "startColumn": 41,
-                  "startLine": 63
+                "full_description": {
+                  "text": "Parsing user-controlled XML documents and allowing expansion of external entity references may lead to disclosure of confidential data or denial of service."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Resolving XML external entity in user-controlled data\nParsing untrusted XML files with a weakly configured XML parser may lead to an XML External Entity (XXE) attack. This type of attack uses external entity references to access arbitrary files on a system, carry out denial of service, or server side request forgery. Even when the result of parsing is not returned to the user, out-of-band data retrieval techniques may allow attackers to steal sensitive data. Denial of services can also be carried out in this situation.\n\nThere are many XML parsers for Java, and most of them are vulnerable to XXE because their default settings enable parsing of external entities. This query currently identifies vulnerable XML parsing from the following parsers: `javax.xml.parsers.DocumentBuilder`, `javax.xml.stream.XMLStreamReader`, `org.jdom.input.SAXBuilder`/`org.jdom2.input.SAXBuilder`, `javax.xml.parsers.SAXParser`,`org.dom4j.io.SAXReader`, `org.xml.sax.XMLReader`, `javax.xml.transform.sax.SAXSource`, `javax.xml.transform.TransformerFactory`, `javax.xml.transform.sax.SAXTransformerFactory`, `javax.xml.validation.SchemaFactory`, `javax.xml.bind.Unmarshaller` and `javax.xml.xpath.XPathExpression`.\n\n\n## Recommendation\nThe best way to prevent XXE attacks is to disable the parsing of any Document Type Declarations (DTDs) in untrusted data. If this is not possible you should disable the parsing of external general entities and external parameter entities. This improves security but the code will still be at risk of denial of service and server side request forgery attacks. Protection against denial of service attacks may also be implemented by setting entity expansion limits, which is done by default in recent JDK and JRE implementations. Because there are many different ways to disable external entity retrieval with varying support between different providers, in this query we choose to specifically check for the [OWASP recommended way](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#java) to disable external entity retrieval for a particular parser. There may be other ways of making a particular parser safe which deviate from these guidelines, in which case this query will continue to flag the parser as potentially dangerous.\n\n\n## Example\nThe following example calls `parse` on a `DocumentBuilder` that is not safely configured on untrusted data, and is therefore inherently unsafe.\n\n\n```java\npublic void parse(Socket sock) throws Exception {\n  DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();\n  DocumentBuilder builder = factory.newDocumentBuilder();\n  builder.parse(sock.getInputStream()); //unsafe\n}\n\n```\nIn this example, the `DocumentBuilder` is created with DTD disabled, securing it against XXE attack.\n\n\n```java\npublic void disableDTDParse(Socket sock) throws Exception {\n  DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();\n  factory.setFeature(\"http://apache.org/xml/features/disallow-doctype-decl\", true);\n  DocumentBuilder builder = factory.newDocumentBuilder();\n  builder.parse(sock.getInputStream()); //safe\n}\n\n```\n\n## References\n* OWASP vulnerability description: [XML External Entity (XXE) Processing](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing).\n* OWASP guidance on parsing xml files: [XXE Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#java).\n* Paper by Timothy Morgen: [XML Schema, DTD, and Entity Attacks](https://research.nccgroup.com/2014/05/19/xml-schema-dtd-and-entity-attacks-a-compendium-of-known-techniques/)\n* Out-of-band data retrieval: Timur Yunusov &amp; Alexey Osipov, Black hat EU 2013: [XML Out-Of-Band Data Retrieval](https://www.slideshare.net/qqlan/bh-ready-v4).\n* Denial of service attack (Billion laughs): [Billion Laughs.](https://en.wikipedia.org/wiki/Billion_laughs)\n* The Java Tutorials: [Processing Limit Definitions.](https://docs.oracle.com/javase/tutorial/jaxp/limits/limits.html)\n* Common Weakness Enumeration: [CWE-611](https://cwe.mitre.org/data/definitions/611.html).\n* Common Weakness Enumeration: [CWE-776](https://cwe.mitre.org/data/definitions/776.html).\n* Common Weakness Enumeration: [CWE-827](https://cwe.mitre.org/data/definitions/827.html).\n",
+                  "markdown": "# Resolving XML external entity in user-controlled data\nParsing untrusted XML files with a weakly configured XML parser may lead to an XML External Entity (XXE) attack. This type of attack uses external entity references to access arbitrary files on a system, carry out denial of service, or server side request forgery. Even when the result of parsing is not returned to the user, out-of-band data retrieval techniques may allow attackers to steal sensitive data. Denial of services can also be carried out in this situation.\n\nThere are many XML parsers for Java, and most of them are vulnerable to XXE because their default settings enable parsing of external entities. This query currently identifies vulnerable XML parsing from the following parsers: `javax.xml.parsers.DocumentBuilder`, `javax.xml.stream.XMLStreamReader`, `org.jdom.input.SAXBuilder`/`org.jdom2.input.SAXBuilder`, `javax.xml.parsers.SAXParser`,`org.dom4j.io.SAXReader`, `org.xml.sax.XMLReader`, `javax.xml.transform.sax.SAXSource`, `javax.xml.transform.TransformerFactory`, `javax.xml.transform.sax.SAXTransformerFactory`, `javax.xml.validation.SchemaFactory`, `javax.xml.bind.Unmarshaller` and `javax.xml.xpath.XPathExpression`.\n\n\n## Recommendation\nThe best way to prevent XXE attacks is to disable the parsing of any Document Type Declarations (DTDs) in untrusted data. If this is not possible you should disable the parsing of external general entities and external parameter entities. This improves security but the code will still be at risk of denial of service and server side request forgery attacks. Protection against denial of service attacks may also be implemented by setting entity expansion limits, which is done by default in recent JDK and JRE implementations. Because there are many different ways to disable external entity retrieval with varying support between different providers, in this query we choose to specifically check for the [OWASP recommended way](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#java) to disable external entity retrieval for a particular parser. There may be other ways of making a particular parser safe which deviate from these guidelines, in which case this query will continue to flag the parser as potentially dangerous.\n\n\n## Example\nThe following example calls `parse` on a `DocumentBuilder` that is not safely configured on untrusted data, and is therefore inherently unsafe.\n\n\n```java\npublic void parse(Socket sock) throws Exception {\n  DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();\n  DocumentBuilder builder = factory.newDocumentBuilder();\n  builder.parse(sock.getInputStream()); //unsafe\n}\n\n```\nIn this example, the `DocumentBuilder` is created with DTD disabled, securing it against XXE attack.\n\n\n```java\npublic void disableDTDParse(Socket sock) throws Exception {\n  DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();\n  factory.setFeature(\"http://apache.org/xml/features/disallow-doctype-decl\", true);\n  DocumentBuilder builder = factory.newDocumentBuilder();\n  builder.parse(sock.getInputStream()); //safe\n}\n\n```\n\n## References\n* OWASP vulnerability description: [XML External Entity (XXE) Processing](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing).\n* OWASP guidance on parsing xml files: [XXE Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#java).\n* Paper by Timothy Morgen: [XML Schema, DTD, and Entity Attacks](https://research.nccgroup.com/2014/05/19/xml-schema-dtd-and-entity-attacks-a-compendium-of-known-techniques/)\n* Out-of-band data retrieval: Timur Yunusov &amp; Alexey Osipov, Black hat EU 2013: [XML Out-Of-Band Data Retrieval](https://www.slideshare.net/qqlan/bh-ready-v4).\n* Denial of service attack (Billion laughs): [Billion Laughs.](https://en.wikipedia.org/wiki/Billion_laughs)\n* The Java Tutorials: [Processing Limit Definitions.](https://docs.oracle.com/javase/tutorial/jaxp/limits/limits.html)\n* Common Weakness Enumeration: [CWE-611](https://cwe.mitre.org/data/definitions/611.html).\n* Common Weakness Enumeration: [CWE-776](https://cwe.mitre.org/data/definitions/776.html).\n* Common Weakness Enumeration: [CWE-827](https://cwe.mitre.org/data/definitions/827.html).\n"
+                },
+                "properties": {
+                  "security-severity": "9.100000",
+                  "tags": [
+                    "external/cwe/cwe-611",
+                    "external/cwe/cwe-776",
+                    "external/cwe/cwe-827",
+                    "security"
+                  ]
                 }
-              }
-            }
-          ],
-          "message": {
-            "text": "Query might include code from [this user input](1)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "70e3ff06f7af756a:1"
-          },
-          "properties": {
-            "github/alertNumber": 5,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/5"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "this user input"
               },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java"
+              {
+                "id": "java/zipslip",
+                "name": "java/zipslip",
+                "short_description": {
+                  "text": "Arbitrary file write during archive extraction (\"Zip Slip\")"
                 },
-                "region": {
-                  "endColumn": 61,
-                  "endLine": 56,
-                  "startColumn": 35,
-                  "startLine": 56
+                "full_description": {
+                  "text": "Extracting files from a malicious archive without validating that the destination file path is within the destination directory can cause files outside the destination directory to be overwritten."
+                },
+                "default_configuration": {
+                  "enabled": true,
+                  "level": "error"
+                },
+                "help": {
+                  "text": "# Arbitrary file write during archive extraction (\"Zip Slip\")\nExtracting files from a malicious zip archive (or another archive format) without validating that the destination file path is within the destination directory can cause files outside the destination directory to be overwritten, due to the possible presence of directory traversal elements (`..`) in archive paths.\n\nZip archives contain archive entries representing each file in the archive. These entries include a file path for the entry, but these file paths are not restricted and may contain unexpected special elements such as the directory traversal element (`..`). If these file paths are used to determine an output file to write the contents of the archive item to, then the file may be written to an unexpected location. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\nFor example, if a zip file contains a file entry `..\\sneaky-file`, and the zip file is extracted to the directory `c:\\output`, then naively combining the paths would result in an output file path of `c:\\output\\..\\sneaky-file`, which would cause the file to be written to `c:\\sneaky-file`.\n\n\n## Recommendation\nEnsure that output paths constructed from zip archive entries are validated to prevent writing files to unexpected locations.\n\nThe recommended way of writing an output file from a zip archive entry is to verify that the normalized full path of the output file starts with a prefix that matches the destination directory. Path normalization can be done with either `java.io.File.getCanonicalFile()` or `java.nio.file.Path.normalize()`. Prefix checking can be done with `String.startsWith(..)`, but it is better to use `java.nio.file.Path.startsWith(..)`, as the latter works on complete path segments.\n\nAnother alternative is to validate archive entries against a whitelist of expected files.\n\n\n## Example\nIn this example, a file path taken from a zip archive item entry is combined with a destination directory. The result is used as the destination file path without verifying that the result is within the destination directory. If provided with a zip file containing an archive path like `..\\sneaky-file`, then this file would be written outside the destination directory.\n\n\n```java\nvoid writeZipEntry(ZipEntry entry, File destinationDir) {\n    File file = new File(destinationDir, entry.getName());\n    FileOutputStream fos = new FileOutputStream(file); // BAD\n    // ... write entry to fos ...\n}\n\n```\nTo fix this vulnerability, we need to verify that the normalized `file` still has `destinationDir` as its prefix, and throw an exception if this is not the case.\n\n\n```java\nvoid writeZipEntry(ZipEntry entry, File destinationDir) {\n    File file = new File(destinationDir, entry.getName());\n    if (!file.toPath().normalize().startsWith(destinationDir.toPath()))\n        throw new Exception(\"Bad zip entry\");\n    FileOutputStream fos = new FileOutputStream(file); // OK\n    // ... write entry to fos ...\n}\n\n```\n\n## References\n* Snyk: [Zip Slip Vulnerability](https://snyk.io/research/zip-slip-vulnerability).\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n",
+                  "markdown": "# Arbitrary file write during archive extraction (\"Zip Slip\")\nExtracting files from a malicious zip archive (or another archive format) without validating that the destination file path is within the destination directory can cause files outside the destination directory to be overwritten, due to the possible presence of directory traversal elements (`..`) in archive paths.\n\nZip archives contain archive entries representing each file in the archive. These entries include a file path for the entry, but these file paths are not restricted and may contain unexpected special elements such as the directory traversal element (`..`). If these file paths are used to determine an output file to write the contents of the archive item to, then the file may be written to an unexpected location. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\nFor example, if a zip file contains a file entry `..\\sneaky-file`, and the zip file is extracted to the directory `c:\\output`, then naively combining the paths would result in an output file path of `c:\\output\\..\\sneaky-file`, which would cause the file to be written to `c:\\sneaky-file`.\n\n\n## Recommendation\nEnsure that output paths constructed from zip archive entries are validated to prevent writing files to unexpected locations.\n\nThe recommended way of writing an output file from a zip archive entry is to verify that the normalized full path of the output file starts with a prefix that matches the destination directory. Path normalization can be done with either `java.io.File.getCanonicalFile()` or `java.nio.file.Path.normalize()`. Prefix checking can be done with `String.startsWith(..)`, but it is better to use `java.nio.file.Path.startsWith(..)`, as the latter works on complete path segments.\n\nAnother alternative is to validate archive entries against a whitelist of expected files.\n\n\n## Example\nIn this example, a file path taken from a zip archive item entry is combined with a destination directory. The result is used as the destination file path without verifying that the result is within the destination directory. If provided with a zip file containing an archive path like `..\\sneaky-file`, then this file would be written outside the destination directory.\n\n\n```java\nvoid writeZipEntry(ZipEntry entry, File destinationDir) {\n    File file = new File(destinationDir, entry.getName());\n    FileOutputStream fos = new FileOutputStream(file); // BAD\n    // ... write entry to fos ...\n}\n\n```\nTo fix this vulnerability, we need to verify that the normalized `file` still has `destinationDir` as its prefix, and throw an exception if this is not the case.\n\n\n```java\nvoid writeZipEntry(ZipEntry entry, File destinationDir) {\n    File file = new File(destinationDir, entry.getName());\n    if (!file.toPath().normalize().startsWith(destinationDir.toPath()))\n        throw new Exception(\"Bad zip entry\");\n    FileOutputStream fos = new FileOutputStream(file); // OK\n    // ... write entry to fos ...\n}\n\n```\n\n## References\n* Snyk: [Zip Slip Vulnerability](https://snyk.io/research/zip-slip-vulnerability).\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n"
+                },
+                "properties": {
+                  "security-severity": "7.500000",
+                  "tags": [
+                    "external/cwe/cwe-022",
+                    "security"
+                  ]
                 }
               }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 28
+            ]
+          },
+          {
+            "name": "codeql/javascript-examples",
+            "semantic_version": "0.0.3+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          },
+          {
+            "name": "codeql/go-queries",
+            "semantic_version": "0.0.7+14d227a232489bccc3e2661088452af185a2516b"
+          },
+          {
+            "name": "codeql/python-queries",
+            "semantic_version": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          },
+          {
+            "name": "codeql/cpp-all",
+            "semantic_version": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          },
+          {
+            "name": "codeql/cpp-queries",
+            "semantic_version": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          },
+          {
+            "name": "codeql/javascript-queries",
+            "semantic_version": "0.0.9+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          },
+          {
+            "name": "codeql/go-all",
+            "semantic_version": "0.0.7+14d227a232489bccc3e2661088452af185a2516b"
+          },
+          {
+            "name": "codeql/suite-helpers",
+            "semantic_version": "0.0.3+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          }
+        ]
+      },
+      "conversion": {
+        "tool": {
+          "driver": {
+            "name": "GitHub Code Scanning"
+          }
+        }
+      },
+      "version_control_provenance": [
+        {
+          "repository_uri": "https://github.com/nahsra/WebGoat",
+          "revision_id": "701eef1f1db29088d14480b3a2aad4610aa709df",
+          "branch": "refs/heads/develop"
+        }
+      ],
+      "artifacts": [
+        {
+          "location": {
+            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+            "index": 0
           }
         },
         {
-          "codeFlows": [
-            {
-              "threadFlows": [
-                {
-                  "locations": [
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 17,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java"
-                          },
-                          "region": {
-                            "endColumn": 61,
-                            "endLine": 56,
-                            "startColumn": 35,
-                            "startLine": 56
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 17,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java"
-                          },
-                          "region": {
-                            "endColumn": 37,
-                            "endLine": 57,
-                            "startColumn": 32,
-                            "startLine": 57
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 17,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java"
-                          },
-                          "region": {
-                            "endColumn": 56,
-                            "endLine": 60,
-                            "startColumn": 44,
-                            "startLine": 60
-                          }
-                        }
-                      }
-                    },
-                    {
-                      "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 17,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java"
-                          },
-                          "region": {
-                            "endColumn": 46,
-                            "endLine": 65,
-                            "startColumn": 41,
-                            "startLine": 65
-                          }
-                        }
-                      }
-                    }
-                  ]
-                }
-              ]
+          "location": {
+            "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java",
+            "index": 1
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java",
+            "index": 2
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/ContentTypeAssignment.java",
+            "index": 3
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java",
+            "index": 4
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java",
+            "index": 5
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java",
+            "index": 6
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTSecretKeyEndpoint.java",
+            "index": 7
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-integration-tests/src/test/java/org/owasp/webgoat/JWTLessonTest.java",
+            "index": 8
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/HashingAssignment.java",
+            "index": 9
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-container/src/main/java/org/owasp/webgoat/AjaxAuthenticationEntryPoint.java",
+            "index": 10
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+            "index": 11
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+            "index": 12
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java",
+            "index": 13
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+            "index": 14
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java",
+            "index": 15
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java",
+            "index": 16
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java",
+            "index": 17
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java",
+            "index": 18
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java",
+            "index": 19
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java",
+            "index": 20
+          }
+        },
+        {
+          "location": {
+            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidation.java",
+            "index": 21
+          }
+        }
+      ],
+      "results": [
+        {
+          "rule": {
+            "index": 29,
+            "tool_component": {
+              "index": 14
             }
-          ],
-          "correlationGuid": "571c000e-9298-4012-9547-f63907ae8dec",
+          },
           "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 17,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java"
-                },
-                "region": {
-                  "endColumn": 46,
-                  "endLine": 65,
-                  "startColumn": 41,
-                  "startLine": 65
-                }
-              }
-            }
-          ],
           "message": {
-            "text": "Query might include code from [this user input](1)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "6831612ccb8d413b:1"
-          },
-          "properties": {
-            "github/alertNumber": 4,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/4"
+            "text": "Potential server-side request forgery due to [a user-provided value](1)."
           },
-          "relatedLocations": [
+          "locations": [
             {
-              "id": 1,
-              "message": {
-                "text": "this user input"
-              },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                  "index": 0
                 },
                 "region": {
-                  "endColumn": 61,
-                  "endLine": 56,
-                  "startColumn": 35,
-                  "startLine": 56
+                  "start_line": 53,
+                  "start_column": 35,
+                  "end_line": 53,
+                  "end_column": 47
                 }
               }
             }
           ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 28
-          }
-        },
-        {
-          "codeFlows": [
+          "guid": "739e6994-890a-47ca-b485-582988415225",
+          "correlation_guid": "0a707b1d-4b19-47a1-ad04-c83e3ea0f35b",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "e26804d6c609fb76:1"
+          },
+          "code_flows": [
             {
-              "threadFlows": [
+              "thread_flows": [
                 {
                   "locations": [
                     {
                       "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 18,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                            "index": 0
                           },
                           "region": {
-                            "endColumn": 61,
-                            "endLine": 55,
-                            "startColumn": 35,
-                            "startLine": 55
+                            "start_line": 46,
+                            "start_column": 35,
+                            "end_line": 46,
+                            "end_column": 59
                           }
+                        },
+                        "message": {
+                          "text": "url : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 18,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                            "index": 0
                           },
                           "region": {
-                            "endColumn": 37,
-                            "endLine": 56,
-                            "startColumn": 32,
-                            "startLine": 56
+                            "start_line": 47,
+                            "start_column": 24,
+                            "end_line": 47,
+                            "end_column": 27
                           }
+                        },
+                        "message": {
+                          "text": "url : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "query : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 18,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                            "index": 0
                           },
                           "region": {
-                            "endColumn": 56,
-                            "endLine": 59,
-                            "startColumn": 44,
-                            "startLine": 59
+                            "start_line": 50,
+                            "start_column": 36,
+                            "end_line": 50,
+                            "end_column": 46
                           }
+                        },
+                        "message": {
+                          "text": "url : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 18,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                            "index": 0
                           },
                           "region": {
-                            "endColumn": 61,
-                            "endLine": 62,
-                            "startColumn": 56,
-                            "startLine": 62
+                            "start_line": 53,
+                            "start_column": 35,
+                            "end_line": 53,
+                            "end_column": 47
                           }
+                        },
+                        "message": {
+                          "text": "new URL(...)"
                         }
                       }
                     }
                   ]
                 }
               ]
-            }
-          ],
-          "correlationGuid": "83f28801-a3dc-49ab-a2d9-d096032b3d82",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 18,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java"
-                },
-                "region": {
-                  "endColumn": 61,
-                  "endLine": 62,
-                  "startColumn": 56,
-                  "startLine": 62
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Query might include code from [this user input](1)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "1c69de562b7d4118:1"
-          },
-          "properties": {
-            "github/alertNumber": 3,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/3"
-          },
-          "relatedLocations": [
-            {
-              "id": 1,
-              "message": {
-                "text": "this user input"
-              },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java"
-                },
-                "region": {
-                  "endColumn": 61,
-                  "endLine": 55,
-                  "startColumn": 35,
-                  "startLine": 55
-                }
-              }
-            }
-          ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
             },
-            "index": 28
-          }
-        },
-        {
-          "codeFlows": [
             {
-              "threadFlows": [
+              "thread_flows": [
                 {
                   "locations": [
                     {
                       "location": {
-                        "message": {
-                          "text": "action_string : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 19,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                            "index": 0
                           },
                           "region": {
-                            "endColumn": 69,
-                            "endLine": 52,
-                            "startColumn": 35,
-                            "startLine": 52
+                            "start_line": 46,
+                            "start_column": 35,
+                            "end_line": 46,
+                            "end_column": 59
                           }
+                        },
+                        "message": {
+                          "text": "url : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "action_string : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 19,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                            "index": 0
                           },
                           "region": {
-                            "endColumn": 57,
-                            "endLine": 53,
-                            "startColumn": 44,
-                            "startLine": 53
+                            "start_line": 47,
+                            "start_column": 24,
+                            "end_line": 47,
+                            "end_column": 27
                           }
+                        },
+                        "message": {
+                          "text": "url : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "action : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 19,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                            "index": 0
                           },
                           "region": {
-                            "endColumn": 69,
-                            "endLine": 56,
-                            "startColumn": 56,
-                            "startLine": 56
+                            "start_line": 50,
+                            "start_column": 36,
+                            "end_line": 50,
+                            "end_column": 46
                           }
+                        },
+                        "message": {
+                          "text": "url : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "query"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                            "index": 0
+                          },
+                          "region": {
+                            "start_line": 53,
+                            "start_column": 43,
+                            "end_line": 53,
+                            "end_column": 46
+                          }
                         },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 19,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java"
+                        "message": {
+                          "text": "url : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                            "index": 0
                           },
                           "region": {
-                            "endColumn": 65,
-                            "endLine": 63,
-                            "startColumn": 60,
-                            "startLine": 63
+                            "start_line": 53,
+                            "start_column": 35,
+                            "end_line": 53,
+                            "end_column": 47
                           }
+                        },
+                        "message": {
+                          "text": "new URL(...)"
                         }
                       }
                     }
@@ -2984,140 +1610,234 @@
               ]
             }
           ],
-          "correlationGuid": "352c4a51-9495-4013-b121-da4188468c12",
-          "level": "error",
-          "locations": [
+          "related_locations": [
             {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 19,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java"
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java",
+                  "index": 0
                 },
                 "region": {
-                  "endColumn": 65,
-                  "endLine": 63,
-                  "startColumn": 60,
-                  "startLine": 63
+                  "start_line": 46,
+                  "start_column": 35,
+                  "end_line": 46,
+                  "end_column": 59
                 }
+              },
+              "message": {
+                "text": "a user-provided value"
               }
             }
           ],
+          "properties": {
+            "github/alertNumber": 24,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/24"
+          }
+        },
+        {
+          "rule": {
+            "index": 12,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
           "message": {
-            "text": "Query might include code from [this user input](1)."
+            "text": "Cookie is added to response without the 'secure' flag being set."
           },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "983b99783dada75a:1"
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java",
+                  "index": 1
+                },
+                "region": {
+                  "start_line": 111,
+                  "start_column": 13,
+                  "end_line": 111,
+                  "end_column": 39
+                }
+              }
+            }
+          ],
+          "guid": "cb42d9e0-026b-4eef-96ac-25c6e64801c8",
+          "correlation_guid": "f5b73719-2665-4a67-9352-3005bcc59e9d",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "178a5d22f3f4ca47:1"
           },
           "properties": {
-            "github/alertNumber": 2,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/2"
+            "github/alertNumber": 23,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/23"
+          }
+        },
+        {
+          "rule": {
+            "index": 12,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Cookie is added to response without the 'secure' flag being set."
           },
-          "relatedLocations": [
+          "locations": [
             {
-              "id": 1,
-              "message": {
-                "text": "this user input"
-              },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java",
+                  "index": 1
                 },
                 "region": {
-                  "endColumn": 69,
-                  "endLine": 52,
-                  "startColumn": 35,
-                  "startLine": 52
+                  "start_line": 106,
+                  "start_column": 13,
+                  "end_line": 106,
+                  "end_column": 39
                 }
               }
             }
           ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 28
+          "guid": "ce0100ac-5e54-4a6e-b56a-5dc5363c7932",
+          "correlation_guid": "c404540f-0dba-49fe-9fd1-f1b04785c642",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "84a4c92c523d81a1:1"
+          },
+          "properties": {
+            "github/alertNumber": 22,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/22"
           }
         },
         {
-          "codeFlows": [
+          "rule": {
+            "index": 43,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Unsafe parsing of XML file from [user input](1).\nUnsafe parsing of XML file from [user input](2)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java",
+                  "index": 2
+                },
+                "region": {
+                  "start_line": 101,
+                  "start_column": 45,
+                  "end_line": 101,
+                  "end_column": 66
+                }
+              }
+            }
+          ],
+          "guid": "f94bdb92-8827-4a2c-9939-5bdf00bbd564",
+          "correlation_guid": "e54b8c0f-4638-4a9f-9325-d8742e367564",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "1c93f3ad0a8f54:1"
+          },
+          "code_flows": [
             {
-              "threadFlows": [
+              "thread_flows": [
                 {
                   "locations": [
                     {
                       "location": {
-                        "message": {
-                          "text": "userid_6a : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 20,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/ContentTypeAssignment.java",
+                            "index": 3
                           },
                           "region": {
-                            "endColumn": 65,
-                            "endLine": 51,
-                            "startColumn": 35,
-                            "startLine": 51
+                            "start_line": 59,
+                            "start_column": 67,
+                            "end_line": 59,
+                            "end_column": 97
                           }
+                        },
+                        "message": {
+                          "text": "commentStr : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "userid_6a : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 20,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/ContentTypeAssignment.java",
+                            "index": 3
                           },
                           "region": {
-                            "endColumn": 41,
-                            "endLine": 52,
-                            "startColumn": 32,
-                            "startLine": 52
+                            "start_line": 74,
+                            "start_column": 53,
+                            "end_line": 74,
+                            "end_column": 63
                           }
+                        },
+                        "message": {
+                          "text": "commentStr : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "accountName : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 20,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java",
+                            "index": 2
                           },
                           "region": {
-                            "endColumn": 59,
-                            "endLine": 56,
-                            "startColumn": 41,
-                            "startLine": 56
+                            "start_line": 92,
+                            "start_column": 32,
+                            "end_line": 92,
+                            "end_column": 42
                           }
+                        },
+                        "message": {
+                          "text": "xml : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "query"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java",
+                            "index": 2
+                          },
+                          "region": {
+                            "start_line": 101,
+                            "start_column": 62,
+                            "end_line": 101,
+                            "end_column": 65
+                          }
                         },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 20,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java"
+                        "message": {
+                          "text": "xml : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java",
+                            "index": 2
                           },
                           "region": {
-                            "endColumn": 65,
-                            "endLine": 67,
-                            "startColumn": 60,
-                            "startLine": 67
+                            "start_line": 101,
+                            "start_column": 45,
+                            "end_line": 101,
+                            "end_column": 66
                           }
+                        },
+                        "message": {
+                          "text": "new StringReader(...)"
                         }
                       }
                     }
@@ -3126,82 +1846,101 @@
               ]
             },
             {
-              "threadFlows": [
+              "thread_flows": [
                 {
                   "locations": [
                     {
                       "location": {
-                        "message": {
-                          "text": "userId : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 21,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidation.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java",
+                            "index": 4
                           },
                           "region": {
-                            "endColumn": 95,
-                            "endLine": 48,
-                            "startColumn": 32,
-                            "startLine": 48
+                            "start_line": 69,
+                            "start_column": 70,
+                            "end_line": 69,
+                            "end_column": 100
                           }
+                        },
+                        "message": {
+                          "text": "commentStr : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "userId : String"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java",
+                            "index": 4
+                          },
+                          "region": {
+                            "start_line": 76,
+                            "start_column": 49,
+                            "end_line": 76,
+                            "end_column": 59
+                          }
                         },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 21,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidation.java"
+                        "message": {
+                          "text": "commentStr : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java",
+                            "index": 2
                           },
                           "region": {
-                            "endColumn": 68,
-                            "endLine": 52,
-                            "startColumn": 62,
-                            "startLine": 52
+                            "start_line": 92,
+                            "start_column": 32,
+                            "end_line": 92,
+                            "end_column": 42
                           }
+                        },
+                        "message": {
+                          "text": "xml : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "accountName : String"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 20,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java",
+                            "index": 2
                           },
                           "region": {
-                            "endColumn": 59,
-                            "endLine": 56,
-                            "startColumn": 41,
-                            "startLine": 56
+                            "start_line": 101,
+                            "start_column": 62,
+                            "end_line": 101,
+                            "end_column": 65
                           }
+                        },
+                        "message": {
+                          "text": "xml : String"
                         }
                       }
                     },
                     {
                       "location": {
-                        "message": {
-                          "text": "query"
-                        },
-                        "physicalLocation": {
-                          "artifactLocation": {
-                            "index": 20,
-                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java"
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/Comments.java",
+                            "index": 2
                           },
                           "region": {
-                            "endColumn": 65,
-                            "endLine": 67,
-                            "startColumn": 60,
-                            "startLine": 67
+                            "start_line": 101,
+                            "start_column": 45,
+                            "end_line": 101,
+                            "end_column": 66
                           }
+                        },
+                        "message": {
+                          "text": "new StringReader(...)"
                         }
                       }
                     }
@@ -3210,1281 +1949,2611 @@
               ]
             }
           ],
-          "correlationGuid": "11e9ead0-0c29-494d-a56c-ffb63d9d57b1",
-          "level": "error",
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 20,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java"
-                },
-                "region": {
-                  "endColumn": 65,
-                  "endLine": 67,
-                  "startColumn": 60,
-                  "startLine": 67
-                }
-              }
-            }
-          ],
-          "message": {
-            "text": "Query might include code from [this user input](1).\nQuery might include code from [this user input](2)."
-          },
-          "partialFingerprints": {
-            "primaryLocationLineHash": "2b95e3c48ba92cd0:1"
-          },
-          "properties": {
-            "github/alertNumber": 1,
-            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/1"
-          },
-          "relatedLocations": [
+          "related_locations": [
             {
               "id": 1,
-              "message": {
-                "text": "this user input"
-              },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/ContentTypeAssignment.java",
+                  "index": 0
                 },
                 "region": {
-                  "endColumn": 65,
-                  "endLine": 51,
-                  "startColumn": 35,
-                  "startLine": 51
+                  "start_line": 59,
+                  "start_column": 67,
+                  "end_line": 59,
+                  "end_column": 97
                 }
+              },
+              "message": {
+                "text": "user input"
               }
             },
             {
               "id": 2,
-              "message": {
-                "text": "this user input"
-              },
-              "physicalLocation": {
-                "artifactLocation": {
-                  "index": 0,
-                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidation.java"
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java",
+                  "index": 0
                 },
                 "region": {
-                  "endColumn": 95,
-                  "endLine": 48,
-                  "startColumn": 32,
-                  "startLine": 48
+                  "start_line": 69,
+                  "start_column": 70,
+                  "end_line": 69,
+                  "end_column": 100
                 }
+              },
+              "message": {
+                "text": "user input"
               }
             }
           ],
-          "rule": {
-            "toolComponent": {
-              "index": 14
-            },
-            "index": 28
+          "properties": {
+            "github/alertNumber": 21,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/21"
           }
-        }
-      ],
-      "tool": {
-        "driver": {
-          "name": "CodeQL",
-          "version": "2.8.0"
         },
-        "extensions": [
-          {
-            "name": "legacy-upgrades",
-            "semanticVersion": "0.0.0"
-          },
-          {
-            "name": "codeql/python-all",
-            "semanticVersion": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/python-examples",
-            "semanticVersion": "0.0.2+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/ruby-all",
-            "semanticVersion": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/java-all",
-            "semanticVersion": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/csharp-all",
-            "semanticVersion": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/javascript-all",
-            "semanticVersion": "0.0.9+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/csharp-examples",
-            "semanticVersion": "0.0.2+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/ruby-examples",
-            "semanticVersion": "0.0.2+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/cpp-examples",
-            "semanticVersion": "0.0.2+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/ruby-queries",
-            "semanticVersion": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/go-examples",
-            "semanticVersion": "0.0.2+14d227a232489bccc3e2661088452af185a2516b"
-          },
-          {
-            "name": "codeql/java-examples",
-            "semanticVersion": "0.0.2+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+        {
+          "rule": {
+            "index": 35,
+            "tool_component": {
+              "index": 14
+            }
           },
-          {
-            "name": "codeql/csharp-queries",
-            "semanticVersion": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+          "level": "error",
+          "message": {
+            "text": "Unsafe deserialization of [user input](1)."
           },
-          {
-            "name": "codeql/java-queries",
-            "rules": [
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Instantiating an Android fragment from a user-provided value may allow a malicious application to bypass access controls, exposing the application to unintended effects."
-                },
-                "help": {
-                  "markdown": "# Android fragment injection\nWhen fragments are instantiated with externally provided names, this exposes any exported activity that dynamically creates and hosts the fragment to fragment injection. A malicious application could provide the name of an arbitrary fragment, even one not designed to be externally accessible, and inject it into the activity. This can bypass access controls and expose the application to unintended effects.\n\nFragments are reusable parts of an Android application's user interface. Even though a fragment controls its own lifecycle and layout, and handles its input events, it cannot exist on its own: it must be hosted either by an activity or another fragment. This means that, normally, a fragment will be accessible by third-party applications (that is, exported) only if its hosting activity is itself exported.\n\n\n## Recommendation\nIn general, do not instantiate classes (including fragments) with user-provided names unless the name has been properly validated. Also, if an exported activity is extending the `PreferenceActivity` class, make sure that the `isValidFragment` method is overriden and only returns `true` when the provided `fragmentName` points to an intended fragment.\n\n\n## Example\nThe following example shows two cases: in the first one, untrusted data is used to instantiate and add a fragment to an activity, while in the second one, a fragment is safely added with a static name.\n\n\n```java\npublic class MyActivity extends FragmentActivity {\n\n    @Override\n    protected void onCreate(Bundle savedInstance) {\n        try {\n            super.onCreate(savedInstance);\n            // BAD: Fragment instantiated from user input without validation\n            {\n                String fName = getIntent().getStringExtra(\"fragmentName\");\n                getFragmentManager().beginTransaction().replace(com.android.internal.R.id.prefs,\n                        Fragment.instantiate(this, fName, null)).commit();\n            }\n            // GOOD: Fragment instantiated statically\n            {\n                getFragmentManager().beginTransaction()\n                        .replace(com.android.internal.R.id.prefs, new MyFragment()).commit();\n            }\n        } catch (Exception e) {\n        }\n    }\n\n}\n\n```\nThe next example shows two activities that extend `PreferenceActivity`. The first activity overrides `isValidFragment`, but it wrongly returns `true` unconditionally. The second activity correctly overrides `isValidFragment` so that it only returns `true` when `fragmentName` is a trusted fragment name.\n\n\n```java\nclass UnsafeActivity extends PreferenceActivity {\n\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // BAD: any Fragment name can be provided.\n        return true;\n    }\n}\n\n\nclass SafeActivity extends PreferenceActivity {\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // Good: only trusted Fragment names are allowed.\n        return SafeFragment1.class.getName().equals(fragmentName)\n                || SafeFragment2.class.getName().equals(fragmentName)\n                || SafeFragment3.class.getName().equals(fragmentName);\n    }\n\n}\n\n\n```\n\n## References\n* Google Help: [How to fix Fragment Injection vulnerability](https://support.google.com/faqs/answer/7188427?hl=en).\n* IBM Security Systems: [Android collapses into Fragments](https://securityintelligence.com/wp-content/uploads/2013/12/android-collapses-into-fragments.pdf).\n* Android Developers: [Fragments](https://developer.android.com/guide/fragments)\n* Common Weakness Enumeration: [CWE-470](https://cwe.mitre.org/data/definitions/470.html).\n",
-                  "text": "# Android fragment injection\nWhen fragments are instantiated with externally provided names, this exposes any exported activity that dynamically creates and hosts the fragment to fragment injection. A malicious application could provide the name of an arbitrary fragment, even one not designed to be externally accessible, and inject it into the activity. This can bypass access controls and expose the application to unintended effects.\n\nFragments are reusable parts of an Android application's user interface. Even though a fragment controls its own lifecycle and layout, and handles its input events, it cannot exist on its own: it must be hosted either by an activity or another fragment. This means that, normally, a fragment will be accessible by third-party applications (that is, exported) only if its hosting activity is itself exported.\n\n\n## Recommendation\nIn general, do not instantiate classes (including fragments) with user-provided names unless the name has been properly validated. Also, if an exported activity is extending the `PreferenceActivity` class, make sure that the `isValidFragment` method is overriden and only returns `true` when the provided `fragmentName` points to an intended fragment.\n\n\n## Example\nThe following example shows two cases: in the first one, untrusted data is used to instantiate and add a fragment to an activity, while in the second one, a fragment is safely added with a static name.\n\n\n```java\npublic class MyActivity extends FragmentActivity {\n\n    @Override\n    protected void onCreate(Bundle savedInstance) {\n        try {\n            super.onCreate(savedInstance);\n            // BAD: Fragment instantiated from user input without validation\n            {\n                String fName = getIntent().getStringExtra(\"fragmentName\");\n                getFragmentManager().beginTransaction().replace(com.android.internal.R.id.prefs,\n                        Fragment.instantiate(this, fName, null)).commit();\n            }\n            // GOOD: Fragment instantiated statically\n            {\n                getFragmentManager().beginTransaction()\n                        .replace(com.android.internal.R.id.prefs, new MyFragment()).commit();\n            }\n        } catch (Exception e) {\n        }\n    }\n\n}\n\n```\nThe next example shows two activities that extend `PreferenceActivity`. The first activity overrides `isValidFragment`, but it wrongly returns `true` unconditionally. The second activity correctly overrides `isValidFragment` so that it only returns `true` when `fragmentName` is a trusted fragment name.\n\n\n```java\nclass UnsafeActivity extends PreferenceActivity {\n\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // BAD: any Fragment name can be provided.\n        return true;\n    }\n}\n\n\nclass SafeActivity extends PreferenceActivity {\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // Good: only trusted Fragment names are allowed.\n        return SafeFragment1.class.getName().equals(fragmentName)\n                || SafeFragment2.class.getName().equals(fragmentName)\n                || SafeFragment3.class.getName().equals(fragmentName);\n    }\n\n}\n\n\n```\n\n## References\n* Google Help: [How to fix Fragment Injection vulnerability](https://support.google.com/faqs/answer/7188427?hl=en).\n* IBM Security Systems: [Android collapses into Fragments](https://securityintelligence.com/wp-content/uploads/2013/12/android-collapses-into-fragments.pdf).\n* Android Developers: [Fragments](https://developer.android.com/guide/fragments)\n* Common Weakness Enumeration: [CWE-470](https://cwe.mitre.org/data/definitions/470.html).\n"
-                },
-                "id": "java/android/fragment-injection",
-                "name": "java/android/fragment-injection",
-                "properties": {
-                  "security-severity": "9.800000",
-                  "tags": [
-                    "external/cwe/cwe-470",
-                    "security"
-                  ]
-                },
-                "shortDescription": {
-                  "text": "Android fragment injection"
-                }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "An insecure implementation of the 'isValidFragment' method of the 'PreferenceActivity' class may allow a malicious application to bypass access controls, exposing the application to unintended effects."
-                },
-                "help": {
-                  "markdown": "# Android fragment injection in PreferenceActivity\nWhen fragments are instantiated with externally provided names, this exposes any exported activity that dynamically creates and hosts the fragment to fragment injection. A malicious application could provide the name of an arbitrary fragment, even one not designed to be externally accessible, and inject it into the activity. This can bypass access controls and expose the application to unintended effects.\n\nFragments are reusable parts of an Android application's user interface. Even though a fragment controls its own lifecycle and layout, and handles its input events, it cannot exist on its own: it must be hosted either by an activity or another fragment. This means that, normally, a fragment will be accessible by third-party applications (that is, exported) only if its hosting activity is itself exported.\n\n\n## Recommendation\nIn general, do not instantiate classes (including fragments) with user-provided names unless the name has been properly validated. Also, if an exported activity is extending the `PreferenceActivity` class, make sure that the `isValidFragment` method is overriden and only returns `true` when the provided `fragmentName` points to an intended fragment.\n\n\n## Example\nThe following example shows two cases: in the first one, untrusted data is used to instantiate and add a fragment to an activity, while in the second one, a fragment is safely added with a static name.\n\n\n```java\npublic class MyActivity extends FragmentActivity {\n\n    @Override\n    protected void onCreate(Bundle savedInstance) {\n        try {\n            super.onCreate(savedInstance);\n            // BAD: Fragment instantiated from user input without validation\n            {\n                String fName = getIntent().getStringExtra(\"fragmentName\");\n                getFragmentManager().beginTransaction().replace(com.android.internal.R.id.prefs,\n                        Fragment.instantiate(this, fName, null)).commit();\n            }\n            // GOOD: Fragment instantiated statically\n            {\n                getFragmentManager().beginTransaction()\n                        .replace(com.android.internal.R.id.prefs, new MyFragment()).commit();\n            }\n        } catch (Exception e) {\n        }\n    }\n\n}\n\n```\nThe next example shows two activities that extend `PreferenceActivity`. The first activity overrides `isValidFragment`, but it wrongly returns `true` unconditionally. The second activity correctly overrides `isValidFragment` so that it only returns `true` when `fragmentName` is a trusted fragment name.\n\n\n```java\nclass UnsafeActivity extends PreferenceActivity {\n\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // BAD: any Fragment name can be provided.\n        return true;\n    }\n}\n\n\nclass SafeActivity extends PreferenceActivity {\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // Good: only trusted Fragment names are allowed.\n        return SafeFragment1.class.getName().equals(fragmentName)\n                || SafeFragment2.class.getName().equals(fragmentName)\n                || SafeFragment3.class.getName().equals(fragmentName);\n    }\n\n}\n\n\n```\n\n## References\n* Google Help: [How to fix Fragment Injection vulnerability](https://support.google.com/faqs/answer/7188427?hl=en).\n* IBM Security Systems: [Android collapses into Fragments](https://securityintelligence.com/wp-content/uploads/2013/12/android-collapses-into-fragments.pdf).\n* Android Developers: [Fragments](https://developer.android.com/guide/fragments)\n* Common Weakness Enumeration: [CWE-470](https://cwe.mitre.org/data/definitions/470.html).\n",
-                  "text": "# Android fragment injection in PreferenceActivity\nWhen fragments are instantiated with externally provided names, this exposes any exported activity that dynamically creates and hosts the fragment to fragment injection. A malicious application could provide the name of an arbitrary fragment, even one not designed to be externally accessible, and inject it into the activity. This can bypass access controls and expose the application to unintended effects.\n\nFragments are reusable parts of an Android application's user interface. Even though a fragment controls its own lifecycle and layout, and handles its input events, it cannot exist on its own: it must be hosted either by an activity or another fragment. This means that, normally, a fragment will be accessible by third-party applications (that is, exported) only if its hosting activity is itself exported.\n\n\n## Recommendation\nIn general, do not instantiate classes (including fragments) with user-provided names unless the name has been properly validated. Also, if an exported activity is extending the `PreferenceActivity` class, make sure that the `isValidFragment` method is overriden and only returns `true` when the provided `fragmentName` points to an intended fragment.\n\n\n## Example\nThe following example shows two cases: in the first one, untrusted data is used to instantiate and add a fragment to an activity, while in the second one, a fragment is safely added with a static name.\n\n\n```java\npublic class MyActivity extends FragmentActivity {\n\n    @Override\n    protected void onCreate(Bundle savedInstance) {\n        try {\n            super.onCreate(savedInstance);\n            // BAD: Fragment instantiated from user input without validation\n            {\n                String fName = getIntent().getStringExtra(\"fragmentName\");\n                getFragmentManager().beginTransaction().replace(com.android.internal.R.id.prefs,\n                        Fragment.instantiate(this, fName, null)).commit();\n            }\n            // GOOD: Fragment instantiated statically\n            {\n                getFragmentManager().beginTransaction()\n                        .replace(com.android.internal.R.id.prefs, new MyFragment()).commit();\n            }\n        } catch (Exception e) {\n        }\n    }\n\n}\n\n```\nThe next example shows two activities that extend `PreferenceActivity`. The first activity overrides `isValidFragment`, but it wrongly returns `true` unconditionally. The second activity correctly overrides `isValidFragment` so that it only returns `true` when `fragmentName` is a trusted fragment name.\n\n\n```java\nclass UnsafeActivity extends PreferenceActivity {\n\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // BAD: any Fragment name can be provided.\n        return true;\n    }\n}\n\n\nclass SafeActivity extends PreferenceActivity {\n    @Override\n    protected boolean isValidFragment(String fragmentName) {\n        // Good: only trusted Fragment names are allowed.\n        return SafeFragment1.class.getName().equals(fragmentName)\n                || SafeFragment2.class.getName().equals(fragmentName)\n                || SafeFragment3.class.getName().equals(fragmentName);\n    }\n\n}\n\n\n```\n\n## References\n* Google Help: [How to fix Fragment Injection vulnerability](https://support.google.com/faqs/answer/7188427?hl=en).\n* IBM Security Systems: [Android collapses into Fragments](https://securityintelligence.com/wp-content/uploads/2013/12/android-collapses-into-fragments.pdf).\n* Android Developers: [Fragments](https://developer.android.com/guide/fragments)\n* Common Weakness Enumeration: [CWE-470](https://cwe.mitre.org/data/definitions/470.html).\n"
-                },
-                "id": "java/android/fragment-injection-preference-activity",
-                "name": "java/android/fragment-injection-preference-activity",
-                "properties": {
-                  "security-severity": "9.800000",
-                  "tags": [
-                    "external/cwe/cwe-470",
-                    "security"
-                  ]
-                },
-                "shortDescription": {
-                  "text": "Android fragment injection in PreferenceActivity"
-                }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Sending an implicit and mutable 'PendingIntent' to an unspecified third party component may provide an attacker with access to internal components of the application or cause other unintended effects."
-                },
-                "help": {
-                  "markdown": "# Use of implicit PendingIntents\nA `PendingIntent` is used to wrap an `Intent` that will be supplied and executed by another application. When the `Intent` is executed, it behaves as if it were run directly by the supplying application, using the privileges of that application.\n\nIf a `PendingIntent` is configured to be mutable, the fields of its internal `Intent` can be changed by the receiving application if they were not previously set. This means that a mutable `PendingIntent` that has not defined a destination component (that is, an implicit `PendingIntent`) can be altered to execute an arbitrary action with the privileges of the application that created it.\n\nA malicious application can access an implicit `PendingIntent` as follows:\n\n* It is wrapped and sent as an extra of another implicit `Intent`.\n* It is sent as the action of a `Slide`.\n* It is sent as the action of a `Notification`.\n\n\nOn gaining access, the attacker can modify the underlying `Intent` and execute an arbitrary action with elevated privileges. This could give the malicious application access to private components of the victim application, or the ability to perform actions without having the necessary permissions.\n\n\n## Recommendation\nAvoid creating implicit `PendingIntent`s. This means that the underlying `Intent` should always have an explicit destination component.\n\nWhen you add the `PendingIntent` as an extra of another `Intent`, make sure that this second `Intent` also has an explicit destination component, so that it is not delivered to untrusted applications.\n\nCreate the `PendingIntent` using the flag `FLAG_IMMUTABLE` whenever possible, to prevent the destination component from modifying empty fields of the underlying `Intent`.\n\n\n## Example\nIn the following examples, a `PendingIntent` is created and wrapped as an extra of another `Intent`.\n\nIn the first example, both the `PendingIntent` and the `Intent` it is wrapped in are implicit, making them vulnerable to attack.\n\nIn the second example, the issue is avoided by adding explicit destination components to the `PendingIntent` and the wrapping `Intent`.\n\nThe third example uses the `FLAG_IMMUTABLE` flag to prevent the underlying `Intent` from being modified by the destination component.\n\n\n```java\nimport android.app.Activity;\nimport android.app.PendingIntent;\nimport android.content.Intent;\nimport android.os.Bundle;\n\npublic class ImplicitPendingIntents extends Activity {\n\n\tpublic void onCreate(Bundle savedInstance) {\n\t\t{\n\t\t\t// BAD: an implicit Intent is used to create a PendingIntent.\n\t\t\t// The PendingIntent is then added to another implicit Intent\n\t\t\t// and started.\n\t\t\tIntent baseIntent = new Intent();\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, baseIntent, PendingIntent.FLAG_ONE_SHOT);\n\t\t\tIntent fwdIntent = new Intent(\"SOME_ACTION\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tsendBroadcast(fwdIntent);\n\t\t}\n\n\t\t{\n\t\t\t// GOOD: both the PendingIntent and the wrapping Intent are explicit.\n\t\t\tIntent safeIntent = new Intent(this, AnotherActivity.class);\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, safeIntent, PendingIntent.FLAG_ONE_SHOT);\n\t\t\tIntent fwdIntent = new Intent();\n\t\t\tfwdIntent.setClassName(\"destination.package\", \"DestinationClass\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tstartActivity(fwdIntent);\n\t\t}\n\n\t\t{\n\t\t\t// GOOD: The PendingIntent is created with FLAG_IMMUTABLE.\n\t\t\tIntent baseIntent = new Intent(\"SOME_ACTION\");\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, baseIntent, PendingIntent.FLAG_IMMUTABLE);\n\t\t\tIntent fwdIntent = new Intent();\n\t\t\tfwdIntent.setClassName(\"destination.package\", \"DestinationClass\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tstartActivity(fwdIntent);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* Google Help: [ Remediation for Implicit PendingIntent Vulnerability ](https://support.google.com/faqs/answer/10437428?hl=en)\n* University of Potsdam: [ PIAnalyzer: A precise approach for PendingIntent vulnerability analysis ](https://www.cs.uni-potsdam.de/se/papers/esorics18.pdf)\n* Common Weakness Enumeration: [CWE-927](https://cwe.mitre.org/data/definitions/927.html).\n",
-                  "text": "# Use of implicit PendingIntents\nA `PendingIntent` is used to wrap an `Intent` that will be supplied and executed by another application. When the `Intent` is executed, it behaves as if it were run directly by the supplying application, using the privileges of that application.\n\nIf a `PendingIntent` is configured to be mutable, the fields of its internal `Intent` can be changed by the receiving application if they were not previously set. This means that a mutable `PendingIntent` that has not defined a destination component (that is, an implicit `PendingIntent`) can be altered to execute an arbitrary action with the privileges of the application that created it.\n\nA malicious application can access an implicit `PendingIntent` as follows:\n\n* It is wrapped and sent as an extra of another implicit `Intent`.\n* It is sent as the action of a `Slide`.\n* It is sent as the action of a `Notification`.\n\n\nOn gaining access, the attacker can modify the underlying `Intent` and execute an arbitrary action with elevated privileges. This could give the malicious application access to private components of the victim application, or the ability to perform actions without having the necessary permissions.\n\n\n## Recommendation\nAvoid creating implicit `PendingIntent`s. This means that the underlying `Intent` should always have an explicit destination component.\n\nWhen you add the `PendingIntent` as an extra of another `Intent`, make sure that this second `Intent` also has an explicit destination component, so that it is not delivered to untrusted applications.\n\nCreate the `PendingIntent` using the flag `FLAG_IMMUTABLE` whenever possible, to prevent the destination component from modifying empty fields of the underlying `Intent`.\n\n\n## Example\nIn the following examples, a `PendingIntent` is created and wrapped as an extra of another `Intent`.\n\nIn the first example, both the `PendingIntent` and the `Intent` it is wrapped in are implicit, making them vulnerable to attack.\n\nIn the second example, the issue is avoided by adding explicit destination components to the `PendingIntent` and the wrapping `Intent`.\n\nThe third example uses the `FLAG_IMMUTABLE` flag to prevent the underlying `Intent` from being modified by the destination component.\n\n\n```java\nimport android.app.Activity;\nimport android.app.PendingIntent;\nimport android.content.Intent;\nimport android.os.Bundle;\n\npublic class ImplicitPendingIntents extends Activity {\n\n\tpublic void onCreate(Bundle savedInstance) {\n\t\t{\n\t\t\t// BAD: an implicit Intent is used to create a PendingIntent.\n\t\t\t// The PendingIntent is then added to another implicit Intent\n\t\t\t// and started.\n\t\t\tIntent baseIntent = new Intent();\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, baseIntent, PendingIntent.FLAG_ONE_SHOT);\n\t\t\tIntent fwdIntent = new Intent(\"SOME_ACTION\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tsendBroadcast(fwdIntent);\n\t\t}\n\n\t\t{\n\t\t\t// GOOD: both the PendingIntent and the wrapping Intent are explicit.\n\t\t\tIntent safeIntent = new Intent(this, AnotherActivity.class);\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, safeIntent, PendingIntent.FLAG_ONE_SHOT);\n\t\t\tIntent fwdIntent = new Intent();\n\t\t\tfwdIntent.setClassName(\"destination.package\", \"DestinationClass\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tstartActivity(fwdIntent);\n\t\t}\n\n\t\t{\n\t\t\t// GOOD: The PendingIntent is created with FLAG_IMMUTABLE.\n\t\t\tIntent baseIntent = new Intent(\"SOME_ACTION\");\n\t\t\tPendingIntent pi =\n\t\t\t\t\tPendingIntent.getActivity(this, 0, baseIntent, PendingIntent.FLAG_IMMUTABLE);\n\t\t\tIntent fwdIntent = new Intent();\n\t\t\tfwdIntent.setClassName(\"destination.package\", \"DestinationClass\");\n\t\t\tfwdIntent.putExtra(\"fwdIntent\", pi);\n\t\t\tstartActivity(fwdIntent);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* Google Help: [ Remediation for Implicit PendingIntent Vulnerability ](https://support.google.com/faqs/answer/10437428?hl=en)\n* University of Potsdam: [ PIAnalyzer: A precise approach for PendingIntent vulnerability analysis ](https://www.cs.uni-potsdam.de/se/papers/esorics18.pdf)\n* Common Weakness Enumeration: [CWE-927](https://cwe.mitre.org/data/definitions/927.html).\n"
-                },
-                "id": "java/android/implicit-pendingintents",
-                "name": "java/android/implicit-pendingintents",
-                "properties": {
-                  "security-severity": "8.200000",
-                  "tags": [
-                    "external/cwe/cwe-927",
-                    "security"
-                  ]
-                },
-                "shortDescription": {
-                  "text": "Use of implicit PendingIntents"
-                }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Starting Android components with user-provided Intents can provide access to internal components of the application, increasing the attack surface and potentially causing unintended effects."
-                },
-                "help": {
-                  "markdown": "# Android Intent redirection\nAn exported Android component that obtains a user-provided Intent and uses it to launch another component can be exploited to obtain access to private, unexported components of the same app or to launch other apps' components on behalf of the victim app.\n\n\n## Recommendation\nDo not export components that start other components from a user-provided Intent. They can be made private by setting the `android:exported` property to `false` in the app's Android Manifest.\n\nIf this is not possible, restrict either which apps can send Intents to the affected component, or which components can be started from it.\n\n\n## Example\nThe following snippet contains three examples. In the first example, an arbitrary component can be started from the externally provided `forward_intent` Intent. In the second example, the destination component of the Intent is first checked to make sure it is safe. In the third example, the component that created the Intent is first checked to make sure it comes from a trusted origin.\n\n\n```java\n// BAD: A user-provided Intent is used to launch an arbitrary component\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nstartActivity(forwardIntent);\n\n// GOOD: The destination component is checked before launching it\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nComponentName destinationComponent = forwardIntent.resolveActivity(getPackageManager());\nif (destinationComponent.getPackageName().equals(\"safe.package\") && \n    destinationComponent.getClassName().equals(\"SafeClass\")) {\n    startActivity(forwardIntent);\n}\n\n// GOOD: The component that sent the Intent is checked before launching the destination component\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nComponentName originComponent = getCallingActivity();\nif (originComponent.getPackageName().equals(\"trusted.package\") && originComponent.getClassName().equals(\"TrustedClass\")) {\n    startActivity(forwardIntent);\n}\n\n```\n\n## References\n* Google: [Remediation for Intent Redirection Vulnerability](https://support.google.com/faqs/answer/9267555?hl=en).\n* OWASP Mobile Security Testing Guide: [Intents](https://mobile-security.gitbook.io/mobile-security-testing-guide/android-testing-guide/0x05a-platform-overview#intents).\n* Android Developers: [The android:exported attribute](https://developer.android.com/guide/topics/manifest/activity-element#exported).\n* Common Weakness Enumeration: [CWE-926](https://cwe.mitre.org/data/definitions/926.html).\n* Common Weakness Enumeration: [CWE-940](https://cwe.mitre.org/data/definitions/940.html).\n",
-                  "text": "# Android Intent redirection\nAn exported Android component that obtains a user-provided Intent and uses it to launch another component can be exploited to obtain access to private, unexported components of the same app or to launch other apps' components on behalf of the victim app.\n\n\n## Recommendation\nDo not export components that start other components from a user-provided Intent. They can be made private by setting the `android:exported` property to `false` in the app's Android Manifest.\n\nIf this is not possible, restrict either which apps can send Intents to the affected component, or which components can be started from it.\n\n\n## Example\nThe following snippet contains three examples. In the first example, an arbitrary component can be started from the externally provided `forward_intent` Intent. In the second example, the destination component of the Intent is first checked to make sure it is safe. In the third example, the component that created the Intent is first checked to make sure it comes from a trusted origin.\n\n\n```java\n// BAD: A user-provided Intent is used to launch an arbitrary component\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nstartActivity(forwardIntent);\n\n// GOOD: The destination component is checked before launching it\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nComponentName destinationComponent = forwardIntent.resolveActivity(getPackageManager());\nif (destinationComponent.getPackageName().equals(\"safe.package\") && \n    destinationComponent.getClassName().equals(\"SafeClass\")) {\n    startActivity(forwardIntent);\n}\n\n// GOOD: The component that sent the Intent is checked before launching the destination component\nIntent forwardIntent = (Intent) getIntent().getParcelableExtra(\"forward_intent\");\nComponentName originComponent = getCallingActivity();\nif (originComponent.getPackageName().equals(\"trusted.package\") && originComponent.getClassName().equals(\"TrustedClass\")) {\n    startActivity(forwardIntent);\n}\n\n```\n\n## References\n* Google: [Remediation for Intent Redirection Vulnerability](https://support.google.com/faqs/answer/9267555?hl=en).\n* OWASP Mobile Security Testing Guide: [Intents](https://mobile-security.gitbook.io/mobile-security-testing-guide/android-testing-guide/0x05a-platform-overview#intents).\n* Android Developers: [The android:exported attribute](https://developer.android.com/guide/topics/manifest/activity-element#exported).\n* Common Weakness Enumeration: [CWE-926](https://cwe.mitre.org/data/definitions/926.html).\n* Common Weakness Enumeration: [CWE-940](https://cwe.mitre.org/data/definitions/940.html).\n"
-                },
-                "id": "java/android/intent-redirection",
-                "name": "java/android/intent-redirection",
-                "properties": {
-                  "security-severity": "7.500000",
-                  "tags": [
-                    "external/cwe/cwe-926",
-                    "external/cwe/cwe-940",
-                    "security"
-                  ]
-                },
-                "shortDescription": {
-                  "text": "Android Intent redirection"
-                }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Returning an externally provided Intent via 'setResult' may allow a malicious application to access arbitrary content providers of the vulnerable application."
-                },
-                "help": {
-                  "markdown": "# Intent URI permission manipulation\nWhen an Android component expects a result from an Activity, `startActivityForResult` can be used. The started Activity can then use `setResult` to return the appropriate data to the calling component.\n\nIf an Activity obtains the incoming, user-provided Intent and directly returns it via `setResult` without any checks, the application may be unintentionally giving arbitrary access to its content providers, even if they are not exported, as long as they are configured with the attribute `android:grantUriPermissions=\"true\"`. This happens because the attacker adds the appropriate URI permission flags to the provided Intent, which take effect once the Intent is reflected back.\n\n\n## Recommendation\nAvoid returning user-provided or untrusted Intents via `setResult`. Use a new Intent instead.\n\nIf it is required to use the received Intent, make sure that it does not contain URI permission flags, either by checking them with `Intent.getFlags` or removing them with `Intent.removeFlags`.\n\n\n## Example\nThe following sample contains three examples. In the first example, a user-provided Intent is obtained and directly returned back with `setResult`, which is dangerous. In the second example, a new Intent is created to safely return the desired data. The third example shows how the obtained Intent can be sanitized by removing dangerous flags before using it to return data to the calling component.\n\n\n```java\npublic class IntentUriPermissionManipulation extends Activity {\n\n    // BAD: the user-provided Intent is returned as-is\n    public void dangerous() {\n        Intent intent = getIntent();\n        intent.putExtra(\"result\", \"resultData\");\n        setResult(intent);\n    }\n\n    // GOOD: a new Intent is created and returned\n    public void safe() {\n        Intent intent = new Intent();\n        intent.putExtra(\"result\", \"resultData\");\n        setResult(intent);\n    }\n\n    // GOOD: the user-provided Intent is sanitized before being returned\n    public void sanitized() {\n        Intent intent = getIntent();\n        intent.putExtra(\"result\", \"resultData\");\n        intent.removeFlags(\n                Intent.FLAG_GRANT_WRITE_URI_PERMISSION | Intent.FLAG_GRANT_READ_URI_PERMISSION);\n        setResult(intent);\n    }\n}\n\n```\n\n## References\n* Google Help: [Remediation for Intent Redirection Vulnerability](https://support.google.com/faqs/answer/9267555?hl=en).\n* Common Weakness Enumeration: [CWE-266](https://cwe.mitre.org/data/definitions/266.html).\n* Common Weakness Enumeration: [CWE-926](https://cwe.mitre.org/data/definitions/926.html).\n",
-                  "text": "# Intent URI permission manipulation\nWhen an Android component expects a result from an Activity, `startActivityForResult` can be used. The started Activity can then use `setResult` to return the appropriate data to the calling component.\n\nIf an Activity obtains the incoming, user-provided Intent and directly returns it via `setResult` without any checks, the application may be unintentionally giving arbitrary access to its content providers, even if they are not exported, as long as they are configured with the attribute `android:grantUriPermissions=\"true\"`. This happens because the attacker adds the appropriate URI permission flags to the provided Intent, which take effect once the Intent is reflected back.\n\n\n## Recommendation\nAvoid returning user-provided or untrusted Intents via `setResult`. Use a new Intent instead.\n\nIf it is required to use the received Intent, make sure that it does not contain URI permission flags, either by checking them with `Intent.getFlags` or removing them with `Intent.removeFlags`.\n\n\n## Example\nThe following sample contains three examples. In the first example, a user-provided Intent is obtained and directly returned back with `setResult`, which is dangerous. In the second example, a new Intent is created to safely return the desired data. The third example shows how the obtained Intent can be sanitized by removing dangerous flags before using it to return data to the calling component.\n\n\n```java\npublic class IntentUriPermissionManipulation extends Activity {\n\n    // BAD: the user-provided Intent is returned as-is\n    public void dangerous() {\n        Intent intent = getIntent();\n        intent.putExtra(\"result\", \"resultData\");\n        setResult(intent);\n    }\n\n    // GOOD: a new Intent is created and returned\n    public void safe() {\n        Intent intent = new Intent();\n        intent.putExtra(\"result\", \"resultData\");\n        setResult(intent);\n    }\n\n    // GOOD: the user-provided Intent is sanitized before being returned\n    public void sanitized() {\n        Intent intent = getIntent();\n        intent.putExtra(\"result\", \"resultData\");\n        intent.removeFlags(\n                Intent.FLAG_GRANT_WRITE_URI_PERMISSION | Intent.FLAG_GRANT_READ_URI_PERMISSION);\n        setResult(intent);\n    }\n}\n\n```\n\n## References\n* Google Help: [Remediation for Intent Redirection Vulnerability](https://support.google.com/faqs/answer/9267555?hl=en).\n* Common Weakness Enumeration: [CWE-266](https://cwe.mitre.org/data/definitions/266.html).\n* Common Weakness Enumeration: [CWE-926](https://cwe.mitre.org/data/definitions/926.html).\n"
-                },
-                "id": "java/android/intent-uri-permission-manipulation",
-                "name": "java/android/intent-uri-permission-manipulation",
-                "properties": {
-                  "security-severity": "7.800000",
-                  "tags": [
-                    "external/cwe/cwe-266",
-                    "external/cwe/cwe-926",
-                    "security"
-                  ]
-                },
-                "shortDescription": {
-                  "text": "Intent URI permission manipulation"
-                }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Storing sensitive information in cleartext can expose it to an attacker."
-                },
-                "help": {
-                  "markdown": "# Cleartext storage of sensitive information in cookie\nSensitive information that is stored unencrypted is accessible to an attacker who gains access to the storage.\n\n\n## Recommendation\nEnsure that sensitive information is always encrypted before being stored. It may be wise to encrypt information before it is put into a heap data structure (such as `Java.util.Properties`) that may be written to disk later. Objects that are serializable or marshallable should also always contain encrypted information unless you are certain that they are not ever going to be serialized.\n\nIn general, decrypt sensitive information only at the point where it is necessary for it to be used in cleartext.\n\n\n## Example\nThe following example shows two ways of storing user credentials in a cookie. In the 'BAD' case, the credentials are simply stored in cleartext. In the 'GOOD' case, the credentials are hashed before storing them.\n\n\n```java\npublic static void main(String[] args) {\n\t{\n\t\tString data;\n\t\tPasswordAuthentication credentials =\n\t\t\t\tnew PasswordAuthentication(\"user\", \"BP@ssw0rd\".toCharArray());\n\t\tdata = credentials.getUserName() + \":\" + new String(credentials.getPassword());\n\t\n\t\t// BAD: store data in a cookie in cleartext form\n\t\tresponse.addCookie(new Cookie(\"auth\", data));\n\t}\n\t\n\t{\n\t\tString data;\n\t\tPasswordAuthentication credentials =\n\t\t\t\tnew PasswordAuthentication(\"user\", \"GP@ssw0rd\".toCharArray());\n\t\tString salt = \"ThisIsMySalt\";\n\t\tMessageDigest messageDigest = MessageDigest.getInstance(\"SHA-512\");\n\t\tmessageDigest.reset();\n\t\tString credentialsToHash =\n\t\t\t\tcredentials.getUserName() + \":\" + credentials.getPassword();\n\t\tbyte[] hashedCredsAsBytes =\n\t\t\t\tmessageDigest.digest((salt+credentialsToHash).getBytes(\"UTF-8\"));\n\t\tdata = bytesToString(hashedCredsAsBytes);\n\t\t\n\t\t// GOOD: store data in a cookie in encrypted form\n\t\tresponse.addCookie(new Cookie(\"auth\", data));\n\t}\n}\n\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SER03-J. Do not serialize unencrypted, sensitive data](https://wiki.sei.cmu.edu/confluence/display/java/SER03-J.+Do+not+serialize+unencrypted+sensitive+data).\n* M. Dowd, J. McDonald and J. Schuhm, *The Art of Software Security Assessment*, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.\n* M. Howard and D. LeBlanc, *Writing Secure Code*, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.\n* Common Weakness Enumeration: [CWE-315](https://cwe.mitre.org/data/definitions/315.html).\n",
-                  "text": "# Cleartext storage of sensitive information in cookie\nSensitive information that is stored unencrypted is accessible to an attacker who gains access to the storage.\n\n\n## Recommendation\nEnsure that sensitive information is always encrypted before being stored. It may be wise to encrypt information before it is put into a heap data structure (such as `Java.util.Properties`) that may be written to disk later. Objects that are serializable or marshallable should also always contain encrypted information unless you are certain that they are not ever going to be serialized.\n\nIn general, decrypt sensitive information only at the point where it is necessary for it to be used in cleartext.\n\n\n## Example\nThe following example shows two ways of storing user credentials in a cookie. In the 'BAD' case, the credentials are simply stored in cleartext. In the 'GOOD' case, the credentials are hashed before storing them.\n\n\n```java\npublic static void main(String[] args) {\n\t{\n\t\tString data;\n\t\tPasswordAuthentication credentials =\n\t\t\t\tnew PasswordAuthentication(\"user\", \"BP@ssw0rd\".toCharArray());\n\t\tdata = credentials.getUserName() + \":\" + new String(credentials.getPassword());\n\t\n\t\t// BAD: store data in a cookie in cleartext form\n\t\tresponse.addCookie(new Cookie(\"auth\", data));\n\t}\n\t\n\t{\n\t\tString data;\n\t\tPasswordAuthentication credentials =\n\t\t\t\tnew PasswordAuthentication(\"user\", \"GP@ssw0rd\".toCharArray());\n\t\tString salt = \"ThisIsMySalt\";\n\t\tMessageDigest messageDigest = MessageDigest.getInstance(\"SHA-512\");\n\t\tmessageDigest.reset();\n\t\tString credentialsToHash =\n\t\t\t\tcredentials.getUserName() + \":\" + credentials.getPassword();\n\t\tbyte[] hashedCredsAsBytes =\n\t\t\t\tmessageDigest.digest((salt+credentialsToHash).getBytes(\"UTF-8\"));\n\t\tdata = bytesToString(hashedCredsAsBytes);\n\t\t\n\t\t// GOOD: store data in a cookie in encrypted form\n\t\tresponse.addCookie(new Cookie(\"auth\", data));\n\t}\n}\n\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SER03-J. Do not serialize unencrypted, sensitive data](https://wiki.sei.cmu.edu/confluence/display/java/SER03-J.+Do+not+serialize+unencrypted+sensitive+data).\n* M. Dowd, J. McDonald and J. Schuhm, *The Art of Software Security Assessment*, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.\n* M. Howard and D. LeBlanc, *Writing Secure Code*, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.\n* Common Weakness Enumeration: [CWE-315](https://cwe.mitre.org/data/definitions/315.html).\n"
-                },
-                "id": "java/cleartext-storage-in-cookie",
-                "name": "java/cleartext-storage-in-cookie",
-                "properties": {
-                  "security-severity": "5.000000",
-                  "tags": [
-                    "external/cwe/cwe-315",
-                    "security"
-                  ]
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java",
+                  "index": 5
                 },
-                "shortDescription": {
-                  "text": "Cleartext storage of sensitive information in cookie"
+                "region": {
+                  "start_line": 52,
+                  "start_column": 33,
+                  "end_line": 52,
+                  "end_column": 57
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Using externally controlled strings in a command line is vulnerable to malicious changes in the strings."
-                },
-                "help": {
-                  "markdown": "# Uncontrolled command line\nCode that passes user input directly to `Runtime.exec`, or some other library routine that executes a command, allows the user to execute malicious code.\n\n\n## Recommendation\nIf possible, use hard-coded string literals to specify the command to run or library to load. Instead of passing the user input directly to the process or library function, examine the user input and then choose among hard-coded string literals.\n\nIf the applicable libraries or commands cannot be determined at compile time, then add code to verify that the user input string is safe before using it.\n\n\n## Example\nThe following example shows code that takes a shell script that can be changed maliciously by a user, and passes it straight to `Runtime.exec` without examining it first.\n\n\n```java\nclass Test {\n    public static void main(String[] args) {\n        String script = System.getenv(\"SCRIPTNAME\");\n        if (script != null) {\n            // BAD: The script to be executed is controlled by the user.\n            Runtime.getRuntime().exec(script);\n        }\n    }\n}\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* SEI CERT Oracle Coding Standard for Java: [IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method](https://wiki.sei.cmu.edu/confluence/display/java/IDS07-J.+Sanitize+untrusted+data+passed+to+the+Runtime.exec()+method).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n",
-                  "text": "# Uncontrolled command line\nCode that passes user input directly to `Runtime.exec`, or some other library routine that executes a command, allows the user to execute malicious code.\n\n\n## Recommendation\nIf possible, use hard-coded string literals to specify the command to run or library to load. Instead of passing the user input directly to the process or library function, examine the user input and then choose among hard-coded string literals.\n\nIf the applicable libraries or commands cannot be determined at compile time, then add code to verify that the user input string is safe before using it.\n\n\n## Example\nThe following example shows code that takes a shell script that can be changed maliciously by a user, and passes it straight to `Runtime.exec` without examining it first.\n\n\n```java\nclass Test {\n    public static void main(String[] args) {\n        String script = System.getenv(\"SCRIPTNAME\");\n        if (script != null) {\n            // BAD: The script to be executed is controlled by the user.\n            Runtime.getRuntime().exec(script);\n        }\n    }\n}\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* SEI CERT Oracle Coding Standard for Java: [IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method](https://wiki.sei.cmu.edu/confluence/display/java/IDS07-J.+Sanitize+untrusted+data+passed+to+the+Runtime.exec()+method).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n"
-                },
-                "id": "java/command-line-injection",
-                "name": "java/command-line-injection",
-                "properties": {
-                  "security-severity": "9.800000",
-                  "tags": [
-                    "external/cwe/cwe-078",
-                    "external/cwe/cwe-088",
-                    "security"
+              }
+            }
+          ],
+          "guid": "51e703f7-bc9a-492b-a9ac-de5a0bc6e204",
+          "correlation_guid": "dc7a7a3c-5c30-41e9-b2bb-19b9da3fbd4e",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "350c8895428d29a7:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java",
+                            "index": 5
+                          },
+                          "region": {
+                            "start_line": 41,
+                            "start_column": 28,
+                            "end_line": 41,
+                            "end_column": 56
+                          }
+                        },
+                        "message": {
+                          "text": "payload : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java",
+                            "index": 5
+                          },
+                          "region": {
+                            "start_line": 52,
+                            "start_column": 49,
+                            "end_line": 52,
+                            "end_column": 56
+                          }
+                        },
+                        "message": {
+                          "text": "payload"
+                        }
+                      }
+                    }
                   ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/vulnerable-components/src/main/java/org/owasp/webgoat/vulnerable_components/VulnerableComponentsLesson.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Uncontrolled command line"
+                "region": {
+                  "start_line": 41,
+                  "start_column": 28,
+                  "end_line": 41,
+                  "end_column": 56
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Using concatenated strings in a command line is vulnerable to malicious insertion of special characters in the strings."
-                },
-                "help": {
-                  "markdown": "# Building a command line with string concatenation\nCode that builds a command line by concatenating strings that have been entered by a user allows the user to execute malicious code.\n\n\n## Recommendation\nExecute external commands using an array of strings rather than a single string. By using an array, many possible vulnerabilities in the formatting of the string are avoided.\n\n\n## Example\nIn the following example, `latlonCoords` contains a string that has been entered by a user but not validated by the program. This allows the user to, for example, append an ampersand (&amp;) followed by the command for a malicious program to the end of the string. The ampersand instructs Windows to execute another program. In the block marked 'BAD', `latlonCoords` is passed to `exec` as part of a concatenated string, which allows more than one command to be executed. However, in the block marked 'GOOD', `latlonCoords` is passed as part of an array, which means that `exec` treats it only as an argument.\n\n\n```java\nclass Test {\n    public static void main(String[] args) {\n        // BAD: user input might include special characters such as ampersands\n        {\n            String latlonCoords = args[1];\n            Runtime rt = Runtime.getRuntime();\n            Process exec = rt.exec(\"cmd.exe /C latlon2utm.exe \" + latlonCoords);\n        }\n\n        // GOOD: use an array of arguments instead of executing a string\n        {\n            String latlonCoords = args[1];\n            Runtime rt = Runtime.getRuntime();\n            Process exec = rt.exec(new String[] {\n                    \"c:\\\\path\\to\\latlon2utm.exe\",\n                    latlonCoords });\n        }\n    }\n}\n\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* SEI CERT Oracle Coding Standard for Java: [IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method](https://wiki.sei.cmu.edu/confluence/display/java/IDS07-J.+Sanitize+untrusted+data+passed+to+the+Runtime.exec()+method).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n",
-                  "text": "# Building a command line with string concatenation\nCode that builds a command line by concatenating strings that have been entered by a user allows the user to execute malicious code.\n\n\n## Recommendation\nExecute external commands using an array of strings rather than a single string. By using an array, many possible vulnerabilities in the formatting of the string are avoided.\n\n\n## Example\nIn the following example, `latlonCoords` contains a string that has been entered by a user but not validated by the program. This allows the user to, for example, append an ampersand (&amp;) followed by the command for a malicious program to the end of the string. The ampersand instructs Windows to execute another program. In the block marked 'BAD', `latlonCoords` is passed to `exec` as part of a concatenated string, which allows more than one command to be executed. However, in the block marked 'GOOD', `latlonCoords` is passed as part of an array, which means that `exec` treats it only as an argument.\n\n\n```java\nclass Test {\n    public static void main(String[] args) {\n        // BAD: user input might include special characters such as ampersands\n        {\n            String latlonCoords = args[1];\n            Runtime rt = Runtime.getRuntime();\n            Process exec = rt.exec(\"cmd.exe /C latlon2utm.exe \" + latlonCoords);\n        }\n\n        // GOOD: use an array of arguments instead of executing a string\n        {\n            String latlonCoords = args[1];\n            Runtime rt = Runtime.getRuntime();\n            Process exec = rt.exec(new String[] {\n                    \"c:\\\\path\\to\\latlon2utm.exe\",\n                    latlonCoords });\n        }\n    }\n}\n\n```\n\n## References\n* OWASP: [Command Injection](https://www.owasp.org/index.php/Command_Injection).\n* SEI CERT Oracle Coding Standard for Java: [IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method](https://wiki.sei.cmu.edu/confluence/display/java/IDS07-J.+Sanitize+untrusted+data+passed+to+the+Runtime.exec()+method).\n* Common Weakness Enumeration: [CWE-78](https://cwe.mitre.org/data/definitions/78.html).\n* Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).\n"
+              "message": {
+                "text": "user input"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 20,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/20"
+          }
+        },
+        {
+          "rule": {
+            "index": 20,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "A signing key is set [here](1), but the signature is not verified."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java",
+                  "index": 1
                 },
-                "id": "java/concatenated-command-line",
-                "name": "java/concatenated-command-line",
-                "properties": {
-                  "security-severity": "9.800000",
-                  "tags": [
-                    "external/cwe/cwe-078",
-                    "external/cwe/cwe-088",
-                    "security"
-                  ]
+                "region": {
+                  "start_line": 170,
+                  "start_column": 27,
+                  "end_line": 170,
+                  "end_column": 68
+                }
+              }
+            }
+          ],
+          "guid": "6b76b3fb-20e5-4be3-bf9b-91fcc91f3ac4",
+          "correlation_guid": "4f30d956-166d-4303-b83c-70617b7f455a",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "55fa3c43091de850:3"
+          },
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Building a command line with string concatenation"
+                "region": {
+                  "start_line": 170,
+                  "start_column": 27,
+                  "end_line": 170,
+                  "end_column": 68
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Evaluation of a user-controlled Groovy script may lead to arbitrary code execution."
-                },
-                "help": {
-                  "markdown": "# Groovy Language injection\nApache Groovy is a powerful, optionally typed and dynamic language, with static-typing and static compilation capabilities. It integrates smoothly with any Java program, and immediately delivers to your application powerful features, including scripting capabilities, Domain-Specific Language authoring, runtime and compile-time meta-programming and functional programming. If a Groovy script is built using attacker-controlled data, and then evaluated, then it may allow the attacker to achieve RCE.\n\n\n## Recommendation\nIt is generally recommended to avoid using untrusted input in a Groovy evaluation. If this is not possible, use a sandbox solution. Developers must also take care that Groovy compile-time metaprogramming can also lead to RCE: it is possible to achieve RCE by compiling a Groovy script (see the article \"Abusing Meta Programming for Unauthenticated RCE!\" linked below). Groovy's `SecureASTCustomizer` allows securing source code by controlling what code constructs are permitted. This is typically done when using Groovy for its scripting or domain specific language (DSL) features. The fundamental problem is that Groovy is a dynamic language, yet `SecureASTCustomizer` works by looking at Groovy AST statically. This makes it very easy for an attacker to bypass many of the intended checks (see \\[Groovy SecureASTCustomizer is harmful\\](https://kohsuke.org/2012/04/27/groovy-secureastcustomizer-is-harmful/)). Therefore, besides `SecureASTCustomizer`, runtime checks are also necessary before calling Groovy methods (see \\[Improved sandboxing of Groovy scripts\\](https://melix.github.io/blog/2015/03/sandboxing.html)). It is also possible to use a block-list method, excluding unwanted classes from being loaded by the JVM. This method is not always recommended, because block-lists can be bypassed by unexpected values.\n\n\n## Example\nThe following example uses untrusted data to evaluate a Groovy script.\n\n\n```java\npublic class GroovyInjection {\n    void injectionViaClassLoader(HttpServletRequest request) {    \n        String script = request.getParameter(\"script\");\n        final GroovyClassLoader classLoader = new GroovyClassLoader();\n        Class groovy = classLoader.parseClass(script);\n        GroovyObject groovyObj = (GroovyObject) groovy.newInstance();\n    }\n\n    void injectionViaEval(HttpServletRequest request) {\n        String script = request.getParameter(\"script\");\n        Eval.me(script);\n    }\n\n    void injectionViaGroovyShell(HttpServletRequest request) {\n        GroovyShell shell = new GroovyShell();\n        String script = request.getParameter(\"script\");\n        shell.evaluate(script);\n    }\n\n    void injectionViaGroovyShellGroovyCodeSource(HttpServletRequest request) {\n        GroovyShell shell = new GroovyShell();\n        String script = request.getParameter(\"script\");\n        GroovyCodeSource gcs = new GroovyCodeSource(script, \"test\", \"Test\");\n        shell.evaluate(gcs);\n    }\n}\n\n\n```\nThe following example uses classloader block-list approach to exclude loading dangerous classes.\n\n\n```java\npublic class SandboxGroovyClassLoader extends ClassLoader {\n    public SandboxGroovyClassLoader(ClassLoader parent) {\n        super(parent);\n    }\n\n    /* override `loadClass` here to prevent loading sensitive classes, such as `java.lang.Runtime`, `java.lang.ProcessBuilder`, `java.lang.System`, etc.  */\n    /* Note we must also block `groovy.transform.ASTTest`, `groovy.lang.GrabConfig` and `org.buildobjects.process.ProcBuilder` to prevent compile-time RCE. */\n\n    static void runWithSandboxGroovyClassLoader() throws Exception {\n        // GOOD: route all class-loading via sand-boxing classloader.\n        SandboxGroovyClassLoader classLoader = new GroovyClassLoader(new SandboxGroovyClassLoader());\n        \n        Class<?> scriptClass = classLoader.parseClass(untrusted.getQueryString());\n        Object scriptInstance = scriptClass.newInstance();\n        Object result = scriptClass.getDeclaredMethod(\"bar\", new Class[]{}).invoke(scriptInstance, new Object[]{});\n    }\n}\n```\n\n## References\n* Orange Tsai: [Abusing Meta Programming for Unauthenticated RCE!](https://blog.orange.tw/2019/02/abusing-meta-programming-for-unauthenticated-rce.html).\n* Cédric Champeau: [Improved sandboxing of Groovy scripts](https://melix.github.io/blog/2015/03/sandboxing.html).\n* Kohsuke Kawaguchi: [Groovy SecureASTCustomizer is harmful](https://kohsuke.org/2012/04/27/groovy-secureastcustomizer-is-harmful/).\n* Welk1n: [Groovy Injection payloads](https://github.com/welk1n/exploiting-groovy-in-Java/).\n* Charles Chan: [Secure Groovy Script Execution in a Sandbox](https://levelup.gitconnected.com/secure-groovy-script-execution-in-a-sandbox-ea39f80ee87/).\n* Eugene: [Scripting and sandboxing in a JVM environment](https://stringconcat.com/en/scripting-and-sandboxing/).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n",
-                  "text": "# Groovy Language injection\nApache Groovy is a powerful, optionally typed and dynamic language, with static-typing and static compilation capabilities. It integrates smoothly with any Java program, and immediately delivers to your application powerful features, including scripting capabilities, Domain-Specific Language authoring, runtime and compile-time meta-programming and functional programming. If a Groovy script is built using attacker-controlled data, and then evaluated, then it may allow the attacker to achieve RCE.\n\n\n## Recommendation\nIt is generally recommended to avoid using untrusted input in a Groovy evaluation. If this is not possible, use a sandbox solution. Developers must also take care that Groovy compile-time metaprogramming can also lead to RCE: it is possible to achieve RCE by compiling a Groovy script (see the article \"Abusing Meta Programming for Unauthenticated RCE!\" linked below). Groovy's `SecureASTCustomizer` allows securing source code by controlling what code constructs are permitted. This is typically done when using Groovy for its scripting or domain specific language (DSL) features. The fundamental problem is that Groovy is a dynamic language, yet `SecureASTCustomizer` works by looking at Groovy AST statically. This makes it very easy for an attacker to bypass many of the intended checks (see \\[Groovy SecureASTCustomizer is harmful\\](https://kohsuke.org/2012/04/27/groovy-secureastcustomizer-is-harmful/)). Therefore, besides `SecureASTCustomizer`, runtime checks are also necessary before calling Groovy methods (see \\[Improved sandboxing of Groovy scripts\\](https://melix.github.io/blog/2015/03/sandboxing.html)). It is also possible to use a block-list method, excluding unwanted classes from being loaded by the JVM. This method is not always recommended, because block-lists can be bypassed by unexpected values.\n\n\n## Example\nThe following example uses untrusted data to evaluate a Groovy script.\n\n\n```java\npublic class GroovyInjection {\n    void injectionViaClassLoader(HttpServletRequest request) {    \n        String script = request.getParameter(\"script\");\n        final GroovyClassLoader classLoader = new GroovyClassLoader();\n        Class groovy = classLoader.parseClass(script);\n        GroovyObject groovyObj = (GroovyObject) groovy.newInstance();\n    }\n\n    void injectionViaEval(HttpServletRequest request) {\n        String script = request.getParameter(\"script\");\n        Eval.me(script);\n    }\n\n    void injectionViaGroovyShell(HttpServletRequest request) {\n        GroovyShell shell = new GroovyShell();\n        String script = request.getParameter(\"script\");\n        shell.evaluate(script);\n    }\n\n    void injectionViaGroovyShellGroovyCodeSource(HttpServletRequest request) {\n        GroovyShell shell = new GroovyShell();\n        String script = request.getParameter(\"script\");\n        GroovyCodeSource gcs = new GroovyCodeSource(script, \"test\", \"Test\");\n        shell.evaluate(gcs);\n    }\n}\n\n\n```\nThe following example uses classloader block-list approach to exclude loading dangerous classes.\n\n\n```java\npublic class SandboxGroovyClassLoader extends ClassLoader {\n    public SandboxGroovyClassLoader(ClassLoader parent) {\n        super(parent);\n    }\n\n    /* override `loadClass` here to prevent loading sensitive classes, such as `java.lang.Runtime`, `java.lang.ProcessBuilder`, `java.lang.System`, etc.  */\n    /* Note we must also block `groovy.transform.ASTTest`, `groovy.lang.GrabConfig` and `org.buildobjects.process.ProcBuilder` to prevent compile-time RCE. */\n\n    static void runWithSandboxGroovyClassLoader() throws Exception {\n        // GOOD: route all class-loading via sand-boxing classloader.\n        SandboxGroovyClassLoader classLoader = new GroovyClassLoader(new SandboxGroovyClassLoader());\n        \n        Class<?> scriptClass = classLoader.parseClass(untrusted.getQueryString());\n        Object scriptInstance = scriptClass.newInstance();\n        Object result = scriptClass.getDeclaredMethod(\"bar\", new Class[]{}).invoke(scriptInstance, new Object[]{});\n    }\n}\n```\n\n## References\n* Orange Tsai: [Abusing Meta Programming for Unauthenticated RCE!](https://blog.orange.tw/2019/02/abusing-meta-programming-for-unauthenticated-rce.html).\n* Cédric Champeau: [Improved sandboxing of Groovy scripts](https://melix.github.io/blog/2015/03/sandboxing.html).\n* Kohsuke Kawaguchi: [Groovy SecureASTCustomizer is harmful](https://kohsuke.org/2012/04/27/groovy-secureastcustomizer-is-harmful/).\n* Welk1n: [Groovy Injection payloads](https://github.com/welk1n/exploiting-groovy-in-Java/).\n* Charles Chan: [Secure Groovy Script Execution in a Sandbox](https://levelup.gitconnected.com/secure-groovy-script-execution-in-a-sandbox-ea39f80ee87/).\n* Eugene: [Scripting and sandboxing in a JVM environment](https://stringconcat.com/en/scripting-and-sandboxing/).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n"
+              "message": {
+                "text": "here"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 19,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/19"
+          }
+        },
+        {
+          "rule": {
+            "index": 20,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "A signing key is set [here](1), but the signature is not verified."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java",
+                  "index": 1
                 },
-                "id": "java/groovy-injection",
-                "name": "java/groovy-injection",
-                "properties": {
-                  "tags": [
-                    "external/cwe/cwe-094",
-                    "security"
-                  ]
+                "region": {
+                  "start_line": 148,
+                  "start_column": 27,
+                  "end_line": 148,
+                  "end_column": 68
+                }
+              }
+            }
+          ],
+          "guid": "b7d509cb-8a76-4464-95d2-cbf75027f4a8",
+          "correlation_guid": "5d9c2e2d-9b33-4387-a9f9-db4ab5fdb0ff",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "55fa3c43091de850:2"
+          },
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Groovy Language injection"
+                "region": {
+                  "start_line": 148,
+                  "start_column": 27,
+                  "end_line": 148,
+                  "end_column": 68
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Writing user input directly to an HTTP header makes code vulnerable to attack by header splitting."
-                },
-                "help": {
-                  "markdown": "# HTTP response splitting\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability. If the user input includes blank lines in it, and if the servlet container does not itself escape the blank lines, then a remote user can cause the response to turn into two separate responses, one of which is controlled by the remote user.\n\n\n## Recommendation\nGuard against HTTP header splitting in the same way as guarding against cross-site scripting. Before passing any data into HTTP headers, either check the data for special characters, or escape any special characters that are present.\n\n\n## Example\nThe following example shows the 'name' parameter being written to a cookie in two different ways. The first way writes it directly to the cookie, and thus is vulnerable to response-splitting attacks. The second way first removes all special characters, thus avoiding the potential problem.\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: setting a cookie with an unvalidated parameter\n\t\tCookie cookie = new Cookie(\"name\", request.getParameter(\"name\"));\n\t\tresponse.addCookie(cookie);\n\n\t\t// GOOD: remove special characters before putting them in the header\n\t\tString name = removeSpecial(request.getParameter(\"name\"));\n\t\tCookie cookie2 = new Cookie(\"name\", name);\n\t\tresponse.addCookie(cookie2);\n\t}\n\n\tprivate static String removeSpecial(String str) {\n\t\treturn str.replaceAll(\"[^a-zA-Z ]\", \"\");\n\t}\n}\n\n```\n\n## Example\nThe following example shows the use of the library 'netty' with HTTP response-splitting verification configurations. The second way will verify the parameters before using them to build the HTTP response.\n\n\n```java\nimport io.netty.handler.codec.http.DefaultHttpHeaders;\n\npublic class ResponseSplitting {\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpHeaders badHeaders = new DefaultHttpHeaders(false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpHeaders goodHeaders = new DefaultHttpHeaders();\n\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpResponse badResponse = new DefaultHttpResponse(version, httpResponseStatus, false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpResponse goodResponse = new DefaultHttpResponse(version, httpResponseStatus);\n}\n\n```\n\n## References\n* InfosecWriters: [HTTP response splitting](http://www.infosecwriters.com/Papers/DCrab_HTTP_Response.pdf).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n",
-                  "text": "# HTTP response splitting\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability. If the user input includes blank lines in it, and if the servlet container does not itself escape the blank lines, then a remote user can cause the response to turn into two separate responses, one of which is controlled by the remote user.\n\n\n## Recommendation\nGuard against HTTP header splitting in the same way as guarding against cross-site scripting. Before passing any data into HTTP headers, either check the data for special characters, or escape any special characters that are present.\n\n\n## Example\nThe following example shows the 'name' parameter being written to a cookie in two different ways. The first way writes it directly to the cookie, and thus is vulnerable to response-splitting attacks. The second way first removes all special characters, thus avoiding the potential problem.\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: setting a cookie with an unvalidated parameter\n\t\tCookie cookie = new Cookie(\"name\", request.getParameter(\"name\"));\n\t\tresponse.addCookie(cookie);\n\n\t\t// GOOD: remove special characters before putting them in the header\n\t\tString name = removeSpecial(request.getParameter(\"name\"));\n\t\tCookie cookie2 = new Cookie(\"name\", name);\n\t\tresponse.addCookie(cookie2);\n\t}\n\n\tprivate static String removeSpecial(String str) {\n\t\treturn str.replaceAll(\"[^a-zA-Z ]\", \"\");\n\t}\n}\n\n```\n\n## Example\nThe following example shows the use of the library 'netty' with HTTP response-splitting verification configurations. The second way will verify the parameters before using them to build the HTTP response.\n\n\n```java\nimport io.netty.handler.codec.http.DefaultHttpHeaders;\n\npublic class ResponseSplitting {\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpHeaders badHeaders = new DefaultHttpHeaders(false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpHeaders goodHeaders = new DefaultHttpHeaders();\n\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpResponse badResponse = new DefaultHttpResponse(version, httpResponseStatus, false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpResponse goodResponse = new DefaultHttpResponse(version, httpResponseStatus);\n}\n\n```\n\n## References\n* InfosecWriters: [HTTP response splitting](http://www.infosecwriters.com/Papers/DCrab_HTTP_Response.pdf).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n"
+              "message": {
+                "text": "here"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 18,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/18"
+          }
+        },
+        {
+          "rule": {
+            "index": 20,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "A signing key is set [here](1), but the signature is not verified."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java",
+                  "index": 1
                 },
-                "id": "java/http-response-splitting",
-                "name": "java/http-response-splitting",
-                "properties": {
-                  "security-severity": "6.100000",
-                  "tags": [
-                    "external/cwe/cwe-113",
-                    "security"
-                  ]
+                "region": {
+                  "start_line": 125,
+                  "start_column": 27,
+                  "end_line": 125,
+                  "end_column": 68
+                }
+              }
+            }
+          ],
+          "guid": "0fbc39a8-c5b5-4e2e-9994-cd355835bbcd",
+          "correlation_guid": "0c1df2c8-5989-4ccd-b0e5-cce7fe2f1a0c",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "55fa3c43091de850:1"
+          },
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "HTTP response splitting"
+                "region": {
+                  "start_line": 125,
+                  "start_column": 27,
+                  "end_line": 125,
+                  "end_column": 68
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "warning"
-                },
-                "fullDescription": {
-                  "text": "Compound assignment statements (for example 'intvar += longvar') that implicitly cast a value of a wider type to a narrower type may result in information loss and numeric errors such as overflows."
-                },
-                "help": {
-                  "markdown": "# Implicit narrowing conversion in compound assignment\nCompound assignment statements of the form `x += y` or `x *= y` perform an implicit narrowing conversion if the type of `x` is narrower than the type of `y`. For example, `x += y` is equivalent to `x = (T)(x + y)`, where `T` is the type of `x`. This can result in information loss and numeric errors such as overflows.\n\n\n## Recommendation\nEnsure that the type of the left-hand side of the compound assignment statement is at least as wide as the type of the right-hand side.\n\n\n## Example\nIf `x` is of type `short` and `y` is of type `int`, the expression `x + y` is of type `int`. However, the expression `x += y` is equivalent to `x = (short) (x + y)`. The expression `x + y` is cast to the type of the left-hand side of the assignment: `short`, possibly leading to information loss.\n\nTo avoid implicitly narrowing the type of `x + y`, change the type of `x` to `int`. Then the types of `x` and `x + y` are both `int` and there is no need for an implicit cast.\n\n\n## References\n* J. Bloch and N. Gafter, *Java Puzzlers: Traps, Pitfalls, and Corner Cases*, Puzzle 9. Addison-Wesley, 2005.\n* Java Language Specification: [Compound Assignment Operators](https://docs.oracle.com/javase/specs/jls/se11/html/jls-15.html#jls-15.26.2), [Narrowing Primitive Conversion](https://docs.oracle.com/javase/specs/jls/se11/html/jls-5.html#jls-5.1.3).\n* SEI CERT Oracle Coding Standard for Java: [NUM00-J. Detect or prevent integer overflow](https://wiki.sei.cmu.edu/confluence/display/java/NUM00-J.+Detect+or+prevent+integer+overflow).\n* Common Weakness Enumeration: [CWE-190](https://cwe.mitre.org/data/definitions/190.html).\n* Common Weakness Enumeration: [CWE-192](https://cwe.mitre.org/data/definitions/192.html).\n* Common Weakness Enumeration: [CWE-197](https://cwe.mitre.org/data/definitions/197.html).\n* Common Weakness Enumeration: [CWE-681](https://cwe.mitre.org/data/definitions/681.html).\n",
-                  "text": "# Implicit narrowing conversion in compound assignment\nCompound assignment statements of the form `x += y` or `x *= y` perform an implicit narrowing conversion if the type of `x` is narrower than the type of `y`. For example, `x += y` is equivalent to `x = (T)(x + y)`, where `T` is the type of `x`. This can result in information loss and numeric errors such as overflows.\n\n\n## Recommendation\nEnsure that the type of the left-hand side of the compound assignment statement is at least as wide as the type of the right-hand side.\n\n\n## Example\nIf `x` is of type `short` and `y` is of type `int`, the expression `x + y` is of type `int`. However, the expression `x += y` is equivalent to `x = (short) (x + y)`. The expression `x + y` is cast to the type of the left-hand side of the assignment: `short`, possibly leading to information loss.\n\nTo avoid implicitly narrowing the type of `x + y`, change the type of `x` to `int`. Then the types of `x` and `x + y` are both `int` and there is no need for an implicit cast.\n\n\n## References\n* J. Bloch and N. Gafter, *Java Puzzlers: Traps, Pitfalls, and Corner Cases*, Puzzle 9. Addison-Wesley, 2005.\n* Java Language Specification: [Compound Assignment Operators](https://docs.oracle.com/javase/specs/jls/se11/html/jls-15.html#jls-15.26.2), [Narrowing Primitive Conversion](https://docs.oracle.com/javase/specs/jls/se11/html/jls-5.html#jls-5.1.3).\n* SEI CERT Oracle Coding Standard for Java: [NUM00-J. Detect or prevent integer overflow](https://wiki.sei.cmu.edu/confluence/display/java/NUM00-J.+Detect+or+prevent+integer+overflow).\n* Common Weakness Enumeration: [CWE-190](https://cwe.mitre.org/data/definitions/190.html).\n* Common Weakness Enumeration: [CWE-192](https://cwe.mitre.org/data/definitions/192.html).\n* Common Weakness Enumeration: [CWE-197](https://cwe.mitre.org/data/definitions/197.html).\n* Common Weakness Enumeration: [CWE-681](https://cwe.mitre.org/data/definitions/681.html).\n"
+              "message": {
+                "text": "here"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 17,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/17"
+          }
+        },
+        {
+          "rule": {
+            "index": 20,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "A signing key is set [here](1), but the signature is not verified."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java",
+                  "index": 6
                 },
-                "id": "java/implicit-cast-in-compound-assignment",
-                "name": "java/implicit-cast-in-compound-assignment",
-                "properties": {
-                  "security-severity": "8.100000",
-                  "tags": [
-                    "external/cwe/cwe-190",
-                    "external/cwe/cwe-192",
-                    "external/cwe/cwe-197",
-                    "external/cwe/cwe-681",
-                    "reliability",
-                    "security"
-                  ]
+                "region": {
+                  "start_line": 129,
+                  "start_column": 39,
+                  "end_line": 129,
+                  "end_column": 80
+                }
+              }
+            }
+          ],
+          "guid": "c51d51d5-e67b-4632-85b9-58597dba23e9",
+          "correlation_guid": "4b7b3fac-206d-459c-8e61-c348857dcd61",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "2d030bc00a086d8a:1"
+          },
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Implicit narrowing conversion in compound assignment"
+                "region": {
+                  "start_line": 129,
+                  "start_column": 39,
+                  "end_line": 129,
+                  "end_column": 80
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "User-controlled data may be evaluated as a Java EL expression, leading to arbitrary code execution."
-                },
-                "help": {
-                  "markdown": "# Insecure Bean Validation\nCustom error messages for constraint validators support different types of interpolation, including [Java EL expressions](https://docs.jboss.org/hibernate/validator/5.1/reference/en-US/html/chapter-message-interpolation.html#section-interpolation-with-message-expressions). Controlling part of the message template being passed to `ConstraintValidatorContext.buildConstraintViolationWithTemplate()` argument can lead to arbitrary Java code execution. Unfortunately, it is common that validated (and therefore, normally untrusted) bean properties flow into the custom error message.\n\n\n## Recommendation\nThere are different approaches to remediate the issue:\n\n* Do not include validated bean properties in the custom error message.\n* Use parameterized messages instead of string concatenation. For example:\n```\nHibernateConstraintValidatorContext context =\n   constraintValidatorContext.unwrap(HibernateConstraintValidatorContext.class);\ncontext.addMessageParameter(\"foo\", \"bar\");\ncontext.buildConstraintViolationWithTemplate(\"My violation message contains a parameter {foo}\")\n   .addConstraintViolation();\n```\n* Sanitize the validated bean properties to make sure that there are no EL expressions. An example of valid sanitization logic can be found [here](https://github.com/hibernate/hibernate-validator/blob/master/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/util/InterpolationHelper.java#L17).\n* Disable the EL interpolation and only use `ParameterMessageInterpolator`:\n```\nValidator validator = Validation.byDefaultProvider()\n   .configure()\n   .messageInterpolator(new ParameterMessageInterpolator())\n   .buildValidatorFactory()\n   .getValidator();\n```\n* Replace Hibernate Validator with Apache BVal, which in its latest version does not interpolate EL expressions by default. Note that this replacement may not be a simple drop-in replacement.\n\n## Example\nThe following validator could result in arbitrary Java code execution:\n\n\n```java\nimport javax.validation.ConstraintValidator;\nimport javax.validation.ConstraintValidatorContext;\nimport org.hibernate.validator.constraintvalidation.HibernateConstraintValidatorContext;\nimport java.util.regex.Matcher;\nimport java.util.regex.Pattern;\n\npublic class TestValidator implements ConstraintValidator<Object, String> {\n\n    public static class InterpolationHelper {\n\n        public static final char BEGIN_TERM = '{';\n        public static final char END_TERM = '}';\n        public static final char EL_DESIGNATOR = '$';\n        public static final char ESCAPE_CHARACTER = '\\\\';\n\n        private static final Pattern ESCAPE_MESSAGE_PARAMETER_PATTERN = Pattern.compile( \"([\\\\\" + ESCAPE_CHARACTER + BEGIN_TERM + END_TERM + EL_DESIGNATOR + \"])\" );\n\n        private InterpolationHelper() {\n        }\n\n        public static String escapeMessageParameter(String messageParameter) {\n            if ( messageParameter == null ) {\n                return null;\n            }\n            return ESCAPE_MESSAGE_PARAMETER_PATTERN.matcher( messageParameter ).replaceAll( Matcher.quoteReplacement( String.valueOf( ESCAPE_CHARACTER ) ) + \"$1\" );\n        }\n\n    }\n\n    @Override\n    public boolean isValid(String object, ConstraintValidatorContext constraintContext) {\n        String value = object + \" is invalid\";\n\n        // Bad: Bean properties (normally user-controlled) are passed directly to `buildConstraintViolationWithTemplate`\n        constraintContext.buildConstraintViolationWithTemplate(value).addConstraintViolation().disableDefaultConstraintViolation();\n\n        // Good: Bean properties (normally user-controlled) are escaped \n        String escaped = InterpolationHelper.escapeMessageParameter(value);\n        constraintContext.buildConstraintViolationWithTemplate(escaped).addConstraintViolation().disableDefaultConstraintViolation();\n\n        // Good: Bean properties (normally user-controlled) are parameterized\n        HibernateConstraintValidatorContext context = constraintContext.unwrap( HibernateConstraintValidatorContext.class );\n        context.addMessageParameter( \"prop\", object );\n        context.buildConstraintViolationWithTemplate( \"{prop} is invalid\").addConstraintViolation();\n        return false;\n    }\n\n}\n\n```\n\n## References\n* Hibernate Reference Guide: [ConstraintValidatorContext](https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code).\n* GitHub Security Lab research: [Bean validation](https://securitylab.github.com/research/bean-validation-RCE).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n",
-                  "text": "# Insecure Bean Validation\nCustom error messages for constraint validators support different types of interpolation, including [Java EL expressions](https://docs.jboss.org/hibernate/validator/5.1/reference/en-US/html/chapter-message-interpolation.html#section-interpolation-with-message-expressions). Controlling part of the message template being passed to `ConstraintValidatorContext.buildConstraintViolationWithTemplate()` argument can lead to arbitrary Java code execution. Unfortunately, it is common that validated (and therefore, normally untrusted) bean properties flow into the custom error message.\n\n\n## Recommendation\nThere are different approaches to remediate the issue:\n\n* Do not include validated bean properties in the custom error message.\n* Use parameterized messages instead of string concatenation. For example:\n```\nHibernateConstraintValidatorContext context =\n   constraintValidatorContext.unwrap(HibernateConstraintValidatorContext.class);\ncontext.addMessageParameter(\"foo\", \"bar\");\ncontext.buildConstraintViolationWithTemplate(\"My violation message contains a parameter {foo}\")\n   .addConstraintViolation();\n```\n* Sanitize the validated bean properties to make sure that there are no EL expressions. An example of valid sanitization logic can be found [here](https://github.com/hibernate/hibernate-validator/blob/master/engine/src/main/java/org/hibernate/validator/internal/engine/messageinterpolation/util/InterpolationHelper.java#L17).\n* Disable the EL interpolation and only use `ParameterMessageInterpolator`:\n```\nValidator validator = Validation.byDefaultProvider()\n   .configure()\n   .messageInterpolator(new ParameterMessageInterpolator())\n   .buildValidatorFactory()\n   .getValidator();\n```\n* Replace Hibernate Validator with Apache BVal, which in its latest version does not interpolate EL expressions by default. Note that this replacement may not be a simple drop-in replacement.\n\n## Example\nThe following validator could result in arbitrary Java code execution:\n\n\n```java\nimport javax.validation.ConstraintValidator;\nimport javax.validation.ConstraintValidatorContext;\nimport org.hibernate.validator.constraintvalidation.HibernateConstraintValidatorContext;\nimport java.util.regex.Matcher;\nimport java.util.regex.Pattern;\n\npublic class TestValidator implements ConstraintValidator<Object, String> {\n\n    public static class InterpolationHelper {\n\n        public static final char BEGIN_TERM = '{';\n        public static final char END_TERM = '}';\n        public static final char EL_DESIGNATOR = '$';\n        public static final char ESCAPE_CHARACTER = '\\\\';\n\n        private static final Pattern ESCAPE_MESSAGE_PARAMETER_PATTERN = Pattern.compile( \"([\\\\\" + ESCAPE_CHARACTER + BEGIN_TERM + END_TERM + EL_DESIGNATOR + \"])\" );\n\n        private InterpolationHelper() {\n        }\n\n        public static String escapeMessageParameter(String messageParameter) {\n            if ( messageParameter == null ) {\n                return null;\n            }\n            return ESCAPE_MESSAGE_PARAMETER_PATTERN.matcher( messageParameter ).replaceAll( Matcher.quoteReplacement( String.valueOf( ESCAPE_CHARACTER ) ) + \"$1\" );\n        }\n\n    }\n\n    @Override\n    public boolean isValid(String object, ConstraintValidatorContext constraintContext) {\n        String value = object + \" is invalid\";\n\n        // Bad: Bean properties (normally user-controlled) are passed directly to `buildConstraintViolationWithTemplate`\n        constraintContext.buildConstraintViolationWithTemplate(value).addConstraintViolation().disableDefaultConstraintViolation();\n\n        // Good: Bean properties (normally user-controlled) are escaped \n        String escaped = InterpolationHelper.escapeMessageParameter(value);\n        constraintContext.buildConstraintViolationWithTemplate(escaped).addConstraintViolation().disableDefaultConstraintViolation();\n\n        // Good: Bean properties (normally user-controlled) are parameterized\n        HibernateConstraintValidatorContext context = constraintContext.unwrap( HibernateConstraintValidatorContext.class );\n        context.addMessageParameter( \"prop\", object );\n        context.buildConstraintViolationWithTemplate( \"{prop} is invalid\").addConstraintViolation();\n        return false;\n    }\n\n}\n\n```\n\n## References\n* Hibernate Reference Guide: [ConstraintValidatorContext](https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code).\n* GitHub Security Lab research: [Bean validation](https://securitylab.github.com/research/bean-validation-RCE).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n"
+              "message": {
+                "text": "here"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 16,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/16"
+          }
+        },
+        {
+          "rule": {
+            "index": 20,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "A signing key is set [here](1), but the signature is not verified."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java",
+                  "index": 6
                 },
-                "id": "java/insecure-bean-validation",
-                "name": "java/insecure-bean-validation",
-                "properties": {
-                  "security-severity": "9.300000",
-                  "tags": [
-                    "external/cwe/cwe-094",
-                    "security"
-                  ]
+                "region": {
+                  "start_line": 104,
+                  "start_column": 23,
+                  "end_line": 104,
+                  "end_column": 64
+                }
+              }
+            }
+          ],
+          "guid": "b7c54587-bcc0-4c5f-a777-377d6dfcdfb6",
+          "correlation_guid": "16aa40a1-82dd-43c1-81ba-2a25d51a809c",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "25e8034b7fe5b633:1"
+          },
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Insecure Bean Validation"
+                "region": {
+                  "start_line": 104,
+                  "start_column": 23,
+                  "end_line": 104,
+                  "end_column": 64
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Insecure cookies may be sent in cleartext, which makes them vulnerable to interception."
-                },
-                "help": {
-                  "markdown": "# Failure to use secure cookies\nFailing to set the 'secure' flag on a cookie can cause it to be sent in cleartext. This makes it easier for an attacker to intercept.\n\n\n## Recommendation\nAlways use `setSecure` to set the 'secure' flag on a cookie before adding it to an `HttpServletResponse`.\n\n\n## Example\nThis example shows two ways of adding a cookie to an `HttpServletResponse`. The first way leaves out the setting of the 'secure' flag; the second way includes the setting of the flag.\n\n\n```java\npublic static void test(HttpServletRequest request, HttpServletResponse response) {\n\t{\n\t\tCookie cookie = new Cookie(\"secret\", \"fakesecret\");\n\t\t\n\t\t// BAD: 'secure' flag not set\n\t\tresponse.addCookie(cookie);\n\t}\n\n\t{\n\t\tCookie cookie = new Cookie(\"secret\", \"fakesecret\");\n\t\t\n\t\t// GOOD: set 'secure' flag\n\t\tcookie.setSecure(true);\n\t\tresponse.addCookie(cookie);\n\t}\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SER03-J. Do not serialize unencrypted, sensitive data](https://wiki.sei.cmu.edu/confluence/display/java/SER03-J.+Do+not+serialize+unencrypted+sensitive+data).\n* Java Platform, Enterprise Edition (Java EE) 7, API Specification: [Class Cookie](https://docs.oracle.com/javaee/7/api/javax/servlet/http/Cookie.html).\n* Common Weakness Enumeration: [CWE-614](https://cwe.mitre.org/data/definitions/614.html).\n",
-                  "text": "# Failure to use secure cookies\nFailing to set the 'secure' flag on a cookie can cause it to be sent in cleartext. This makes it easier for an attacker to intercept.\n\n\n## Recommendation\nAlways use `setSecure` to set the 'secure' flag on a cookie before adding it to an `HttpServletResponse`.\n\n\n## Example\nThis example shows two ways of adding a cookie to an `HttpServletResponse`. The first way leaves out the setting of the 'secure' flag; the second way includes the setting of the flag.\n\n\n```java\npublic static void test(HttpServletRequest request, HttpServletResponse response) {\n\t{\n\t\tCookie cookie = new Cookie(\"secret\", \"fakesecret\");\n\t\t\n\t\t// BAD: 'secure' flag not set\n\t\tresponse.addCookie(cookie);\n\t}\n\n\t{\n\t\tCookie cookie = new Cookie(\"secret\", \"fakesecret\");\n\t\t\n\t\t// GOOD: set 'secure' flag\n\t\tcookie.setSecure(true);\n\t\tresponse.addCookie(cookie);\n\t}\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SER03-J. Do not serialize unencrypted, sensitive data](https://wiki.sei.cmu.edu/confluence/display/java/SER03-J.+Do+not+serialize+unencrypted+sensitive+data).\n* Java Platform, Enterprise Edition (Java EE) 7, API Specification: [Class Cookie](https://docs.oracle.com/javaee/7/api/javax/servlet/http/Cookie.html).\n* Common Weakness Enumeration: [CWE-614](https://cwe.mitre.org/data/definitions/614.html).\n"
+              "message": {
+                "text": "here"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 15,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/15"
+          }
+        },
+        {
+          "rule": {
+            "index": 20,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "A signing key is set [here](1), but the signature is not verified."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTSecretKeyEndpoint.java",
+                  "index": 7
                 },
-                "id": "java/insecure-cookie",
-                "name": "java/insecure-cookie",
-                "properties": {
-                  "security-severity": "5.000000",
-                  "tags": [
-                    "external/cwe/cwe-614",
-                    "security"
-                  ]
+                "region": {
+                  "start_line": 78,
+                  "start_column": 23,
+                  "end_line": 78,
+                  "end_column": 62
+                }
+              }
+            }
+          ],
+          "guid": "7627a735-1550-4624-af3a-62c36339cae1",
+          "correlation_guid": "efec0347-b530-46aa-ba26-90d8c13e2b04",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "39200c3c4fe0b433:1"
+          },
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTSecretKeyEndpoint.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Failure to use secure cookies"
+                "region": {
+                  "start_line": 78,
+                  "start_column": 23,
+                  "end_line": 78,
+                  "end_column": 62
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Trusting all certificates allows an attacker to perform a machine-in-the-middle attack."
-                },
-                "help": {
-                  "markdown": "# `TrustManager` that accepts all certificates\nIf the `checkServerTrusted` method of a `TrustManager` never throws a `CertificateException`, it trusts every certificate. This allows an attacker to perform a machine-in-the-middle attack against the application, therefore breaking any security Transport Layer Security (TLS) gives.\n\nAn attack might look like this:\n\n1. The vulnerable program connects to `https://example.com`.\n1. The attacker intercepts this connection and presents a valid, self-signed certificate for `https://example.com`.\n1. The vulnerable program calls the `checkServerTrusted` method to check whether it should trust the certificate.\n1. The `checkServerTrusted` method of your `TrustManager` does not throw a `CertificateException`.\n1. The vulnerable program accepts the certificate and proceeds with the connection since your `TrustManager` implicitly trusted it by not throwing an exception.\n1. The attacker can now read the data your program sends to `https://example.com` and/or alter its replies while the program thinks the connection is secure.\n\n## Recommendation\nDo not use a custom `TrustManager` that trusts any certificate. If you have to use a self-signed certificate, don't trust every certificate, but instead only trust this specific certificate. See below for an example of how to do this.\n\n\n## Example\nIn the first (bad) example, the `TrustManager` never throws a `CertificateException` and therefore implicitly trusts any certificate. This allows an attacker to perform a machine-in-the-middle attack. In the second (good) example, the self-signed certificate that should be trusted is loaded into a `KeyStore`. This explicitly defines the certificate as trusted and there is no need to create a custom `TrustManager`.\n\n\n```java\npublic static void main(String[] args) throws Exception {\n    {\n        class InsecureTrustManager implements X509TrustManager {\n            @Override\n            public X509Certificate[] getAcceptedIssuers() {\n                return null;\n            }\n\n            @Override\n            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {\n                // BAD: Does not verify the certificate chain, allowing any certificate.\n            }\n\n            @Override\n            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {\n\n            }\n        }\n        SSLContext context = SSLContext.getInstance(\"TLS\");\n        TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };\n        context.init(null, trustManager, null);\n    }\n    {\n        SSLContext context = SSLContext.getInstance(\"TLS\");\n        File certificateFile = new File(\"path/to/self-signed-certificate\");\n        // Create a `KeyStore` with default type\n        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());\n        // `keyStore` is initially empty\n        keyStore.load(null, null);\n        X509Certificate generatedCertificate;\n        try (InputStream cert = new FileInputStream(certificateFile)) {\n            generatedCertificate = (X509Certificate) CertificateFactory.getInstance(\"X509\")\n                    .generateCertificate(cert);\n        }\n        // Add the self-signed certificate to the key store\n        keyStore.setCertificateEntry(certificateFile.getName(), generatedCertificate);\n        // Get default `TrustManagerFactory`\n        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());\n        // Use it with our key store that trusts our self-signed certificate\n        tmf.init(keyStore);\n        TrustManager[] trustManagers = tmf.getTrustManagers();\n        context.init(null, trustManagers, null);\n        // GOOD, we are not using a custom `TrustManager` but instead have\n        // added the self-signed certificate we want to trust to the key\n        // store. Note, the `trustManagers` will **only** trust this one\n        // certificate.\n        \n        URL url = new URL(\"https://self-signed.badssl.com/\");\n        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();\n        conn.setSSLSocketFactory(context.getSocketFactory());\n    }\n}\n\n```\n\n## References\n* Android Developers: [Security with HTTPS and SSL](https://developer.android.com/training/articles/security-ssl).\n* Common Weakness Enumeration: [CWE-295](https://cwe.mitre.org/data/definitions/295.html).\n",
-                  "text": "# `TrustManager` that accepts all certificates\nIf the `checkServerTrusted` method of a `TrustManager` never throws a `CertificateException`, it trusts every certificate. This allows an attacker to perform a machine-in-the-middle attack against the application, therefore breaking any security Transport Layer Security (TLS) gives.\n\nAn attack might look like this:\n\n1. The vulnerable program connects to `https://example.com`.\n1. The attacker intercepts this connection and presents a valid, self-signed certificate for `https://example.com`.\n1. The vulnerable program calls the `checkServerTrusted` method to check whether it should trust the certificate.\n1. The `checkServerTrusted` method of your `TrustManager` does not throw a `CertificateException`.\n1. The vulnerable program accepts the certificate and proceeds with the connection since your `TrustManager` implicitly trusted it by not throwing an exception.\n1. The attacker can now read the data your program sends to `https://example.com` and/or alter its replies while the program thinks the connection is secure.\n\n## Recommendation\nDo not use a custom `TrustManager` that trusts any certificate. If you have to use a self-signed certificate, don't trust every certificate, but instead only trust this specific certificate. See below for an example of how to do this.\n\n\n## Example\nIn the first (bad) example, the `TrustManager` never throws a `CertificateException` and therefore implicitly trusts any certificate. This allows an attacker to perform a machine-in-the-middle attack. In the second (good) example, the self-signed certificate that should be trusted is loaded into a `KeyStore`. This explicitly defines the certificate as trusted and there is no need to create a custom `TrustManager`.\n\n\n```java\npublic static void main(String[] args) throws Exception {\n    {\n        class InsecureTrustManager implements X509TrustManager {\n            @Override\n            public X509Certificate[] getAcceptedIssuers() {\n                return null;\n            }\n\n            @Override\n            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {\n                // BAD: Does not verify the certificate chain, allowing any certificate.\n            }\n\n            @Override\n            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {\n\n            }\n        }\n        SSLContext context = SSLContext.getInstance(\"TLS\");\n        TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };\n        context.init(null, trustManager, null);\n    }\n    {\n        SSLContext context = SSLContext.getInstance(\"TLS\");\n        File certificateFile = new File(\"path/to/self-signed-certificate\");\n        // Create a `KeyStore` with default type\n        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());\n        // `keyStore` is initially empty\n        keyStore.load(null, null);\n        X509Certificate generatedCertificate;\n        try (InputStream cert = new FileInputStream(certificateFile)) {\n            generatedCertificate = (X509Certificate) CertificateFactory.getInstance(\"X509\")\n                    .generateCertificate(cert);\n        }\n        // Add the self-signed certificate to the key store\n        keyStore.setCertificateEntry(certificateFile.getName(), generatedCertificate);\n        // Get default `TrustManagerFactory`\n        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());\n        // Use it with our key store that trusts our self-signed certificate\n        tmf.init(keyStore);\n        TrustManager[] trustManagers = tmf.getTrustManagers();\n        context.init(null, trustManagers, null);\n        // GOOD, we are not using a custom `TrustManager` but instead have\n        // added the self-signed certificate we want to trust to the key\n        // store. Note, the `trustManagers` will **only** trust this one\n        // certificate.\n        \n        URL url = new URL(\"https://self-signed.badssl.com/\");\n        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();\n        conn.setSSLSocketFactory(context.getSocketFactory());\n    }\n}\n\n```\n\n## References\n* Android Developers: [Security with HTTPS and SSL](https://developer.android.com/training/articles/security-ssl).\n* Common Weakness Enumeration: [CWE-295](https://cwe.mitre.org/data/definitions/295.html).\n"
+              "message": {
+                "text": "here"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 14,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/14"
+          }
+        },
+        {
+          "rule": {
+            "index": 20,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "A signing key is set [here](1), but the signature is not verified."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-integration-tests/src/test/java/org/owasp/webgoat/JWTLessonTest.java",
+                  "index": 8
                 },
-                "id": "java/insecure-trustmanager",
-                "name": "java/insecure-trustmanager",
-                "properties": {
-                  "security-severity": "7.500000",
-                  "tags": [
-                    "external/cwe/cwe-295",
-                    "security"
-                  ]
+                "region": {
+                  "start_line": 72,
+                  "start_column": 18,
+                  "end_line": 72,
+                  "end_column": 75
+                }
+              }
+            }
+          ],
+          "guid": "0b9782e8-05cd-4df3-b447-5cd94ddc22f0",
+          "correlation_guid": "01523c23-9021-4e17-b215-4b662fa71b9c",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "31eaf1239ab18658:1"
+          },
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-integration-tests/src/test/java/org/owasp/webgoat/JWTLessonTest.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "`TrustManager` that accepts all certificates"
+                "region": {
+                  "start_line": 72,
+                  "start_column": 18,
+                  "end_line": 72,
+                  "end_column": 75
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Evaluation of a user-controlled JEXL expression may lead to arbitrary code execution."
-                },
-                "help": {
-                  "markdown": "# Expression language injection (JEXL)\nJava EXpression Language (JEXL) is a simple expression language provided by the Apache Commons JEXL library. The syntax is close to a mix of ECMAScript and shell-script. The language allows invocation of methods available in the JVM. If a JEXL expression is built using attacker-controlled data, and then evaluated, then it may allow the attacker to run arbitrary code.\n\n\n## Recommendation\nIt is generally recommended to avoid using untrusted input in a JEXL expression. If it is not possible, JEXL expressions should be run in a sandbox that allows accessing only explicitly allowed classes.\n\n\n## Example\nThe following example uses untrusted data to build and run a JEXL expression.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    String input = reader.readLine();\n    JexlEngine jexl = new JexlBuilder().create();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n}\n```\nThe next example shows how an untrusted JEXL expression can be run in a sandbox that allows accessing only methods in the `java.lang.Math` class. The sandbox is implemented using `JexlSandbox` class that is provided by Apache Commons JEXL 3.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    JexlSandbox onlyMath = new JexlSandbox(false);\n    onlyMath.white(\"java.lang.Math\");\n    JexlEngine jexl = new JexlBuilder().sandbox(onlyMath).create();\n      \n    String input = reader.readLine();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n}\n```\nThe next example shows another way how a sandbox can be implemented. It uses a custom implementation of `JexlUberspect` that checks if callees are instances of allowed classes.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    JexlUberspect sandbox = new JexlUberspectSandbox();\n    JexlEngine jexl = new JexlBuilder().uberspect(sandbox).create();\n      \n    String input = reader.readLine();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n\n  private static class JexlUberspectSandbox implements JexlUberspect {\n\n    private static final List<String> ALLOWED_CLASSES =\n              Arrays.asList(\"java.lang.Math\", \"java.util.Random\");\n\n    private final JexlUberspect uberspect = new JexlBuilder().create().getUberspect();\n\n    private void checkAccess(Object obj) {\n      if (!ALLOWED_CLASSES.contains(obj.getClass().getCanonicalName())) {\n        throw new AccessControlException(\"Not allowed\");\n      }\n    }\n\n    @Override\n    public JexlMethod getMethod(Object obj, String method, Object... args) {\n      checkAccess(obj);\n      return uberspect.getMethod(obj, method, args);\n    }\n\n    @Override\n    public List<PropertyResolver> getResolvers(JexlOperator op, Object obj) {\n      checkAccess(obj);\n      return uberspect.getResolvers(op, obj);\n    }\n\n    @Override\n    public void setClassLoader(ClassLoader loader) {\n      uberspect.setClassLoader(loader);\n    }\n\n    @Override\n    public int getVersion() {\n      return uberspect.getVersion();\n    }\n\n    @Override\n    public JexlMethod getConstructor(Object obj, Object... args) {\n      checkAccess(obj);\n      return uberspect.getConstructor(obj, args);\n    }\n\n    @Override\n    public JexlPropertyGet getPropertyGet(Object obj, Object identifier) {\n      checkAccess(obj);\n      return uberspect.getPropertyGet(obj, identifier);\n    }\n\n    @Override\n    public JexlPropertyGet getPropertyGet(List<PropertyResolver> resolvers, Object obj, Object identifier) {\n      checkAccess(obj);\n      return uberspect.getPropertyGet(resolvers, obj, identifier);\n    }\n\n    @Override\n    public JexlPropertySet getPropertySet(Object obj, Object identifier, Object arg) {\n      checkAccess(obj);\n      return uberspect.getPropertySet(obj, identifier, arg);\n    }\n\n    @Override\n    public JexlPropertySet getPropertySet(List<PropertyResolver> resolvers, Object obj, Object identifier, Object arg) {\n      checkAccess(obj);\n      return uberspect.getPropertySet(resolvers, obj, identifier, arg);\n    }\n\n    @Override\n    public Iterator<?> getIterator(Object obj) {\n      checkAccess(obj);\n      return uberspect.getIterator(obj);\n    }\n\n    @Override\n    public JexlArithmetic.Uberspect getArithmetic(JexlArithmetic arithmetic) {\n      return uberspect.getArithmetic(arithmetic);\n    } \n  }\n}\n```\n\n## References\n* Apache Commons JEXL: [Project page](https://commons.apache.org/proper/commons-jexl/).\n* Apache Commons JEXL documentation: [JEXL 2.1.1 API](https://commons.apache.org/proper/commons-jexl/javadocs/apidocs-2.1.1/).\n* Apache Commons JEXL documentation: [JEXL 3.1 API](https://commons.apache.org/proper/commons-jexl/apidocs/index.html).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n",
-                  "text": "# Expression language injection (JEXL)\nJava EXpression Language (JEXL) is a simple expression language provided by the Apache Commons JEXL library. The syntax is close to a mix of ECMAScript and shell-script. The language allows invocation of methods available in the JVM. If a JEXL expression is built using attacker-controlled data, and then evaluated, then it may allow the attacker to run arbitrary code.\n\n\n## Recommendation\nIt is generally recommended to avoid using untrusted input in a JEXL expression. If it is not possible, JEXL expressions should be run in a sandbox that allows accessing only explicitly allowed classes.\n\n\n## Example\nThe following example uses untrusted data to build and run a JEXL expression.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    String input = reader.readLine();\n    JexlEngine jexl = new JexlBuilder().create();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n}\n```\nThe next example shows how an untrusted JEXL expression can be run in a sandbox that allows accessing only methods in the `java.lang.Math` class. The sandbox is implemented using `JexlSandbox` class that is provided by Apache Commons JEXL 3.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    JexlSandbox onlyMath = new JexlSandbox(false);\n    onlyMath.white(\"java.lang.Math\");\n    JexlEngine jexl = new JexlBuilder().sandbox(onlyMath).create();\n      \n    String input = reader.readLine();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n}\n```\nThe next example shows another way how a sandbox can be implemented. It uses a custom implementation of `JexlUberspect` that checks if callees are instances of allowed classes.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n        new InputStreamReader(socket.getInputStream()))) {\n    \n    JexlUberspect sandbox = new JexlUberspectSandbox();\n    JexlEngine jexl = new JexlBuilder().uberspect(sandbox).create();\n      \n    String input = reader.readLine();\n    JexlExpression expression = jexl.createExpression(input);\n    JexlContext context = new MapContext();\n    expression.evaluate(context);\n  }\n\n  private static class JexlUberspectSandbox implements JexlUberspect {\n\n    private static final List<String> ALLOWED_CLASSES =\n              Arrays.asList(\"java.lang.Math\", \"java.util.Random\");\n\n    private final JexlUberspect uberspect = new JexlBuilder().create().getUberspect();\n\n    private void checkAccess(Object obj) {\n      if (!ALLOWED_CLASSES.contains(obj.getClass().getCanonicalName())) {\n        throw new AccessControlException(\"Not allowed\");\n      }\n    }\n\n    @Override\n    public JexlMethod getMethod(Object obj, String method, Object... args) {\n      checkAccess(obj);\n      return uberspect.getMethod(obj, method, args);\n    }\n\n    @Override\n    public List<PropertyResolver> getResolvers(JexlOperator op, Object obj) {\n      checkAccess(obj);\n      return uberspect.getResolvers(op, obj);\n    }\n\n    @Override\n    public void setClassLoader(ClassLoader loader) {\n      uberspect.setClassLoader(loader);\n    }\n\n    @Override\n    public int getVersion() {\n      return uberspect.getVersion();\n    }\n\n    @Override\n    public JexlMethod getConstructor(Object obj, Object... args) {\n      checkAccess(obj);\n      return uberspect.getConstructor(obj, args);\n    }\n\n    @Override\n    public JexlPropertyGet getPropertyGet(Object obj, Object identifier) {\n      checkAccess(obj);\n      return uberspect.getPropertyGet(obj, identifier);\n    }\n\n    @Override\n    public JexlPropertyGet getPropertyGet(List<PropertyResolver> resolvers, Object obj, Object identifier) {\n      checkAccess(obj);\n      return uberspect.getPropertyGet(resolvers, obj, identifier);\n    }\n\n    @Override\n    public JexlPropertySet getPropertySet(Object obj, Object identifier, Object arg) {\n      checkAccess(obj);\n      return uberspect.getPropertySet(obj, identifier, arg);\n    }\n\n    @Override\n    public JexlPropertySet getPropertySet(List<PropertyResolver> resolvers, Object obj, Object identifier, Object arg) {\n      checkAccess(obj);\n      return uberspect.getPropertySet(resolvers, obj, identifier, arg);\n    }\n\n    @Override\n    public Iterator<?> getIterator(Object obj) {\n      checkAccess(obj);\n      return uberspect.getIterator(obj);\n    }\n\n    @Override\n    public JexlArithmetic.Uberspect getArithmetic(JexlArithmetic arithmetic) {\n      return uberspect.getArithmetic(arithmetic);\n    } \n  }\n}\n```\n\n## References\n* Apache Commons JEXL: [Project page](https://commons.apache.org/proper/commons-jexl/).\n* Apache Commons JEXL documentation: [JEXL 2.1.1 API](https://commons.apache.org/proper/commons-jexl/javadocs/apidocs-2.1.1/).\n* Apache Commons JEXL documentation: [JEXL 3.1 API](https://commons.apache.org/proper/commons-jexl/apidocs/index.html).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n"
+              "message": {
+                "text": "here"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 13,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/13"
+          }
+        },
+        {
+          "rule": {
+            "index": 38,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "warning",
+          "message": {
+            "text": "Cryptographic algorithm [MD5](1) is weak and should not be used."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/HashingAssignment.java",
+                  "index": 9
                 },
-                "id": "java/jexl-expression-injection",
-                "name": "java/jexl-expression-injection",
-                "properties": {
-                  "security-severity": "9.300000",
-                  "tags": [
-                    "external/cwe/cwe-094",
-                    "security"
-                  ]
+                "region": {
+                  "start_line": 56,
+                  "start_column": 26,
+                  "end_line": 56,
+                  "end_column": 58
+                }
+              }
+            }
+          ],
+          "guid": "452d466d-09c6-40d3-a9b0-f166294313cf",
+          "correlation_guid": "9a7f2bc9-a7ba-4974-b452-768a926ab837",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "99e2d6034d1626c0:1"
+          },
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/HashingAssignment.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Expression language injection (JEXL)"
+                "region": {
+                  "start_line": 56,
+                  "start_column": 52,
+                  "end_line": 56,
+                  "end_column": 57
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
+              "message": {
+                "text": "MD5"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 12,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/12"
+          }
+        },
+        {
+          "rule": {
+            "index": 30,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "[Error information](1) can be exposed to an external user."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-container/src/main/java/org/owasp/webgoat/AjaxAuthenticationEntryPoint.java",
+                  "index": 10
                 },
-                "fullDescription": {
-                  "text": "Using a vulnerable version of JHipster to generate random numbers makes it easier for attackers to take over accounts."
+                "region": {
+                  "start_line": 53,
+                  "start_column": 37,
+                  "end_line": 53,
+                  "end_column": 63
+                }
+              }
+            }
+          ],
+          "guid": "4a7511dd-e233-493d-9d97-42e9fc5cb00b",
+          "correlation_guid": "2ff0b197-ca8f-4eb0-8fd5-3ad326540ea3",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "69b1bde9108b11cf:1"
+          },
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-container/src/main/java/org/owasp/webgoat/AjaxAuthenticationEntryPoint.java",
+                  "index": 0
                 },
-                "help": {
-                  "markdown": "# Detect JHipster Generator Vulnerability CVE-2019-16303\nThis query detects instances of `RandomUtil.java` that were generated by a [JHipster](https://www.jhipster.tech/) version that is vulnerable to [CVE-2019-16303](https://github.com/jhipster/jhipster-kotlin/security/advisories/GHSA-j3rh-8vwq-wh84).\n\nIf an app uses `RandomUtil.java` generated by a vulnerable version of JHipster, attackers can request a password reset token and use this to predict the value of future reset tokens generated by this server. Using this information, they can create a reset link that allows them to take over any account.\n\nThis vulnerability has a [ CVSS v3.0 Base Score of 9.8/10 ](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2019-16303&vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.1&source=NIST).\n\n\n## Example\nThe example below shows the vulnerable `RandomUtil` class generated by [JHipster prior to version 6.3.0](https://www.jhipster.tech/2019/09/13/jhipster-release-6.3.0.html).\n\n\n```java\nimport org.apache.commons.lang3.RandomStringUtils;\n\n/**\n * Utility class for generating random Strings.\n */\npublic final class RandomUtil {\n\n    private static final int DEF_COUNT = 20;\n\n    private RandomUtil() {\n    }\n\n    /**\n     * Generate a password.\n     *\n     * @return the generated password.\n     */\n    public static String generatePassword() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate an activation key.\n     *\n     * @return the generated activation key.\n     */\n    public static String generateActivationKey() {\n        return RandomStringUtils.randomNumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a reset key.\n     *\n     * @return the generated reset key.\n     */\n    public static String generateResetKey() {\n        return RandomStringUtils.randomNumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a unique series to validate a persistent token, used in the\n     * authentication remember-me mechanism.\n     *\n     * @return the generated series data.\n     */\n    public static String generateSeriesData() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a persistent token, used in the authentication remember-me mechanism.\n     *\n     * @return the generated token data.\n     */\n    public static String generateTokenData() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n}\n\n```\nBelow is a fixed version of the `RandomUtil` class.\n\n\n```java\nimport org.apache.commons.lang3.RandomStringUtils;\n\nimport java.security.SecureRandom;\n\n/**\n * Utility class for generating random Strings.\n */\npublic final class RandomUtil {\n    private static final SecureRandom SECURE_RANDOM = new SecureRandom(); // GOOD: Using SecureRandom\n\n    private static final int DEF_COUNT = 20;\n\n    static {\n        SECURE_RANDOM.nextBytes(new byte[64]);\n    }\n\n    private RandomUtil() {\n    }\n\n    private static String generateRandomAlphanumericString() {\n        // GOOD: Passing Secure Random to RandomStringUtils::random\n        return RandomStringUtils.random(DEF_COUNT, 0, 0, true, true, null, SECURE_RANDOM);\n    }\n\n    /**\n     * Generate a password.\n     *\n     * @return the generated password.\n     */\n    public static String generatePassword() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate an activation key.\n     *\n     * @return the generated activation key.\n     */\n    public static String generateActivationKey() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a reset key.\n     *\n     * @return the generated reset key.\n     */\n    public static String generateResetKey() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a unique series to validate a persistent token, used in the\n     * authentication remember-me mechanism.\n     *\n     * @return the generated series data.\n     */\n    public static String generateSeriesData() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a persistent token, used in the authentication remember-me mechanism.\n     *\n     * @return the generated token data.\n     */\n    public static String generateTokenData() {\n        return generateRandomAlphanumericString();\n    }\n}\n\n```\n\n## Recommendation\nYou should refactor the `RandomUtil` class and replace every call to `RandomStringUtils.randomAlphaNumeric`. You could regenerate the class using the latest version of JHipster, or use an automated refactoring. For example, using the [Patching JHipster CWE-338](https://github.com/moderneinc/jhipster-cwe-338) for the [Rewrite project](https://github.com/openrewrite/rewrite).\n\n\n## References\n* Cloudflare Blog: [ Why secure systems require random numbers ](https://blog.cloudflare.com/why-randomness-matters/)\n* Hacker News: [ How I Hacked Hacker News (with arc security advisory) ](https://news.ycombinator.com/item?id=639976)\n* Posts by Pucara Information Security Team: [ The Java Soothsayer: A practical application for insecure randomness. (Includes free 0day) ](https://blog.pucarasec.com/2020/05/09/the-java-soothsayer-a-practical-application-for-insecure-randomness-includes-free-0day/)\n* Common Weakness Enumeration: [CWE-338](https://cwe.mitre.org/data/definitions/338.html).\n",
-                  "text": "# Detect JHipster Generator Vulnerability CVE-2019-16303\nThis query detects instances of `RandomUtil.java` that were generated by a [JHipster](https://www.jhipster.tech/) version that is vulnerable to [CVE-2019-16303](https://github.com/jhipster/jhipster-kotlin/security/advisories/GHSA-j3rh-8vwq-wh84).\n\nIf an app uses `RandomUtil.java` generated by a vulnerable version of JHipster, attackers can request a password reset token and use this to predict the value of future reset tokens generated by this server. Using this information, they can create a reset link that allows them to take over any account.\n\nThis vulnerability has a [ CVSS v3.0 Base Score of 9.8/10 ](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2019-16303&vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.1&source=NIST).\n\n\n## Example\nThe example below shows the vulnerable `RandomUtil` class generated by [JHipster prior to version 6.3.0](https://www.jhipster.tech/2019/09/13/jhipster-release-6.3.0.html).\n\n\n```java\nimport org.apache.commons.lang3.RandomStringUtils;\n\n/**\n * Utility class for generating random Strings.\n */\npublic final class RandomUtil {\n\n    private static final int DEF_COUNT = 20;\n\n    private RandomUtil() {\n    }\n\n    /**\n     * Generate a password.\n     *\n     * @return the generated password.\n     */\n    public static String generatePassword() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate an activation key.\n     *\n     * @return the generated activation key.\n     */\n    public static String generateActivationKey() {\n        return RandomStringUtils.randomNumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a reset key.\n     *\n     * @return the generated reset key.\n     */\n    public static String generateResetKey() {\n        return RandomStringUtils.randomNumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a unique series to validate a persistent token, used in the\n     * authentication remember-me mechanism.\n     *\n     * @return the generated series data.\n     */\n    public static String generateSeriesData() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n\n    /**\n     * Generate a persistent token, used in the authentication remember-me mechanism.\n     *\n     * @return the generated token data.\n     */\n    public static String generateTokenData() {\n        return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // BAD: RandomStringUtils does not use SecureRandom\n    }\n}\n\n```\nBelow is a fixed version of the `RandomUtil` class.\n\n\n```java\nimport org.apache.commons.lang3.RandomStringUtils;\n\nimport java.security.SecureRandom;\n\n/**\n * Utility class for generating random Strings.\n */\npublic final class RandomUtil {\n    private static final SecureRandom SECURE_RANDOM = new SecureRandom(); // GOOD: Using SecureRandom\n\n    private static final int DEF_COUNT = 20;\n\n    static {\n        SECURE_RANDOM.nextBytes(new byte[64]);\n    }\n\n    private RandomUtil() {\n    }\n\n    private static String generateRandomAlphanumericString() {\n        // GOOD: Passing Secure Random to RandomStringUtils::random\n        return RandomStringUtils.random(DEF_COUNT, 0, 0, true, true, null, SECURE_RANDOM);\n    }\n\n    /**\n     * Generate a password.\n     *\n     * @return the generated password.\n     */\n    public static String generatePassword() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate an activation key.\n     *\n     * @return the generated activation key.\n     */\n    public static String generateActivationKey() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a reset key.\n     *\n     * @return the generated reset key.\n     */\n    public static String generateResetKey() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a unique series to validate a persistent token, used in the\n     * authentication remember-me mechanism.\n     *\n     * @return the generated series data.\n     */\n    public static String generateSeriesData() {\n        return generateRandomAlphanumericString();\n    }\n\n    /**\n     * Generate a persistent token, used in the authentication remember-me mechanism.\n     *\n     * @return the generated token data.\n     */\n    public static String generateTokenData() {\n        return generateRandomAlphanumericString();\n    }\n}\n\n```\n\n## Recommendation\nYou should refactor the `RandomUtil` class and replace every call to `RandomStringUtils.randomAlphaNumeric`. You could regenerate the class using the latest version of JHipster, or use an automated refactoring. For example, using the [Patching JHipster CWE-338](https://github.com/moderneinc/jhipster-cwe-338) for the [Rewrite project](https://github.com/openrewrite/rewrite).\n\n\n## References\n* Cloudflare Blog: [ Why secure systems require random numbers ](https://blog.cloudflare.com/why-randomness-matters/)\n* Hacker News: [ How I Hacked Hacker News (with arc security advisory) ](https://news.ycombinator.com/item?id=639976)\n* Posts by Pucara Information Security Team: [ The Java Soothsayer: A practical application for insecure randomness. (Includes free 0day) ](https://blog.pucarasec.com/2020/05/09/the-java-soothsayer-a-practical-application-for-insecure-randomness-includes-free-0day/)\n* Common Weakness Enumeration: [CWE-338](https://cwe.mitre.org/data/definitions/338.html).\n"
+                "region": {
+                  "start_line": 53,
+                  "start_column": 37,
+                  "end_line": 53,
+                  "end_column": 63
+                }
+              },
+              "message": {
+                "text": "Error information"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 11,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/11"
+          }
+        },
+        {
+          "rule": {
+            "index": 28,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Query might include code from [this user input](1).\nQuery might include code from [this user input](2)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                  "index": 11
                 },
-                "id": "java/jhipster-prng",
-                "name": "java/jhipster-prng",
-                "properties": {
-                  "security-severity": "7.800000",
-                  "tags": [
-                    "external/cwe/cwe-338",
-                    "security"
+                "region": {
+                  "start_line": 66,
+                  "start_column": 60,
+                  "end_line": 66,
+                  "end_column": 65
+                }
+              }
+            }
+          ],
+          "guid": "ef547065-16cd-4cc4-bf48-5be8a43476b4",
+          "correlation_guid": "330d25ad-e2a2-4274-8677-46a67721abd5",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "c3579bd895056390:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                            "index": 11
+                          },
+                          "region": {
+                            "start_line": 55,
+                            "start_column": 35,
+                            "end_line": 55,
+                            "end_column": 60
+                          }
+                        },
+                        "message": {
+                          "text": "name : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                            "index": 11
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 41,
+                            "end_line": 56,
+                            "end_column": 45
+                          }
+                        },
+                        "message": {
+                          "text": "name : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                            "index": 11
+                          },
+                          "region": {
+                            "start_line": 59,
+                            "start_column": 53,
+                            "end_line": 59,
+                            "end_column": 64
+                          }
+                        },
+                        "message": {
+                          "text": "name : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                            "index": 11
+                          },
+                          "region": {
+                            "start_line": 66,
+                            "start_column": 60,
+                            "end_line": 66,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "Detect JHipster Generator Vulnerability CVE-2019-16303"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Performing a JNDI lookup with a user-controlled name can lead to the download of an untrusted object and to execution of arbitrary code."
-                },
-                "help": {
-                  "markdown": "# JNDI lookup with user-controlled name\nThe Java Naming and Directory Interface (JNDI) is a Java API for a directory service that allows Java software clients to discover and look up data and resources (in the form of Java objects) via a name. If the name being used to look up the data is controlled by the user, it can point to a malicious server, which can return an arbitrary object. In the worst case, this can allow remote code execution.\n\n\n## Recommendation\nThe general recommendation is to avoid passing untrusted data to the `InitialContext.lookup ` method. If the name being used to look up the object must be provided by the user, make sure that it's not in the form of an absolute URL or that it's the URL pointing to a trused server.\n\n\n## Example\nIn the following examples, the code accepts a name from the user, which it uses to look up an object.\n\nIn the first example, the user provided name is used to look up an object.\n\nThe second example validates the name before using it to look up an object.\n\n\n```java\nimport javax.naming.Context;\nimport javax.naming.InitialContext;\n\npublic void jndiLookup(HttpServletRequest request) throws NamingException {\n  String name = request.getParameter(\"name\");\n\n  Hashtable<String, String> env = new Hashtable<String, String>();\n  env.put(Context.INITIAL_CONTEXT_FACTORY, \"com.sun.jndi.rmi.registry.RegistryContextFactory\");\n  env.put(Context.PROVIDER_URL, \"rmi://trusted-server:1099\");\n  InitialContext ctx = new InitialContext(env);\n\n  // BAD: User input used in lookup\n  ctx.lookup(name);\n\n  // GOOD: The name is validated before being used in lookup\n  if (isValid(name)) {\n    ctx.lookup(name);\n  } else {\n    // Reject the request\n  }\n}\n```\n\n## References\n* Oracle: [Java Naming and Directory Interface (JNDI)](https://docs.oracle.com/javase/8/docs/technotes/guides/jndi/).\n* Black Hat materials: [A Journey from JNDI/LDAP Manipulation to Remote Code Execution Dream Land](https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf).\n* Veracode: [Exploiting JNDI Injections in Java](https://www.veracode.com/blog/research/exploiting-jndi-injections-java).\n* Common Weakness Enumeration: [CWE-74](https://cwe.mitre.org/data/definitions/74.html).\n",
-                  "text": "# JNDI lookup with user-controlled name\nThe Java Naming and Directory Interface (JNDI) is a Java API for a directory service that allows Java software clients to discover and look up data and resources (in the form of Java objects) via a name. If the name being used to look up the data is controlled by the user, it can point to a malicious server, which can return an arbitrary object. In the worst case, this can allow remote code execution.\n\n\n## Recommendation\nThe general recommendation is to avoid passing untrusted data to the `InitialContext.lookup ` method. If the name being used to look up the object must be provided by the user, make sure that it's not in the form of an absolute URL or that it's the URL pointing to a trused server.\n\n\n## Example\nIn the following examples, the code accepts a name from the user, which it uses to look up an object.\n\nIn the first example, the user provided name is used to look up an object.\n\nThe second example validates the name before using it to look up an object.\n\n\n```java\nimport javax.naming.Context;\nimport javax.naming.InitialContext;\n\npublic void jndiLookup(HttpServletRequest request) throws NamingException {\n  String name = request.getParameter(\"name\");\n\n  Hashtable<String, String> env = new Hashtable<String, String>();\n  env.put(Context.INITIAL_CONTEXT_FACTORY, \"com.sun.jndi.rmi.registry.RegistryContextFactory\");\n  env.put(Context.PROVIDER_URL, \"rmi://trusted-server:1099\");\n  InitialContext ctx = new InitialContext(env);\n\n  // BAD: User input used in lookup\n  ctx.lookup(name);\n\n  // GOOD: The name is validated before being used in lookup\n  if (isValid(name)) {\n    ctx.lookup(name);\n  } else {\n    // Reject the request\n  }\n}\n```\n\n## References\n* Oracle: [Java Naming and Directory Interface (JNDI)](https://docs.oracle.com/javase/8/docs/technotes/guides/jndi/).\n* Black Hat materials: [A Journey from JNDI/LDAP Manipulation to Remote Code Execution Dream Land](https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf).\n* Veracode: [Exploiting JNDI Injections in Java](https://www.veracode.com/blog/research/exploiting-jndi-injections-java).\n* Common Weakness Enumeration: [CWE-74](https://cwe.mitre.org/data/definitions/74.html).\n"
-                },
-                "id": "java/jndi-injection",
-                "name": "java/jndi-injection",
-                "properties": {
-                  "tags": [
-                    "external/cwe/cwe-074",
-                    "security"
+              ]
+            },
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                            "index": 11
+                          },
+                          "region": {
+                            "start_line": 55,
+                            "start_column": 62,
+                            "end_line": 55,
+                            "end_column": 91
+                          }
+                        },
+                        "message": {
+                          "text": "auth_tan : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                            "index": 11
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 47,
+                            "end_line": 56,
+                            "end_column": 55
+                          }
+                        },
+                        "message": {
+                          "text": "auth_tan : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                            "index": 11
+                          },
+                          "region": {
+                            "start_line": 59,
+                            "start_column": 66,
+                            "end_line": 59,
+                            "end_column": 81
+                          }
+                        },
+                        "message": {
+                          "text": "auth_tan : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                            "index": 11
+                          },
+                          "region": {
+                            "start_line": 66,
+                            "start_column": 60,
+                            "end_line": 66,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "JNDI lookup with user-controlled name"
+                "region": {
+                  "start_line": 55,
+                  "start_column": 35,
+                  "end_line": 55,
+                  "end_column": 60
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Building an LDAP query from user-controlled sources is vulnerable to insertion of malicious LDAP code by the user."
-                },
-                "help": {
-                  "markdown": "# LDAP query built from user-controlled sources\nIf an LDAP query is built using string concatenation, and the components of the concatenation include user input, a user is likely to be able to run malicious LDAP queries.\n\n\n## Recommendation\nIf user input must be included in an LDAP query, it should be escaped to avoid a malicious user providing special characters that change the meaning of the query. If possible build the LDAP query using framework helper methods, for example from Spring's `LdapQueryBuilder` and `LdapNameBuilder`, instead of string concatenation. Alternatively, escape user input using an appropriate LDAP encoding method, for example: `encodeForLDAP` or `encodeForDN` from OWASP ESAPI, `LdapEncoder.filterEncode` or `LdapEncoder.nameEncode` from Spring LDAP, or `Filter.encodeValue` from UnboundID library.\n\n\n## Example\nIn the following examples, the code accepts an \"organization name\" and a \"username\" from the user, which it uses to query LDAP.\n\nThe first example concatenates the unvalidated and unencoded user input directly into both the DN (Distinguished Name) and the search filter used for the LDAP query. A malicious user could provide special characters to change the meaning of these queries, and search for a completely different set of values. The LDAP query is executed using Java JNDI API.\n\nThe second example uses the OWASP ESAPI library to encode the user values before they are included in the DN and search filters. This ensures the meaning of the query cannot be changed by a malicious user.\n\n\n```java\nimport javax.naming.directory.DirContext;\nimport org.owasp.esapi.Encoder;\nimport org.owasp.esapi.reference.DefaultEncoder;\n\npublic void ldapQueryBad(HttpServletRequest request, DirContext ctx) throws NamingException {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // BAD: User input used in DN (Distinguished Name) without encoding\n  String dn = \"OU=People,O=\" + organizationName;\n\n  // BAD: User input used in search filter without encoding\n  String filter = \"username=\" + userName;\n\n  ctx.search(dn, filter, new SearchControls());\n}\n\npublic void ldapQueryGood(HttpServletRequest request, DirContext ctx) throws NamingException {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // ESAPI encoder\n  Encoder encoder = DefaultEncoder.getInstance();\n\n  // GOOD: Organization name is encoded before being used in DN\n  String safeOrganizationName = encoder.encodeForDN(organizationName);\n  String safeDn = \"OU=People,O=\" + safeOrganizationName;\n\n  // GOOD: User input is encoded before being used in search filter\n  String safeUsername = encoder.encodeForLDAP(username);\n  String safeFilter = \"username=\" + safeUsername;\n  \n  ctx.search(safeDn, safeFilter, new SearchControls());\n}\n```\nThe third example uses Spring `LdapQueryBuilder` to build an LDAP query. In addition to simplifying the building of complex search parameters, it also provides proper escaping of any unsafe characters in search filters. The DN is built using `LdapNameBuilder`, which also provides proper escaping.\n\n\n```java\nimport static org.springframework.ldap.query.LdapQueryBuilder.query;\nimport org.springframework.ldap.support.LdapNameBuilder;\n\npublic void ldapQueryGood(@RequestParam String organizationName, @RequestParam String username) {\n  // GOOD: Organization name is encoded before being used in DN\n  String safeDn = LdapNameBuilder.newInstance()\n    .add(\"O\", organizationName)\n    .add(\"OU=People\")\n    .build().toString();\n\n  // GOOD: User input is encoded before being used in search filter\n  LdapQuery query = query()\n    .base(safeDn)\n    .where(\"username\").is(username);\n\n  ldapTemplate.search(query, new AttributeCheckAttributesMapper());\n}\n```\nThe fourth example uses `UnboundID` classes, `Filter` and `DN`, to construct a safe filter and base DN.\n\n\n```java\nimport com.unboundid.ldap.sdk.LDAPConnection;\nimport com.unboundid.ldap.sdk.DN;\nimport com.unboundid.ldap.sdk.RDN;\nimport com.unboundid.ldap.sdk.Filter;\n\npublic void ldapQueryGood(HttpServletRequest request, LDAPConnection c) {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // GOOD: Organization name is encoded before being used in DN\n  DN safeDn = new DN(new RDN(\"OU\", \"People\"), new RDN(\"O\", organizationName));\n\n  // GOOD: User input is encoded before being used in search filter\n  Filter safeFilter = Filter.createEqualityFilter(\"username\", username);\n  \n  c.search(safeDn.toString(), SearchScope.ONE, safeFilter);\n}\n```\nThe fifth example shows how to build a safe filter and DN using the Apache LDAP API.\n\n\n```java\nimport org.apache.directory.ldap.client.api.LdapConnection;\nimport org.apache.directory.api.ldap.model.name.Dn;\nimport org.apache.directory.api.ldap.model.name.Rdn;\nimport org.apache.directory.api.ldap.model.message.SearchRequest;\nimport org.apache.directory.api.ldap.model.message.SearchRequestImpl;\nimport static org.apache.directory.ldap.client.api.search.FilterBuilder.equal;\n\npublic void ldapQueryGood(HttpServletRequest request, LdapConnection c) {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // GOOD: Organization name is encoded before being used in DN\n  Dn safeDn = new Dn(new Rdn(\"OU\", \"People\"), new Rdn(\"O\", organizationName));\n\n  // GOOD: User input is encoded before being used in search filter\n  String safeFilter = equal(\"username\", username);\n  \n  SearchRequest searchRequest = new SearchRequestImpl();\n  searchRequest.setBase(safeDn);\n  searchRequest.setFilter(safeFilter);\n  c.search(searchRequest);\n}\n```\n\n## References\n* OWASP: [LDAP Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html).\n* OWASP ESAPI: [OWASP ESAPI](https://owasp.org/www-project-enterprise-security-api/).\n* Spring LdapQueryBuilder doc: [LdapQueryBuilder](https://docs.spring.io/spring-ldap/docs/current/apidocs/org/springframework/ldap/query/LdapQueryBuilder.html).\n* Spring LdapNameBuilder doc: [LdapNameBuilder](https://docs.spring.io/spring-ldap/docs/current/apidocs/org/springframework/ldap/support/LdapNameBuilder.html).\n* UnboundID: [Understanding and Defending Against LDAP Injection Attacks](https://ldap.com/2018/05/04/understanding-and-defending-against-ldap-injection-attacks/).\n* Common Weakness Enumeration: [CWE-90](https://cwe.mitre.org/data/definitions/90.html).\n",
-                  "text": "# LDAP query built from user-controlled sources\nIf an LDAP query is built using string concatenation, and the components of the concatenation include user input, a user is likely to be able to run malicious LDAP queries.\n\n\n## Recommendation\nIf user input must be included in an LDAP query, it should be escaped to avoid a malicious user providing special characters that change the meaning of the query. If possible build the LDAP query using framework helper methods, for example from Spring's `LdapQueryBuilder` and `LdapNameBuilder`, instead of string concatenation. Alternatively, escape user input using an appropriate LDAP encoding method, for example: `encodeForLDAP` or `encodeForDN` from OWASP ESAPI, `LdapEncoder.filterEncode` or `LdapEncoder.nameEncode` from Spring LDAP, or `Filter.encodeValue` from UnboundID library.\n\n\n## Example\nIn the following examples, the code accepts an \"organization name\" and a \"username\" from the user, which it uses to query LDAP.\n\nThe first example concatenates the unvalidated and unencoded user input directly into both the DN (Distinguished Name) and the search filter used for the LDAP query. A malicious user could provide special characters to change the meaning of these queries, and search for a completely different set of values. The LDAP query is executed using Java JNDI API.\n\nThe second example uses the OWASP ESAPI library to encode the user values before they are included in the DN and search filters. This ensures the meaning of the query cannot be changed by a malicious user.\n\n\n```java\nimport javax.naming.directory.DirContext;\nimport org.owasp.esapi.Encoder;\nimport org.owasp.esapi.reference.DefaultEncoder;\n\npublic void ldapQueryBad(HttpServletRequest request, DirContext ctx) throws NamingException {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // BAD: User input used in DN (Distinguished Name) without encoding\n  String dn = \"OU=People,O=\" + organizationName;\n\n  // BAD: User input used in search filter without encoding\n  String filter = \"username=\" + userName;\n\n  ctx.search(dn, filter, new SearchControls());\n}\n\npublic void ldapQueryGood(HttpServletRequest request, DirContext ctx) throws NamingException {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // ESAPI encoder\n  Encoder encoder = DefaultEncoder.getInstance();\n\n  // GOOD: Organization name is encoded before being used in DN\n  String safeOrganizationName = encoder.encodeForDN(organizationName);\n  String safeDn = \"OU=People,O=\" + safeOrganizationName;\n\n  // GOOD: User input is encoded before being used in search filter\n  String safeUsername = encoder.encodeForLDAP(username);\n  String safeFilter = \"username=\" + safeUsername;\n  \n  ctx.search(safeDn, safeFilter, new SearchControls());\n}\n```\nThe third example uses Spring `LdapQueryBuilder` to build an LDAP query. In addition to simplifying the building of complex search parameters, it also provides proper escaping of any unsafe characters in search filters. The DN is built using `LdapNameBuilder`, which also provides proper escaping.\n\n\n```java\nimport static org.springframework.ldap.query.LdapQueryBuilder.query;\nimport org.springframework.ldap.support.LdapNameBuilder;\n\npublic void ldapQueryGood(@RequestParam String organizationName, @RequestParam String username) {\n  // GOOD: Organization name is encoded before being used in DN\n  String safeDn = LdapNameBuilder.newInstance()\n    .add(\"O\", organizationName)\n    .add(\"OU=People\")\n    .build().toString();\n\n  // GOOD: User input is encoded before being used in search filter\n  LdapQuery query = query()\n    .base(safeDn)\n    .where(\"username\").is(username);\n\n  ldapTemplate.search(query, new AttributeCheckAttributesMapper());\n}\n```\nThe fourth example uses `UnboundID` classes, `Filter` and `DN`, to construct a safe filter and base DN.\n\n\n```java\nimport com.unboundid.ldap.sdk.LDAPConnection;\nimport com.unboundid.ldap.sdk.DN;\nimport com.unboundid.ldap.sdk.RDN;\nimport com.unboundid.ldap.sdk.Filter;\n\npublic void ldapQueryGood(HttpServletRequest request, LDAPConnection c) {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // GOOD: Organization name is encoded before being used in DN\n  DN safeDn = new DN(new RDN(\"OU\", \"People\"), new RDN(\"O\", organizationName));\n\n  // GOOD: User input is encoded before being used in search filter\n  Filter safeFilter = Filter.createEqualityFilter(\"username\", username);\n  \n  c.search(safeDn.toString(), SearchScope.ONE, safeFilter);\n}\n```\nThe fifth example shows how to build a safe filter and DN using the Apache LDAP API.\n\n\n```java\nimport org.apache.directory.ldap.client.api.LdapConnection;\nimport org.apache.directory.api.ldap.model.name.Dn;\nimport org.apache.directory.api.ldap.model.name.Rdn;\nimport org.apache.directory.api.ldap.model.message.SearchRequest;\nimport org.apache.directory.api.ldap.model.message.SearchRequestImpl;\nimport static org.apache.directory.ldap.client.api.search.FilterBuilder.equal;\n\npublic void ldapQueryGood(HttpServletRequest request, LdapConnection c) {\n  String organizationName = request.getParameter(\"organization_name\");\n  String username = request.getParameter(\"username\");\n\n  // GOOD: Organization name is encoded before being used in DN\n  Dn safeDn = new Dn(new Rdn(\"OU\", \"People\"), new Rdn(\"O\", organizationName));\n\n  // GOOD: User input is encoded before being used in search filter\n  String safeFilter = equal(\"username\", username);\n  \n  SearchRequest searchRequest = new SearchRequestImpl();\n  searchRequest.setBase(safeDn);\n  searchRequest.setFilter(safeFilter);\n  c.search(searchRequest);\n}\n```\n\n## References\n* OWASP: [LDAP Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html).\n* OWASP ESAPI: [OWASP ESAPI](https://owasp.org/www-project-enterprise-security-api/).\n* Spring LdapQueryBuilder doc: [LdapQueryBuilder](https://docs.spring.io/spring-ldap/docs/current/apidocs/org/springframework/ldap/query/LdapQueryBuilder.html).\n* Spring LdapNameBuilder doc: [LdapNameBuilder](https://docs.spring.io/spring-ldap/docs/current/apidocs/org/springframework/ldap/support/LdapNameBuilder.html).\n* UnboundID: [Understanding and Defending Against LDAP Injection Attacks](https://ldap.com/2018/05/04/understanding-and-defending-against-ldap-injection-attacks/).\n* Common Weakness Enumeration: [CWE-90](https://cwe.mitre.org/data/definitions/90.html).\n"
-                },
-                "id": "java/ldap-injection",
-                "name": "java/ldap-injection",
-                "properties": {
-                  "security-severity": "9.800000",
-                  "tags": [
-                    "external/cwe/cwe-090",
-                    "security"
-                  ]
+              "message": {
+                "text": "this user input"
+              }
+            },
+            {
+              "id": 2,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson9.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "LDAP query built from user-controlled sources"
+                "region": {
+                  "start_line": 55,
+                  "start_column": 62,
+                  "end_line": 55,
+                  "end_column": 91
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Using a deprecated artifact repository may eventually give attackers access for a supply chain attack."
-                },
-                "help": {
-                  "markdown": "# Depending upon JCenter/Bintray as an artifact repository\n[Bintray and JCenter are shutting down on February 1st, 2022](https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/). Relying upon repositories that are deprecated or scheduled to be shutdown can have unintended consequences; for example, artifacts being resolved from a different artifact server or a total failure of the CI build.\n\nWhen artifact repositories are left unmaintained for a long period of time, vulnerabilities may emerge. Theoretically, this could allow attackers to inject malicious code into the artifacts that you are resolving and infect build artifacts that are being produced. This can be used by attackers to perform a [supply chain attack](https://en.wikipedia.org/wiki/Supply_chain_attack) against your project's users.\n\n\n## Recommendation\nAlways use the canonical repository for resolving your dependencies.\n\n\n## Example\nThe following example shows locations in a Maven POM file where artifact repository upload/download is configured. The use of Bintray in any of these locations is not advised.\n\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Bintray Usage</name>\n    <description>An example of using bintray to download and upload dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </repository>\n        <snapshotRepository>\n            <id>jcenter-snapshots</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </repository>\n    </repositories>\n    <repositories>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use Bintray -->\n            <url>https://dl.bintray.com/groovy/maven</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>jcenter-plugins</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n## References\n* JFrog blog: [ Into the Sunset on May 1st: Bintray, JCenter, GoCenter, and ChartCenter ](https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/)\n* Common Weakness Enumeration: [CWE-1104](https://cwe.mitre.org/data/definitions/1104.html).\n",
-                  "text": "# Depending upon JCenter/Bintray as an artifact repository\n[Bintray and JCenter are shutting down on February 1st, 2022](https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/). Relying upon repositories that are deprecated or scheduled to be shutdown can have unintended consequences; for example, artifacts being resolved from a different artifact server or a total failure of the CI build.\n\nWhen artifact repositories are left unmaintained for a long period of time, vulnerabilities may emerge. Theoretically, this could allow attackers to inject malicious code into the artifacts that you are resolving and infect build artifacts that are being produced. This can be used by attackers to perform a [supply chain attack](https://en.wikipedia.org/wiki/Supply_chain_attack) against your project's users.\n\n\n## Recommendation\nAlways use the canonical repository for resolving your dependencies.\n\n\n## Example\nThe following example shows locations in a Maven POM file where artifact repository upload/download is configured. The use of Bintray in any of these locations is not advised.\n\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Bintray Usage</name>\n    <description>An example of using bintray to download and upload dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </repository>\n        <snapshotRepository>\n            <id>jcenter-snapshots</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </repository>\n    </repositories>\n    <repositories>\n        <repository>\n            <id>jcenter</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use Bintray -->\n            <url>https://dl.bintray.com/groovy/maven</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>jcenter-plugins</id>\n            <name>JCenter</name>\n            <!-- BAD! Don't use JCenter -->\n            <url>https://jcenter.bintray.com</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n## References\n* JFrog blog: [ Into the Sunset on May 1st: Bintray, JCenter, GoCenter, and ChartCenter ](https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/)\n* Common Weakness Enumeration: [CWE-1104](https://cwe.mitre.org/data/definitions/1104.html).\n"
+              "message": {
+                "text": "this user input"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 10,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/10"
+          }
+        },
+        {
+          "rule": {
+            "index": 28,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Query might include code from [this user input](1).\nQuery might include code from [this user input](2)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                  "index": 12
                 },
-                "id": "java/maven/dependency-upon-bintray",
-                "name": "java/maven/dependency-upon-bintray",
-                "properties": {
-                  "security-severity": "6.500000",
-                  "tags": [
-                    "external/cwe/cwe-1104",
-                    "security"
+                "region": {
+                  "start_line": 66,
+                  "start_column": 60,
+                  "end_line": 66,
+                  "end_column": 65
+                }
+              }
+            }
+          ],
+          "guid": "6ecce9b8-eb09-4ddb-8a6f-336d7ae70813",
+          "correlation_guid": "003f2452-d35e-46ee-b919-38e38771d412",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "615295edb2bddc7:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                            "index": 12
+                          },
+                          "region": {
+                            "start_line": 54,
+                            "start_column": 35,
+                            "end_line": 54,
+                            "end_column": 60
+                          }
+                        },
+                        "message": {
+                          "text": "name : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                            "index": 12
+                          },
+                          "region": {
+                            "start_line": 55,
+                            "start_column": 47,
+                            "end_line": 55,
+                            "end_column": 51
+                          }
+                        },
+                        "message": {
+                          "text": "name : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                            "index": 12
+                          },
+                          "region": {
+                            "start_line": 58,
+                            "start_column": 59,
+                            "end_line": 58,
+                            "end_column": 70
+                          }
+                        },
+                        "message": {
+                          "text": "name : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                            "index": 12
+                          },
+                          "region": {
+                            "start_line": 66,
+                            "start_column": 60,
+                            "end_line": 66,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "Depending upon JCenter/Bintray as an artifact repository"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Non-HTTPS connections can be intercepted by third parties."
-                },
-                "help": {
-                  "markdown": "# Failure to use HTTPS or SFTP URL in Maven artifact upload/download\nUsing an insecure protocol like HTTP or FTP to download your dependencies leaves your Maven build vulnerable to a [Man in the Middle (MITM)](https://en.wikipedia.org/wiki/Man-in-the-middle_attack). This can allow attackers to inject malicious code into the artifacts that you are resolving and infect build artifacts that are being produced. This can be used by attackers to perform a [Supply chain attack](https://en.wikipedia.org/wiki/Supply_chain_attack) against your project's users.\n\nThis vulnerability has a [ CVSS v3.1 base score of 8.1/10 ](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.1).\n\n\n## Recommendation\nAlways use HTTPS or SFTP to download artifacts from artifact servers.\n\n\n## Example\nThese examples show examples of locations in Maven POM files where artifact repository upload/download is configured. The first shows the use of HTTP, the second shows the use of HTTPS.\n\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Security Testing</name>\n    <description>An example of insecure download and upload of dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>insecure-releases</id>\n            <name>Insecure Repository Releases</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </repository>\n        <snapshotRepository>\n            <id>insecure-snapshots</id>\n            <name>Insecure Repository Snapshots</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>insecure</id>\n            <name>Insecure Repository</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>insecure-plugins</id>\n            <name>Insecure Repository Releases</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Security Testing</name>\n    <description>An example of secure download and upload of dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>insecure-releases</id>\n            <name>Secure Repository Releases</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </repository>\n        <snapshotRepository>\n            <id>insecure-snapshots</id>\n            <name>Secure Repository Snapshots</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>insecure</id>\n            <name>Secure Repository</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>insecure-plugins</id>\n            <name>Secure Repository Releases</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n## References\n* Research: [ Want to take over the Java ecosystem? All you need is a MITM! ](https://medium.com/bugbountywriteup/want-to-take-over-the-java-ecosystem-all-you-need-is-a-mitm-1fc329d898fb?source=friends_link&sk=3c99970c55a899ad9ef41f126efcde0e)\n* Research: [ How to take over the computer of any Java (or Closure or Scala) Developer. ](https://max.computer/blog/how-to-take-over-the-computer-of-any-java-or-clojure-or-scala-developer/)\n* Proof of Concept: [ mveytsman/dilettante ](https://github.com/mveytsman/dilettante)\n* Additional Gradle &amp; Maven plugin: [ Announcing nohttp ](https://spring.io/blog/2019/06/10/announcing-nohttp)\n* Java Ecosystem Announcement: [ HTTP Decommission Artifact Server Announcements ](https://gist.github.com/JLLeitschuh/789e49e3d34092a005031a0a1880af99)\n* Common Weakness Enumeration: [CWE-300](https://cwe.mitre.org/data/definitions/300.html).\n* Common Weakness Enumeration: [CWE-319](https://cwe.mitre.org/data/definitions/319.html).\n* Common Weakness Enumeration: [CWE-494](https://cwe.mitre.org/data/definitions/494.html).\n* Common Weakness Enumeration: [CWE-829](https://cwe.mitre.org/data/definitions/829.html).\n",
-                  "text": "# Failure to use HTTPS or SFTP URL in Maven artifact upload/download\nUsing an insecure protocol like HTTP or FTP to download your dependencies leaves your Maven build vulnerable to a [Man in the Middle (MITM)](https://en.wikipedia.org/wiki/Man-in-the-middle_attack). This can allow attackers to inject malicious code into the artifacts that you are resolving and infect build artifacts that are being produced. This can be used by attackers to perform a [Supply chain attack](https://en.wikipedia.org/wiki/Supply_chain_attack) against your project's users.\n\nThis vulnerability has a [ CVSS v3.1 base score of 8.1/10 ](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.1).\n\n\n## Recommendation\nAlways use HTTPS or SFTP to download artifacts from artifact servers.\n\n\n## Example\nThese examples show examples of locations in Maven POM files where artifact repository upload/download is configured. The first shows the use of HTTP, the second shows the use of HTTPS.\n\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Security Testing</name>\n    <description>An example of insecure download and upload of dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>insecure-releases</id>\n            <name>Insecure Repository Releases</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </repository>\n        <snapshotRepository>\n            <id>insecure-snapshots</id>\n            <name>Insecure Repository Snapshots</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>insecure</id>\n            <name>Insecure Repository</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>insecure-plugins</id>\n            <name>Insecure Repository Releases</name>\n            <!-- BAD! Use HTTPS -->\n            <url>http://insecure-repository.example</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n```xml\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<project xmlns=\"http://maven.apache.org/POM/4.0.0\"\n         xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n         xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n\n    <modelVersion>4.0.0</modelVersion>\n\n    <groupId>com.semmle</groupId>\n    <artifactId>parent</artifactId>\n    <version>1.0</version>\n    <packaging>pom</packaging>\n\n    <name>Security Testing</name>\n    <description>An example of secure download and upload of dependencies</description>\n\n    <distributionManagement>\n        <repository>\n            <id>insecure-releases</id>\n            <name>Secure Repository Releases</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </repository>\n        <snapshotRepository>\n            <id>insecure-snapshots</id>\n            <name>Secure Repository Snapshots</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </snapshotRepository>\n    </distributionManagement>\n    <repositories>\n        <repository>\n            <id>insecure</id>\n            <name>Secure Repository</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </repository>\n    </repositories>\n    <pluginRepositories>\n        <pluginRepository>\n            <id>insecure-plugins</id>\n            <name>Secure Repository Releases</name>\n            <!-- GOOD! Use HTTPS -->\n            <url>https://insecure-repository.example</url>\n        </pluginRepository>\n    </pluginRepositories>\n</project>\n\n```\n\n## References\n* Research: [ Want to take over the Java ecosystem? All you need is a MITM! ](https://medium.com/bugbountywriteup/want-to-take-over-the-java-ecosystem-all-you-need-is-a-mitm-1fc329d898fb?source=friends_link&sk=3c99970c55a899ad9ef41f126efcde0e)\n* Research: [ How to take over the computer of any Java (or Closure or Scala) Developer. ](https://max.computer/blog/how-to-take-over-the-computer-of-any-java-or-clojure-or-scala-developer/)\n* Proof of Concept: [ mveytsman/dilettante ](https://github.com/mveytsman/dilettante)\n* Additional Gradle &amp; Maven plugin: [ Announcing nohttp ](https://spring.io/blog/2019/06/10/announcing-nohttp)\n* Java Ecosystem Announcement: [ HTTP Decommission Artifact Server Announcements ](https://gist.github.com/JLLeitschuh/789e49e3d34092a005031a0a1880af99)\n* Common Weakness Enumeration: [CWE-300](https://cwe.mitre.org/data/definitions/300.html).\n* Common Weakness Enumeration: [CWE-319](https://cwe.mitre.org/data/definitions/319.html).\n* Common Weakness Enumeration: [CWE-494](https://cwe.mitre.org/data/definitions/494.html).\n* Common Weakness Enumeration: [CWE-829](https://cwe.mitre.org/data/definitions/829.html).\n"
-                },
-                "id": "java/maven/non-https-url",
-                "name": "java/maven/non-https-url",
-                "properties": {
-                  "security-severity": "8.100000",
-                  "tags": [
-                    "external/cwe/cwe-300",
-                    "external/cwe/cwe-319",
-                    "external/cwe/cwe-494",
-                    "external/cwe/cwe-829",
-                    "security"
+              ]
+            },
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                            "index": 12
+                          },
+                          "region": {
+                            "start_line": 54,
+                            "start_column": 62,
+                            "end_line": 54,
+                            "end_column": 91
+                          }
+                        },
+                        "message": {
+                          "text": "auth_tan : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                            "index": 12
+                          },
+                          "region": {
+                            "start_line": 55,
+                            "start_column": 53,
+                            "end_line": 55,
+                            "end_column": 61
+                          }
+                        },
+                        "message": {
+                          "text": "auth_tan : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                            "index": 12
+                          },
+                          "region": {
+                            "start_line": 58,
+                            "start_column": 72,
+                            "end_line": 58,
+                            "end_column": 87
+                          }
+                        },
+                        "message": {
+                          "text": "auth_tan : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                            "index": 12
+                          },
+                          "region": {
+                            "start_line": 66,
+                            "start_column": 60,
+                            "end_line": 66,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Failure to use HTTPS or SFTP URL in Maven artifact upload/download"
+                "region": {
+                  "start_line": 54,
+                  "start_column": 35,
+                  "end_line": 54,
+                  "end_column": 60
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Failing to check the Json Web Token (JWT) signature may allow an attacker to forge their own tokens."
-                },
-                "help": {
-                  "markdown": "# Missing JWT signature check\nA JSON Web Token (JWT) consists of three parts: header, payload, and signature. The `io.jsonwebtoken.jjwt` library is one of many libraries used for working with JWTs. It offers different methods for parsing tokens like `parse`, `parseClaimsJws`, and `parsePlaintextJws`. The last two correctly verify that the JWT is properly signed. This is done by computing the signature of the combination of header and payload and comparing the locally computed signature with the signature part of the JWT.\n\nTherefore it is necessary to provide the `JwtParser` with a key that is used for signature validation. Unfortunately the `parse` method **accepts** a JWT whose signature is empty although a signing key has been set for the parser. This means that an attacker can create arbitrary JWTs that will be accepted if this method is used.\n\n\n## Recommendation\nAlways verify the signature by using either the `parseClaimsJws` and `parsePlaintextJws` methods or by overriding the `onPlaintextJws` or `onClaimsJws` of `JwtHandlerAdapter`.\n\n\n## Example\nThe following example shows four cases where a signing key is set for a parser. In the first 'BAD' case the `parse` method is used, which will not validate the signature. The second 'BAD' case uses a `JwtHandlerAdapter` where the `onPlaintextJwt` method is overriden, so it will not validate the signature. The third and fourth 'GOOD' cases use `parseClaimsJws` method or override the `onPlaintextJws` method.\n\n\n```java\npublic void badJwt(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(token); // BAD: Does not verify the signature\n}\n\npublic void badJwtHandler(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(plaintextJwt, new JwtHandlerAdapter<Jwt<Header, String>>() {\n                    @Override\n                    public Jwt<Header, String> onPlaintextJwt(Jwt<Header, String> jwt) {\n                        return jwt;\n                    }\n                }); // BAD: The handler is called on an unverified JWT\n}\n\npublic void goodJwt(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parseClaimsJws(token) // GOOD: Verify the signature\n                .getBody();\n}\n\npublic void goodJwtHandler(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(plaintextJwt, new JwtHandlerAdapter<Jws<String>>() {\n                    @Override\n                    public Jws<String> onPlaintextJws(Jws<String> jws) {\n                        return jws;\n                    }\n                }); // GOOD: The handler is called on a verified JWS\n}\n```\n\n## References\n* zofrex: [How I Found An alg=none JWT Vulnerability in the NHS Contact Tracing App](https://www.zofrex.com/blog/2020/10/20/alg-none-jwt-nhs-contact-tracing-app/).\n* Common Weakness Enumeration: [CWE-347](https://cwe.mitre.org/data/definitions/347.html).\n",
-                  "text": "# Missing JWT signature check\nA JSON Web Token (JWT) consists of three parts: header, payload, and signature. The `io.jsonwebtoken.jjwt` library is one of many libraries used for working with JWTs. It offers different methods for parsing tokens like `parse`, `parseClaimsJws`, and `parsePlaintextJws`. The last two correctly verify that the JWT is properly signed. This is done by computing the signature of the combination of header and payload and comparing the locally computed signature with the signature part of the JWT.\n\nTherefore it is necessary to provide the `JwtParser` with a key that is used for signature validation. Unfortunately the `parse` method **accepts** a JWT whose signature is empty although a signing key has been set for the parser. This means that an attacker can create arbitrary JWTs that will be accepted if this method is used.\n\n\n## Recommendation\nAlways verify the signature by using either the `parseClaimsJws` and `parsePlaintextJws` methods or by overriding the `onPlaintextJws` or `onClaimsJws` of `JwtHandlerAdapter`.\n\n\n## Example\nThe following example shows four cases where a signing key is set for a parser. In the first 'BAD' case the `parse` method is used, which will not validate the signature. The second 'BAD' case uses a `JwtHandlerAdapter` where the `onPlaintextJwt` method is overriden, so it will not validate the signature. The third and fourth 'GOOD' cases use `parseClaimsJws` method or override the `onPlaintextJws` method.\n\n\n```java\npublic void badJwt(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(token); // BAD: Does not verify the signature\n}\n\npublic void badJwtHandler(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(plaintextJwt, new JwtHandlerAdapter<Jwt<Header, String>>() {\n                    @Override\n                    public Jwt<Header, String> onPlaintextJwt(Jwt<Header, String> jwt) {\n                        return jwt;\n                    }\n                }); // BAD: The handler is called on an unverified JWT\n}\n\npublic void goodJwt(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parseClaimsJws(token) // GOOD: Verify the signature\n                .getBody();\n}\n\npublic void goodJwtHandler(String token) {\n    Jwts.parserBuilder()\n                .setSigningKey(\"someBase64EncodedKey\").build()\n                .parse(plaintextJwt, new JwtHandlerAdapter<Jws<String>>() {\n                    @Override\n                    public Jws<String> onPlaintextJws(Jws<String> jws) {\n                        return jws;\n                    }\n                }); // GOOD: The handler is called on a verified JWS\n}\n```\n\n## References\n* zofrex: [How I Found An alg=none JWT Vulnerability in the NHS Contact Tracing App](https://www.zofrex.com/blog/2020/10/20/alg-none-jwt-nhs-contact-tracing-app/).\n* Common Weakness Enumeration: [CWE-347](https://cwe.mitre.org/data/definitions/347.html).\n"
-                },
-                "id": "java/missing-jwt-signature-check",
-                "name": "java/missing-jwt-signature-check",
-                "properties": {
-                  "security-severity": "7.800000",
-                  "tags": [
-                    "external/cwe/cwe-347",
-                    "security"
-                  ]
+              "message": {
+                "text": "this user input"
+              }
+            },
+            {
+              "id": 2,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson8.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Missing JWT signature check"
+                "region": {
+                  "start_line": 54,
+                  "start_column": 62,
+                  "end_line": 54,
+                  "end_column": 91
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Evaluation of a user-controlled MVEL expression may lead to remote code execution."
-                },
-                "help": {
-                  "markdown": "# Expression language injection (MVEL)\nMVEL is an expression language based on Java-syntax, which offers many features including invocation of methods available in the JVM. If a MVEL expression is built using attacker-controlled data, and then evaluated, then it may allow attackers to run arbitrary code.\n\n\n## Recommendation\nIncluding user input in a MVEL expression should be avoided.\n\n\n## Example\nIn the following sample, the first example uses untrusted data to build a MVEL expression and then runs it in the default context. In the second example, the untrusted data is validated with a custom method that checks that the expression does not contain unexpected code before evaluating it.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n    new InputStreamReader(socket.getInputStream()))) {\n  \n    String expression = reader.readLine();\n    // BAD: the user-provided expression is directly evaluated\n    MVEL.eval(expression);\n  }\n}\n\npublic void safeEvaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n    new InputStreamReader(socket.getInputStream()))) {\n  \n    String expression = reader.readLine();\n    // GOOD: the user-provided expression is validated before evaluation\n    validateExpression(expression);\n    MVEL.eval(expression);\n  }\n}\n\nprivate void validateExpression(String expression) {\n  // Validate that the expression does not contain unexpected code.\n  // For instance, this can be done with allow-lists or deny-lists of code patterns.\n}\n```\n\n## References\n* MVEL Documentation: [Language Guide for 2.0](http://mvel.documentnode.com/).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n",
-                  "text": "# Expression language injection (MVEL)\nMVEL is an expression language based on Java-syntax, which offers many features including invocation of methods available in the JVM. If a MVEL expression is built using attacker-controlled data, and then evaluated, then it may allow attackers to run arbitrary code.\n\n\n## Recommendation\nIncluding user input in a MVEL expression should be avoided.\n\n\n## Example\nIn the following sample, the first example uses untrusted data to build a MVEL expression and then runs it in the default context. In the second example, the untrusted data is validated with a custom method that checks that the expression does not contain unexpected code before evaluating it.\n\n\n```java\npublic void evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n    new InputStreamReader(socket.getInputStream()))) {\n  \n    String expression = reader.readLine();\n    // BAD: the user-provided expression is directly evaluated\n    MVEL.eval(expression);\n  }\n}\n\npublic void safeEvaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n    new InputStreamReader(socket.getInputStream()))) {\n  \n    String expression = reader.readLine();\n    // GOOD: the user-provided expression is validated before evaluation\n    validateExpression(expression);\n    MVEL.eval(expression);\n  }\n}\n\nprivate void validateExpression(String expression) {\n  // Validate that the expression does not contain unexpected code.\n  // For instance, this can be done with allow-lists or deny-lists of code patterns.\n}\n```\n\n## References\n* MVEL Documentation: [Language Guide for 2.0](http://mvel.documentnode.com/).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n"
+              "message": {
+                "text": "this user input"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 9,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/9"
+          }
+        },
+        {
+          "rule": {
+            "index": 28,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Query might include code from [this user input](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java",
+                  "index": 13
                 },
-                "id": "java/mvel-expression-injection",
-                "name": "java/mvel-expression-injection",
-                "properties": {
-                  "tags": [
-                    "external/cwe/cwe-094",
-                    "security"
+                "region": {
+                  "start_line": 58,
+                  "start_column": 67,
+                  "end_line": 58,
+                  "end_column": 78
+                }
+              }
+            }
+          ],
+          "guid": "696d0c3b-11e2-424f-9475-99faa7f8e016",
+          "correlation_guid": "e1dde0ca-f78f-43f1-a434-b7b036ef6ccd",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "c54383daa06514cd:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java",
+                            "index": 13
+                          },
+                          "region": {
+                            "start_line": 51,
+                            "start_column": 35,
+                            "end_line": 51,
+                            "end_column": 62
+                          }
+                        },
+                        "message": {
+                          "text": "userid : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java",
+                            "index": 13
+                          },
+                          "region": {
+                            "start_line": 52,
+                            "start_column": 45,
+                            "end_line": 52,
+                            "end_column": 51
+                          }
+                        },
+                        "message": {
+                          "text": "userid : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java",
+                            "index": 13
+                          },
+                          "region": {
+                            "start_line": 55,
+                            "start_column": 64,
+                            "end_line": 55,
+                            "end_column": 82
+                          }
+                        },
+                        "message": {
+                          "text": "accountName : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java",
+                            "index": 13
+                          },
+                          "region": {
+                            "start_line": 58,
+                            "start_column": 67,
+                            "end_line": 58,
+                            "end_column": 78
+                          }
+                        },
+                        "message": {
+                          "text": "queryString"
+                        }
+                      }
+                    }
                   ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5b.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Expression language injection (MVEL)"
+                "region": {
+                  "start_line": 51,
+                  "start_column": 35,
+                  "end_line": 51,
+                  "end_column": 62
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Disabling HTTP header validation makes code vulnerable to attack by header splitting if user input is written directly to an HTTP header."
-                },
-                "help": {
-                  "markdown": "# Disabled Netty HTTP header validation\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability. If the user input includes blank lines in it, and if the servlet container does not itself escape the blank lines, then a remote user can cause the response to turn into two separate responses, one of which is controlled by the remote user.\n\n\n## Recommendation\nGuard against HTTP header splitting in the same way as guarding against cross-site scripting. Before passing any data into HTTP headers, either check the data for special characters, or escape any special characters that are present.\n\n\n## Example\nThe following example shows the 'name' parameter being written to a cookie in two different ways. The first way writes it directly to the cookie, and thus is vulnerable to response-splitting attacks. The second way first removes all special characters, thus avoiding the potential problem.\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: setting a cookie with an unvalidated parameter\n\t\tCookie cookie = new Cookie(\"name\", request.getParameter(\"name\"));\n\t\tresponse.addCookie(cookie);\n\n\t\t// GOOD: remove special characters before putting them in the header\n\t\tString name = removeSpecial(request.getParameter(\"name\"));\n\t\tCookie cookie2 = new Cookie(\"name\", name);\n\t\tresponse.addCookie(cookie2);\n\t}\n\n\tprivate static String removeSpecial(String str) {\n\t\treturn str.replaceAll(\"[^a-zA-Z ]\", \"\");\n\t}\n}\n\n```\n\n## Example\nThe following example shows the use of the library 'netty' with HTTP response-splitting verification configurations. The second way will verify the parameters before using them to build the HTTP response.\n\n\n```java\nimport io.netty.handler.codec.http.DefaultHttpHeaders;\n\npublic class ResponseSplitting {\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpHeaders badHeaders = new DefaultHttpHeaders(false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpHeaders goodHeaders = new DefaultHttpHeaders();\n\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpResponse badResponse = new DefaultHttpResponse(version, httpResponseStatus, false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpResponse goodResponse = new DefaultHttpResponse(version, httpResponseStatus);\n}\n\n```\n\n## References\n* InfosecWriters: [HTTP response splitting](http://www.infosecwriters.com/Papers/DCrab_HTTP_Response.pdf).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n",
-                  "text": "# Disabled Netty HTTP header validation\nDirectly writing user input (for example, an HTTP request parameter) to an HTTP header can lead to an HTTP response-splitting vulnerability. If the user input includes blank lines in it, and if the servlet container does not itself escape the blank lines, then a remote user can cause the response to turn into two separate responses, one of which is controlled by the remote user.\n\n\n## Recommendation\nGuard against HTTP header splitting in the same way as guarding against cross-site scripting. Before passing any data into HTTP headers, either check the data for special characters, or escape any special characters that are present.\n\n\n## Example\nThe following example shows the 'name' parameter being written to a cookie in two different ways. The first way writes it directly to the cookie, and thus is vulnerable to response-splitting attacks. The second way first removes all special characters, thus avoiding the potential problem.\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: setting a cookie with an unvalidated parameter\n\t\tCookie cookie = new Cookie(\"name\", request.getParameter(\"name\"));\n\t\tresponse.addCookie(cookie);\n\n\t\t// GOOD: remove special characters before putting them in the header\n\t\tString name = removeSpecial(request.getParameter(\"name\"));\n\t\tCookie cookie2 = new Cookie(\"name\", name);\n\t\tresponse.addCookie(cookie2);\n\t}\n\n\tprivate static String removeSpecial(String str) {\n\t\treturn str.replaceAll(\"[^a-zA-Z ]\", \"\");\n\t}\n}\n\n```\n\n## Example\nThe following example shows the use of the library 'netty' with HTTP response-splitting verification configurations. The second way will verify the parameters before using them to build the HTTP response.\n\n\n```java\nimport io.netty.handler.codec.http.DefaultHttpHeaders;\n\npublic class ResponseSplitting {\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpHeaders badHeaders = new DefaultHttpHeaders(false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpHeaders goodHeaders = new DefaultHttpHeaders();\n\n    // BAD: Disables the internal response splitting verification\n    private final DefaultHttpResponse badResponse = new DefaultHttpResponse(version, httpResponseStatus, false);\n\n    // GOOD: Verifies headers passed don't contain CRLF characters\n    private final DefaultHttpResponse goodResponse = new DefaultHttpResponse(version, httpResponseStatus);\n}\n\n```\n\n## References\n* InfosecWriters: [HTTP response splitting](http://www.infosecwriters.com/Papers/DCrab_HTTP_Response.pdf).\n* OWASP: [HTTP Response Splitting](https://www.owasp.org/index.php/HTTP_Response_Splitting).\n* Wikipedia: [HTTP response splitting](http://en.wikipedia.org/wiki/HTTP_response_splitting).\n* Common Weakness Enumeration: [CWE-113](https://cwe.mitre.org/data/definitions/113.html).\n"
+              "message": {
+                "text": "this user input"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 8,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/8"
+          }
+        },
+        {
+          "rule": {
+            "index": 28,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Query might include code from [this user input](1).\nQuery might include code from [this user input](2).\nQuery might include code from [this user input](3)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                  "index": 14
                 },
-                "id": "java/netty-http-response-splitting",
-                "name": "java/netty-http-response-splitting",
-                "properties": {
-                  "security-severity": "6.100000",
-                  "tags": [
-                    "external/cwe/cwe-113",
-                    "security"
+                "region": {
+                  "start_line": 62,
+                  "start_column": 60,
+                  "end_line": 62,
+                  "end_column": 65
+                }
+              }
+            }
+          ],
+          "guid": "dc73f396-4b6c-4d76-8fa6-0868c8ef61ee",
+          "correlation_guid": "19fc92ea-119e-4db5-874a-a9406524dd8b",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "2b95e3c48ba92cd0:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 53,
+                            "start_column": 35,
+                            "end_line": 53,
+                            "end_column": 63
+                          }
+                        },
+                        "message": {
+                          "text": "account : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 54,
+                            "start_column": 32,
+                            "end_line": 54,
+                            "end_column": 74
+                          }
+                        },
+                        "message": {
+                          "text": "... + ... : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 57,
+                            "start_column": 44,
+                            "end_line": 57,
+                            "end_column": 62
+                          }
+                        },
+                        "message": {
+                          "text": "accountName : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 62,
+                            "start_column": 60,
+                            "end_line": 62,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "Disabled Netty HTTP header validation"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Evaluation of OGNL Expression Language statement with user-controlled input can lead to execution of arbitrary code."
-                },
-                "help": {
-                  "markdown": "# OGNL Expression Language statement with user-controlled input\nObject-Graph Navigation Language (OGNL) is an open-source Expression Language (EL) for Java. OGNL can create or change executable code, consequently it can introduce critical security flaws to any application that uses it. Evaluation of unvalidated expressions is a common flaw in OGNL. This exposes the properties of Java objects to modification by an attacker and may allow them to execute arbitrary code.\n\n\n## Recommendation\nThe general recommendation is to avoid evaluating untrusted ONGL expressions. If user-provided OGNL expressions must be evaluated, do this in a sandbox and validate the expressions before evaluation.\n\n\n## Example\nIn the following examples, the code accepts an OGNL expression from the user and evaluates it.\n\nIn the first example, the user-provided OGNL expression is parsed and evaluated.\n\nThe second example validates the expression and evaluates it inside a sandbox. You can add a sandbox by setting a system property, as shown in the example, or by adding `-Dognl.security.manager` to JVM arguments.\n\n\n```java\nimport ognl.Ognl;\nimport ognl.OgnlException;\n\npublic void evaluate(HttpServletRequest request, Object root) throws OgnlException {\n  String expression = request.getParameter(\"expression\");\n\n  // BAD: User provided expression is evaluated\n  Ognl.getValue(expression, root);\n  \n  // GOOD: The name is validated and expression is evaluated in sandbox\n  System.setProperty(\"ognl.security.manager\", \"\"); // Or add -Dognl.security.manager to JVM args\n  if (isValid(expression)) {\n    Ognl.getValue(expression, root);\n  } else {\n    // Reject the request\n  }\n}\n\npublic void isValid(Strig expression) {\n  // Custom method to validate the expression.\n  // For instance, make sure it doesn't include unexpected code.\n}\n\n```\n\n## References\n* Apache Commons: [Apache Commons OGNL](https://commons.apache.org/proper/commons-ognl/).\n* Struts security: [Proactively protect from OGNL Expression Injections attacks](https://struts.apache.org/security/#proactively-protect-from-ognl-expression-injections-attacks-if-easily-applicable).\n* Common Weakness Enumeration: [CWE-917](https://cwe.mitre.org/data/definitions/917.html).\n",
-                  "text": "# OGNL Expression Language statement with user-controlled input\nObject-Graph Navigation Language (OGNL) is an open-source Expression Language (EL) for Java. OGNL can create or change executable code, consequently it can introduce critical security flaws to any application that uses it. Evaluation of unvalidated expressions is a common flaw in OGNL. This exposes the properties of Java objects to modification by an attacker and may allow them to execute arbitrary code.\n\n\n## Recommendation\nThe general recommendation is to avoid evaluating untrusted ONGL expressions. If user-provided OGNL expressions must be evaluated, do this in a sandbox and validate the expressions before evaluation.\n\n\n## Example\nIn the following examples, the code accepts an OGNL expression from the user and evaluates it.\n\nIn the first example, the user-provided OGNL expression is parsed and evaluated.\n\nThe second example validates the expression and evaluates it inside a sandbox. You can add a sandbox by setting a system property, as shown in the example, or by adding `-Dognl.security.manager` to JVM arguments.\n\n\n```java\nimport ognl.Ognl;\nimport ognl.OgnlException;\n\npublic void evaluate(HttpServletRequest request, Object root) throws OgnlException {\n  String expression = request.getParameter(\"expression\");\n\n  // BAD: User provided expression is evaluated\n  Ognl.getValue(expression, root);\n  \n  // GOOD: The name is validated and expression is evaluated in sandbox\n  System.setProperty(\"ognl.security.manager\", \"\"); // Or add -Dognl.security.manager to JVM args\n  if (isValid(expression)) {\n    Ognl.getValue(expression, root);\n  } else {\n    // Reject the request\n  }\n}\n\npublic void isValid(Strig expression) {\n  // Custom method to validate the expression.\n  // For instance, make sure it doesn't include unexpected code.\n}\n\n```\n\n## References\n* Apache Commons: [Apache Commons OGNL](https://commons.apache.org/proper/commons-ognl/).\n* Struts security: [Proactively protect from OGNL Expression Injections attacks](https://struts.apache.org/security/#proactively-protect-from-ognl-expression-injections-attacks-if-easily-applicable).\n* Common Weakness Enumeration: [CWE-917](https://cwe.mitre.org/data/definitions/917.html).\n"
-                },
-                "id": "java/ognl-injection",
-                "name": "java/ognl-injection",
-                "properties": {
-                  "tags": [
-                    "external/cwe/cwe-917",
-                    "security"
+              ]
+            },
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 53,
+                            "start_column": 65,
+                            "end_line": 53,
+                            "end_column": 94
+                          }
+                        },
+                        "message": {
+                          "text": "operator : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 54,
+                            "start_column": 32,
+                            "end_line": 54,
+                            "end_column": 74
+                          }
+                        },
+                        "message": {
+                          "text": "... + ... : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 57,
+                            "start_column": 44,
+                            "end_line": 57,
+                            "end_column": 62
+                          }
+                        },
+                        "message": {
+                          "text": "accountName : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 62,
+                            "start_column": 60,
+                            "end_line": 62,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "OGNL Expression Language statement with user-controlled input"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Accessing paths influenced by users can allow an attacker to access unexpected resources."
-                },
-                "help": {
-                  "markdown": "# Uncontrolled data used in path expression\nAccessing paths controlled by users can allow an attacker to access unexpected resources. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\nPaths that are naively constructed from data controlled by a user may contain unexpected special characters, such as \"..\". Such a path may potentially point to any directory on the file system.\n\n\n## Recommendation\nValidate user input before using it to construct a file path. Ideally, follow these rules:\n\n* Do not allow more than a single \".\" character.\n* Do not allow directory separators such as \"/\" or \"\\\\\" (depending on the file system).\n* Do not rely on simply replacing problematic sequences such as \"../\". For example, after applying this filter to \".../...//\" the resulting string would still be \"../\".\n* Ideally use a whitelist of known good patterns.\n\n## Example\nIn this example, a file name is read from a `java.net.Socket` and then used to access a file in the user's home directory and send it back over the socket. However, a malicious user could enter a file name which contains special characters. For example, the string \"../../etc/passwd\" will result in the code reading the file located at \"/home/\\[user\\]/../../etc/passwd\", which is the system's password file. This file would then be sent back to the user, giving them access to all the system's passwords.\n\n\n```java\npublic void sendUserFile(Socket sock, String user) {\n\tBufferedReader filenameReader = new BufferedReader(\n\t\t\tnew InputStreamReader(sock.getInputStream(), \"UTF-8\"));\n\tString filename = filenameReader.readLine();\n\t// BAD: read from a file using a path controlled by the user\n\tBufferedReader fileReader = new BufferedReader(\n\t\t\tnew FileReader(\"/home/\" + user + \"/\" + filename));\n\tString fileLine = fileReader.readLine();\n\twhile(fileLine != null) {\n\t\tsock.getOutputStream().write(fileLine.getBytes());\n\t\tfileLine = fileReader.readLine();\n\t}\n}\n\npublic void sendUserFileFixed(Socket sock, String user) {\n\t// ...\n\t\n\t// GOOD: remove all dots and directory delimiters from the filename before using\n\tString filename = filenameReader.readLine().replaceAll(\"\\.\", \"\").replaceAll(\"/\", \"\");\n\tBufferedReader fileReader = new BufferedReader(\n\t\t\tnew FileReader(\"/home/\" + user + \"/\" + filename));\n\n\t// ...\n}\n```\n\n## References\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n* Common Weakness Enumeration: [CWE-23](https://cwe.mitre.org/data/definitions/23.html).\n* Common Weakness Enumeration: [CWE-36](https://cwe.mitre.org/data/definitions/36.html).\n* Common Weakness Enumeration: [CWE-73](https://cwe.mitre.org/data/definitions/73.html).\n",
-                  "text": "# Uncontrolled data used in path expression\nAccessing paths controlled by users can allow an attacker to access unexpected resources. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\nPaths that are naively constructed from data controlled by a user may contain unexpected special characters, such as \"..\". Such a path may potentially point to any directory on the file system.\n\n\n## Recommendation\nValidate user input before using it to construct a file path. Ideally, follow these rules:\n\n* Do not allow more than a single \".\" character.\n* Do not allow directory separators such as \"/\" or \"\\\\\" (depending on the file system).\n* Do not rely on simply replacing problematic sequences such as \"../\". For example, after applying this filter to \".../...//\" the resulting string would still be \"../\".\n* Ideally use a whitelist of known good patterns.\n\n## Example\nIn this example, a file name is read from a `java.net.Socket` and then used to access a file in the user's home directory and send it back over the socket. However, a malicious user could enter a file name which contains special characters. For example, the string \"../../etc/passwd\" will result in the code reading the file located at \"/home/\\[user\\]/../../etc/passwd\", which is the system's password file. This file would then be sent back to the user, giving them access to all the system's passwords.\n\n\n```java\npublic void sendUserFile(Socket sock, String user) {\n\tBufferedReader filenameReader = new BufferedReader(\n\t\t\tnew InputStreamReader(sock.getInputStream(), \"UTF-8\"));\n\tString filename = filenameReader.readLine();\n\t// BAD: read from a file using a path controlled by the user\n\tBufferedReader fileReader = new BufferedReader(\n\t\t\tnew FileReader(\"/home/\" + user + \"/\" + filename));\n\tString fileLine = fileReader.readLine();\n\twhile(fileLine != null) {\n\t\tsock.getOutputStream().write(fileLine.getBytes());\n\t\tfileLine = fileReader.readLine();\n\t}\n}\n\npublic void sendUserFileFixed(Socket sock, String user) {\n\t// ...\n\t\n\t// GOOD: remove all dots and directory delimiters from the filename before using\n\tString filename = filenameReader.readLine().replaceAll(\"\\.\", \"\").replaceAll(\"/\", \"\");\n\tBufferedReader fileReader = new BufferedReader(\n\t\t\tnew FileReader(\"/home/\" + user + \"/\" + filename));\n\n\t// ...\n}\n```\n\n## References\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n* Common Weakness Enumeration: [CWE-23](https://cwe.mitre.org/data/definitions/23.html).\n* Common Weakness Enumeration: [CWE-36](https://cwe.mitre.org/data/definitions/36.html).\n* Common Weakness Enumeration: [CWE-73](https://cwe.mitre.org/data/definitions/73.html).\n"
-                },
-                "id": "java/path-injection",
-                "name": "java/path-injection",
-                "properties": {
-                  "security-severity": "7.500000",
-                  "tags": [
-                    "external/cwe/cwe-022",
-                    "external/cwe/cwe-023",
-                    "external/cwe/cwe-036",
-                    "external/cwe/cwe-073",
-                    "security"
+              ]
+            },
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 53,
+                            "start_column": 96,
+                            "end_line": 53,
+                            "end_column": 126
+                          }
+                        },
+                        "message": {
+                          "text": "injection : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 54,
+                            "start_column": 32,
+                            "end_line": 54,
+                            "end_column": 74
+                          }
+                        },
+                        "message": {
+                          "text": "... + ... : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 57,
+                            "start_column": 44,
+                            "end_line": 57,
+                            "end_column": 62
+                          }
+                        },
+                        "message": {
+                          "text": "accountName : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                            "index": 14
+                          },
+                          "region": {
+                            "start_line": 62,
+                            "start_column": 60,
+                            "end_line": 62,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "Uncontrolled data used in path expression"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Using a predictable seed in a pseudo-random number generator can lead to predictability of the numbers generated by it."
-                },
-                "help": {
-                  "markdown": "# Use of a predictable seed in a secure random number generator\nUsing a predictable seed in a pseudo-random number generator can lead to predictability of the numbers generated by it.\n\n\n## Recommendation\nIf the predictability of the pseudo-random number generator does not matter then consider using the faster `Random` class from `java.util`. If it is important that the pseudo-random number generator produces completely unpredictable values then either let the generator securely seed itself by not specifying a seed or specify a randomly generated, unpredictable seed.\n\n\n## Example\nIn the first example shown here, a constant value is used as a seed. Depending on the implementation of ` SecureRandom`, this could lead to the same random number being generated each time the code is executed.\n\nIn the second example shown here, the system time is used as a seed. Depending on the implementation of ` SecureRandom`, if an attacker knows what time the code was run, they could predict the generated random number.\n\nIn the third example shown here, the random number generator is allowed to generate its own seed, which it will do in a secure way.\n\n\n```java\nSecureRandom prng = new SecureRandom();\nint randomData = 0;\n\n// BAD: Using a constant value as a seed for a random number generator means all numbers it generates are predictable.\nprng.setSeed(12345L);\nrandomData = prng.next(32);\n\n// BAD: System.currentTimeMillis() returns the system time which is predictable.\nprng.setSeed(System.currentTimeMillis());\nrandomData = prng.next(32);\n\n// GOOD: SecureRandom implementations seed themselves securely by default.\nprng = new SecureRandom();\nrandomData = prng.next(32);\n\n```\n\n## References\n* Common Weakness Enumeration: [CWE-335](https://cwe.mitre.org/data/definitions/335.html).\n",
-                  "text": "# Use of a predictable seed in a secure random number generator\nUsing a predictable seed in a pseudo-random number generator can lead to predictability of the numbers generated by it.\n\n\n## Recommendation\nIf the predictability of the pseudo-random number generator does not matter then consider using the faster `Random` class from `java.util`. If it is important that the pseudo-random number generator produces completely unpredictable values then either let the generator securely seed itself by not specifying a seed or specify a randomly generated, unpredictable seed.\n\n\n## Example\nIn the first example shown here, a constant value is used as a seed. Depending on the implementation of ` SecureRandom`, this could lead to the same random number being generated each time the code is executed.\n\nIn the second example shown here, the system time is used as a seed. Depending on the implementation of ` SecureRandom`, if an attacker knows what time the code was run, they could predict the generated random number.\n\nIn the third example shown here, the random number generator is allowed to generate its own seed, which it will do in a secure way.\n\n\n```java\nSecureRandom prng = new SecureRandom();\nint randomData = 0;\n\n// BAD: Using a constant value as a seed for a random number generator means all numbers it generates are predictable.\nprng.setSeed(12345L);\nrandomData = prng.next(32);\n\n// BAD: System.currentTimeMillis() returns the system time which is predictable.\nprng.setSeed(System.currentTimeMillis());\nrandomData = prng.next(32);\n\n// GOOD: SecureRandom implementations seed themselves securely by default.\nprng = new SecureRandom();\nrandomData = prng.next(32);\n\n```\n\n## References\n* Common Weakness Enumeration: [CWE-335](https://cwe.mitre.org/data/definitions/335.html).\n"
-                },
-                "id": "java/predictable-seed",
-                "name": "java/predictable-seed",
-                "properties": {
-                  "security-severity": "9.800000",
-                  "tags": [
-                    "external/cwe/cwe-335",
-                    "security"
-                  ]
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Use of a predictable seed in a secure random number generator"
+                "region": {
+                  "start_line": 53,
+                  "start_column": 35,
+                  "end_line": 53,
+                  "end_column": 63
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Evaluation of a user-controlled Spring Expression Language (SpEL) expression may lead to remote code execution."
-                },
-                "help": {
-                  "markdown": "# Expression language injection (Spring)\nThe Spring Expression Language (SpEL) is a powerful expression language provided by the Spring Framework. The language offers many features including invocation of methods available in the JVM. If a SpEL expression is built using attacker-controlled data, and then evaluated in a powerful context, then it may allow the attacker to run arbitrary code.\n\nThe `SpelExpressionParser` class parses a SpEL expression string and returns an `Expression` instance that can be then evaluated by calling one of its methods. By default, an expression is evaluated in a powerful `StandardEvaluationContext` that allows the expression to access other methods available in the JVM.\n\n\n## Recommendation\nIn general, including user input in a SpEL expression should be avoided. If user input must be included in the expression, it should be then evaluated in a limited context that doesn't allow arbitrary method invocation.\n\n\n## Example\nThe following example uses untrusted data to build a SpEL expression and then runs it in the default powerful context.\n\n\n```java\npublic Object evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n      new InputStreamReader(socket.getInputStream()))) {\n\n    String string = reader.readLine();\n    ExpressionParser parser = new SpelExpressionParser();\n    Expression expression = parser.parseExpression(string);\n    return expression.getValue();\n  }\n}\n```\nThe next example shows how an untrusted SpEL expression can be run in `SimpleEvaluationContext` that doesn't allow accessing arbitrary methods. However, it's recommended to avoid using untrusted input in SpEL expressions.\n\n\n```java\npublic Object evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n      new InputStreamReader(socket.getInputStream()))) {\n\n    String string = reader.readLine();\n    ExpressionParser parser = new SpelExpressionParser();\n    Expression expression = parser.parseExpression(string);\n    SimpleEvaluationContext context \n        = SimpleEvaluationContext.forReadWriteDataBinding().build();\n    return expression.getValue(context);\n  }\n}\n```\n\n## References\n* Spring Framework Reference Documentation: [Spring Expression Language (SpEL)](https://docs.spring.io/spring/docs/4.2.x/spring-framework-reference/html/expressions.html).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n",
-                  "text": "# Expression language injection (Spring)\nThe Spring Expression Language (SpEL) is a powerful expression language provided by the Spring Framework. The language offers many features including invocation of methods available in the JVM. If a SpEL expression is built using attacker-controlled data, and then evaluated in a powerful context, then it may allow the attacker to run arbitrary code.\n\nThe `SpelExpressionParser` class parses a SpEL expression string and returns an `Expression` instance that can be then evaluated by calling one of its methods. By default, an expression is evaluated in a powerful `StandardEvaluationContext` that allows the expression to access other methods available in the JVM.\n\n\n## Recommendation\nIn general, including user input in a SpEL expression should be avoided. If user input must be included in the expression, it should be then evaluated in a limited context that doesn't allow arbitrary method invocation.\n\n\n## Example\nThe following example uses untrusted data to build a SpEL expression and then runs it in the default powerful context.\n\n\n```java\npublic Object evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n      new InputStreamReader(socket.getInputStream()))) {\n\n    String string = reader.readLine();\n    ExpressionParser parser = new SpelExpressionParser();\n    Expression expression = parser.parseExpression(string);\n    return expression.getValue();\n  }\n}\n```\nThe next example shows how an untrusted SpEL expression can be run in `SimpleEvaluationContext` that doesn't allow accessing arbitrary methods. However, it's recommended to avoid using untrusted input in SpEL expressions.\n\n\n```java\npublic Object evaluate(Socket socket) throws IOException {\n  try (BufferedReader reader = new BufferedReader(\n      new InputStreamReader(socket.getInputStream()))) {\n\n    String string = reader.readLine();\n    ExpressionParser parser = new SpelExpressionParser();\n    Expression expression = parser.parseExpression(string);\n    SimpleEvaluationContext context \n        = SimpleEvaluationContext.forReadWriteDataBinding().build();\n    return expression.getValue(context);\n  }\n}\n```\n\n## References\n* Spring Framework Reference Documentation: [Spring Expression Language (SpEL)](https://docs.spring.io/spring/docs/4.2.x/spring-framework-reference/html/expressions.html).\n* OWASP: [Expression Language Injection](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection).\n* Common Weakness Enumeration: [CWE-94](https://cwe.mitre.org/data/definitions/94.html).\n"
-                },
-                "id": "java/spel-expression-injection",
-                "name": "java/spel-expression-injection",
-                "properties": {
-                  "tags": [
-                    "external/cwe/cwe-094",
-                    "security"
-                  ]
+              "message": {
+                "text": "this user input"
+              }
+            },
+            {
+              "id": 2,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Expression language injection (Spring)"
+                "region": {
+                  "start_line": 53,
+                  "start_column": 65,
+                  "end_line": 53,
+                  "end_column": 94
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Disabling CSRF protection makes the application vulnerable to a Cross-Site Request Forgery (CSRF) attack."
-                },
-                "help": {
-                  "markdown": "# Disabled Spring CSRF protection\nWhen you set up a web server to receive a request from a client without any mechanism for verifying that it was intentionally sent, then it is vulnerable to attack. An attacker can trick a client into making an unintended request to the web server that will be treated as an authentic request. This can be done via a URL, image load, XMLHttpRequest, etc. and can result in exposure of data or unintended code execution.\n\n\n## Recommendation\nWhen you use Spring, Cross-Site Request Forgery (CSRF) protection is enabled by default. Spring's recommendation is to use CSRF protection for any request that could be processed by a browser client by normal users.\n\n\n## Example\nThe following example shows the Spring Java configuration with CSRF protection disabled. This type of configuration should only be used if you are creating a service that is used only by non-browser clients.\n\n\n```java\nimport org.springframework.context.annotation.Configuration;\nimport org.springframework.security.config.annotation.web.builders.HttpSecurity;\nimport org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;\nimport org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;\n\n@EnableWebSecurity\n@Configuration\npublic class WebSecurityConfig extends WebSecurityConfigurerAdapter {\n  @Override\n  protected void configure(HttpSecurity http) throws Exception {\n    http\n      .csrf(csrf ->\n        // BAD - CSRF protection shouldn't be disabled\n        csrf.disable() \n      );\n  }\n}\n\n```\n\n## References\n* OWASP: [Cross-Site Request Forgery (CSRF)](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)).\n* Spring Security Reference: [ Cross Site Request Forgery (CSRF) for Servlet Environments ](https://docs.spring.io/spring-security/site/docs/current/reference/html5/#servlet-csrf).\n* Common Weakness Enumeration: [CWE-352](https://cwe.mitre.org/data/definitions/352.html).\n",
-                  "text": "# Disabled Spring CSRF protection\nWhen you set up a web server to receive a request from a client without any mechanism for verifying that it was intentionally sent, then it is vulnerable to attack. An attacker can trick a client into making an unintended request to the web server that will be treated as an authentic request. This can be done via a URL, image load, XMLHttpRequest, etc. and can result in exposure of data or unintended code execution.\n\n\n## Recommendation\nWhen you use Spring, Cross-Site Request Forgery (CSRF) protection is enabled by default. Spring's recommendation is to use CSRF protection for any request that could be processed by a browser client by normal users.\n\n\n## Example\nThe following example shows the Spring Java configuration with CSRF protection disabled. This type of configuration should only be used if you are creating a service that is used only by non-browser clients.\n\n\n```java\nimport org.springframework.context.annotation.Configuration;\nimport org.springframework.security.config.annotation.web.builders.HttpSecurity;\nimport org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;\nimport org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;\n\n@EnableWebSecurity\n@Configuration\npublic class WebSecurityConfig extends WebSecurityConfigurerAdapter {\n  @Override\n  protected void configure(HttpSecurity http) throws Exception {\n    http\n      .csrf(csrf ->\n        // BAD - CSRF protection shouldn't be disabled\n        csrf.disable() \n      );\n  }\n}\n\n```\n\n## References\n* OWASP: [Cross-Site Request Forgery (CSRF)](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)).\n* Spring Security Reference: [ Cross Site Request Forgery (CSRF) for Servlet Environments ](https://docs.spring.io/spring-security/site/docs/current/reference/html5/#servlet-csrf).\n* Common Weakness Enumeration: [CWE-352](https://cwe.mitre.org/data/definitions/352.html).\n"
-                },
-                "id": "java/spring-disabled-csrf-protection",
-                "name": "java/spring-disabled-csrf-protection",
-                "properties": {
-                  "security-severity": "8.800000",
-                  "tags": [
-                    "external/cwe/cwe-352",
-                    "security"
-                  ]
+              "message": {
+                "text": "this user input"
+              }
+            },
+            {
+              "id": 3,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5a.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Disabled Spring CSRF protection"
+                "region": {
+                  "start_line": 53,
+                  "start_column": 96,
+                  "end_line": 53,
+                  "end_column": 126
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Building a SQL or Java Persistence query from user-controlled sources is vulnerable to insertion of malicious code by the user."
-                },
-                "help": {
-                  "markdown": "# Query built from user-controlled sources\nIf a database query is built using string concatenation, and the components of the concatenation include user input, a user is likely to be able to run malicious database queries. This applies to various database query languages, including SQL and the Java Persistence Query Language.\n\n\n## Recommendation\nUsually, it is better to use a SQL prepared statement than to build a complete SQL query with string concatenation. A prepared statement can include a wildcard, written as a question mark (?), for each part of the SQL query that is expected to be filled in by a different value each time it is run. When the query is later executed, a value must be supplied for each wildcard in the query.\n\nIn the Java Persistence Query Language, it is better to use queries with parameters than to build a complete query with string concatenation. A Java Persistence query can include a parameter placeholder for each part of the query that is expected to be filled in by a different value when run. A parameter placeholder may be indicated by a colon (:) followed by a parameter name, or by a question mark (?) followed by an integer position. When the query is later executed, a value must be supplied for each parameter in the query, using the `setParameter` method. Specifying the query using the `@NamedQuery` annotation introduces an additional level of safety: the query must be a constant string literal, preventing construction by string concatenation, and the only way to fill in values for parts of the query is by setting positional parameters.\n\nIt is good practice to use prepared statements (in SQL) or query parameters (in the Java Persistence Query Language) for supplying parameter values to a query, whether or not any of the parameters are directly traceable to user input. Doing so avoids any need to worry about quoting and escaping.\n\n\n## Example\nIn the following example, the code runs a simple SQL query in two different ways.\n\nThe first way involves building a query, `query1`, by concatenating an environment variable with some string literals. The environment variable can include special characters, so this code allows for SQL injection attacks.\n\nThe second way, which shows good practice, involves building a query, `query2`, with a single string literal that includes a wildcard (`?`). The wildcard is then given a value by calling `setString`. This version is immune to injection attacks, because any special characters in the environment variable are not given any special treatment.\n\n\n```java\n{\n    // BAD: the category might have SQL special characters in it\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Statement statement = connection.createStatement();\n    String query1 = \"SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='\"\n        + category + \"' ORDER BY PRICE\";\n    ResultSet results = statement.executeQuery(query1);\n}\n\n{\n    // GOOD: use a prepared query\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query2 = \"SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=? ORDER BY PRICE\";\n    PreparedStatement statement = connection.prepareStatement(query2);\n    statement.setString(1, category);\n    ResultSet results = statement.executeQuery();\n}\n```\n\n## Example\nThe following code shows several different ways to run a Java Persistence query.\n\nThe first example involves building a query, `query1`, by concatenating an environment variable with some string literals. Just like the SQL example, the environment variable can include special characters, so this code allows for Java Persistence query injection attacks.\n\nThe remaining examples demonstrate different methods for safely building a Java Persistence query with user-supplied values:\n\n1. `query2` uses a single string literal that includes a placeholder for a parameter, indicated by a colon (`:`) and parameter name (`category`).\n1. `query3` uses a single string literal that includes a placeholder for a parameter, indicated by a question mark (`?`) and position number (`1`).\n1. `namedQuery1` is defined using the `@NamedQuery` annotation, whose `query` attribute is a string literal that includes a placeholder for a parameter, indicated by a colon (`:`) and parameter name (`category`).\n1. `namedQuery2` is defined using the `@NamedQuery` annotation, whose `query` attribute includes a placeholder for a parameter, indicated by a question mark (`?`) and position number (`1`).\nThe parameter is then given a value by calling `setParameter`. These versions are immune to injection attacks, because any special characters in the environment variable or user-supplied value are not given any special treatment.\n\n\n```java\n{\n    // BAD: the category might have Java Persistence Query Language special characters in it\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Statement statement = connection.createStatement();\n    String query1 = \"SELECT p FROM Product p WHERE p.category LIKE '\"\n        + category + \"' ORDER BY p.price\";\n    Query q = entityManager.createQuery(query1);\n}\n\n{\n    // GOOD: use a named parameter and set its value\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query2 = \"SELECT p FROM Product p WHERE p.category LIKE :category ORDER BY p.price\"\n    Query q = entityManager.createQuery(query2);\n    q.setParameter(\"category\", category);\n}\n\n{\n    // GOOD: use a positional parameter and set its value\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query3 = \"SELECT p FROM Product p WHERE p.category LIKE ?1 ORDER BY p.price\"\n    Query q = entityManager.createQuery(query3);\n    q.setParameter(1, category);\n}\n\n{\n    // GOOD: use a named query with a named parameter and set its value\n    @NamedQuery(\n            name=\"lookupByCategory\",\n            query=\"SELECT p FROM Product p WHERE p.category LIKE :category ORDER BY p.price\")\n    private static class NQ {}\n    ...\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Query namedQuery1 = entityManager.createNamedQuery(\"lookupByCategory\");\n    namedQuery1.setParameter(\"category\", category);\n}\n\n{\n    // GOOD: use a named query with a positional parameter and set its value\n    @NamedQuery(\n            name=\"lookupByCategory\",\n            query=\"SELECT p FROM Product p WHERE p.category LIKE ?1 ORDER BY p.price\")\n    private static class NQ {}\n    ...\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Query namedQuery2 = entityManager.createNamedQuery(\"lookupByCategory\");\n    namedQuery2.setParameter(1, category);\n}\n```\n\n## References\n* OWASP: [SQL Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html).\n* SEI CERT Oracle Coding Standard for Java: [IDS00-J. Prevent SQL injection](https://wiki.sei.cmu.edu/confluence/display/java/IDS00-J.+Prevent+SQL+injection).\n* The Java Tutorials: [Using Prepared Statements](https://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html).\n* The Java EE Tutorial: [The Java Persistence Query Language](https://docs.oracle.com/javaee/7/tutorial/persistence-querylanguage.htm).\n* Common Weakness Enumeration: [CWE-89](https://cwe.mitre.org/data/definitions/89.html).\n* Common Weakness Enumeration: [CWE-564](https://cwe.mitre.org/data/definitions/564.html).\n",
-                  "text": "# Query built from user-controlled sources\nIf a database query is built using string concatenation, and the components of the concatenation include user input, a user is likely to be able to run malicious database queries. This applies to various database query languages, including SQL and the Java Persistence Query Language.\n\n\n## Recommendation\nUsually, it is better to use a SQL prepared statement than to build a complete SQL query with string concatenation. A prepared statement can include a wildcard, written as a question mark (?), for each part of the SQL query that is expected to be filled in by a different value each time it is run. When the query is later executed, a value must be supplied for each wildcard in the query.\n\nIn the Java Persistence Query Language, it is better to use queries with parameters than to build a complete query with string concatenation. A Java Persistence query can include a parameter placeholder for each part of the query that is expected to be filled in by a different value when run. A parameter placeholder may be indicated by a colon (:) followed by a parameter name, or by a question mark (?) followed by an integer position. When the query is later executed, a value must be supplied for each parameter in the query, using the `setParameter` method. Specifying the query using the `@NamedQuery` annotation introduces an additional level of safety: the query must be a constant string literal, preventing construction by string concatenation, and the only way to fill in values for parts of the query is by setting positional parameters.\n\nIt is good practice to use prepared statements (in SQL) or query parameters (in the Java Persistence Query Language) for supplying parameter values to a query, whether or not any of the parameters are directly traceable to user input. Doing so avoids any need to worry about quoting and escaping.\n\n\n## Example\nIn the following example, the code runs a simple SQL query in two different ways.\n\nThe first way involves building a query, `query1`, by concatenating an environment variable with some string literals. The environment variable can include special characters, so this code allows for SQL injection attacks.\n\nThe second way, which shows good practice, involves building a query, `query2`, with a single string literal that includes a wildcard (`?`). The wildcard is then given a value by calling `setString`. This version is immune to injection attacks, because any special characters in the environment variable are not given any special treatment.\n\n\n```java\n{\n    // BAD: the category might have SQL special characters in it\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Statement statement = connection.createStatement();\n    String query1 = \"SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='\"\n        + category + \"' ORDER BY PRICE\";\n    ResultSet results = statement.executeQuery(query1);\n}\n\n{\n    // GOOD: use a prepared query\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query2 = \"SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=? ORDER BY PRICE\";\n    PreparedStatement statement = connection.prepareStatement(query2);\n    statement.setString(1, category);\n    ResultSet results = statement.executeQuery();\n}\n```\n\n## Example\nThe following code shows several different ways to run a Java Persistence query.\n\nThe first example involves building a query, `query1`, by concatenating an environment variable with some string literals. Just like the SQL example, the environment variable can include special characters, so this code allows for Java Persistence query injection attacks.\n\nThe remaining examples demonstrate different methods for safely building a Java Persistence query with user-supplied values:\n\n1. `query2` uses a single string literal that includes a placeholder for a parameter, indicated by a colon (`:`) and parameter name (`category`).\n1. `query3` uses a single string literal that includes a placeholder for a parameter, indicated by a question mark (`?`) and position number (`1`).\n1. `namedQuery1` is defined using the `@NamedQuery` annotation, whose `query` attribute is a string literal that includes a placeholder for a parameter, indicated by a colon (`:`) and parameter name (`category`).\n1. `namedQuery2` is defined using the `@NamedQuery` annotation, whose `query` attribute includes a placeholder for a parameter, indicated by a question mark (`?`) and position number (`1`).\nThe parameter is then given a value by calling `setParameter`. These versions are immune to injection attacks, because any special characters in the environment variable or user-supplied value are not given any special treatment.\n\n\n```java\n{\n    // BAD: the category might have Java Persistence Query Language special characters in it\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Statement statement = connection.createStatement();\n    String query1 = \"SELECT p FROM Product p WHERE p.category LIKE '\"\n        + category + \"' ORDER BY p.price\";\n    Query q = entityManager.createQuery(query1);\n}\n\n{\n    // GOOD: use a named parameter and set its value\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query2 = \"SELECT p FROM Product p WHERE p.category LIKE :category ORDER BY p.price\"\n    Query q = entityManager.createQuery(query2);\n    q.setParameter(\"category\", category);\n}\n\n{\n    // GOOD: use a positional parameter and set its value\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    String query3 = \"SELECT p FROM Product p WHERE p.category LIKE ?1 ORDER BY p.price\"\n    Query q = entityManager.createQuery(query3);\n    q.setParameter(1, category);\n}\n\n{\n    // GOOD: use a named query with a named parameter and set its value\n    @NamedQuery(\n            name=\"lookupByCategory\",\n            query=\"SELECT p FROM Product p WHERE p.category LIKE :category ORDER BY p.price\")\n    private static class NQ {}\n    ...\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Query namedQuery1 = entityManager.createNamedQuery(\"lookupByCategory\");\n    namedQuery1.setParameter(\"category\", category);\n}\n\n{\n    // GOOD: use a named query with a positional parameter and set its value\n    @NamedQuery(\n            name=\"lookupByCategory\",\n            query=\"SELECT p FROM Product p WHERE p.category LIKE ?1 ORDER BY p.price\")\n    private static class NQ {}\n    ...\n    String category = System.getenv(\"ITEM_CATEGORY\");\n    Query namedQuery2 = entityManager.createNamedQuery(\"lookupByCategory\");\n    namedQuery2.setParameter(1, category);\n}\n```\n\n## References\n* OWASP: [SQL Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html).\n* SEI CERT Oracle Coding Standard for Java: [IDS00-J. Prevent SQL injection](https://wiki.sei.cmu.edu/confluence/display/java/IDS00-J.+Prevent+SQL+injection).\n* The Java Tutorials: [Using Prepared Statements](https://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html).\n* The Java EE Tutorial: [The Java Persistence Query Language](https://docs.oracle.com/javaee/7/tutorial/persistence-querylanguage.htm).\n* Common Weakness Enumeration: [CWE-89](https://cwe.mitre.org/data/definitions/89.html).\n* Common Weakness Enumeration: [CWE-564](https://cwe.mitre.org/data/definitions/564.html).\n"
-                },
-                "id": "java/sql-injection",
-                "name": "java/sql-injection",
-                "properties": {
-                  "security-severity": "8.800000",
-                  "tags": [
-                    "external/cwe/cwe-089",
-                    "external/cwe/cwe-564",
-                    "security"
-                  ]
+              "message": {
+                "text": "this user input"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 7,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/7"
+          }
+        },
+        {
+          "rule": {
+            "index": 28,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Query might include code from [this user input](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java",
+                  "index": 15
                 },
-                "shortDescription": {
-                  "text": "Query built from user-controlled sources"
+                "region": {
+                  "start_line": 72,
+                  "start_column": 40,
+                  "end_line": 72,
+                  "end_column": 45
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Making web requests based on unvalidated user-input may cause the server to communicate with malicious servers."
-                },
-                "help": {
-                  "markdown": "# Server-side request forgery\nDirectly incorporating user input into an HTTP request without validating the input can facilitate server-side request forgery (SSRF) attacks. In these attacks, the server may be tricked into making a request and interacting with an attacker-controlled server.\n\n\n## Recommendation\nTo guard against SSRF attacks, you should avoid putting user-provided input directly into a request URL. Instead, maintain a list of authorized URLs on the server; then choose from that list based on the input provided. Alternatively, ensure requests constructed from user input are limited to a particular host or more restrictive URL prefix.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly to form a new request without validating the input, which facilitates SSRF attacks. It also shows how to remedy the problem by validating the user input against a known fixed string.\n\n\n```java\nimport java.net.http.HttpClient;\n\npublic class SSRF extends HttpServlet {\n\tprivate static final String VALID_URI = \"http://lgtm.com\";\n\tprivate HttpClient client = HttpClient.newHttpClient();\n\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\t\tthrows ServletException, IOException {\n\t\tURI uri = new URI(request.getParameter(\"uri\"));\n\t\t// BAD: a request parameter is incorporated without validation into a Http request\n\t\tHttpRequest r = HttpRequest.newBuilder(uri).build();\n\t\tclient.send(r, null);\n\n\t\t// GOOD: the request parameter is validated against a known fixed string\n\t\tif (VALID_URI.equals(request.getParameter(\"uri\"))) {\n\t\t\tHttpRequest r2 = HttpRequest.newBuilder(uri).build();\n\t\t\tclient.send(r2, null);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* [OWASP SSRF](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n* Common Weakness Enumeration: [CWE-918](https://cwe.mitre.org/data/definitions/918.html).\n",
-                  "text": "# Server-side request forgery\nDirectly incorporating user input into an HTTP request without validating the input can facilitate server-side request forgery (SSRF) attacks. In these attacks, the server may be tricked into making a request and interacting with an attacker-controlled server.\n\n\n## Recommendation\nTo guard against SSRF attacks, you should avoid putting user-provided input directly into a request URL. Instead, maintain a list of authorized URLs on the server; then choose from that list based on the input provided. Alternatively, ensure requests constructed from user input are limited to a particular host or more restrictive URL prefix.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly to form a new request without validating the input, which facilitates SSRF attacks. It also shows how to remedy the problem by validating the user input against a known fixed string.\n\n\n```java\nimport java.net.http.HttpClient;\n\npublic class SSRF extends HttpServlet {\n\tprivate static final String VALID_URI = \"http://lgtm.com\";\n\tprivate HttpClient client = HttpClient.newHttpClient();\n\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\t\tthrows ServletException, IOException {\n\t\tURI uri = new URI(request.getParameter(\"uri\"));\n\t\t// BAD: a request parameter is incorporated without validation into a Http request\n\t\tHttpRequest r = HttpRequest.newBuilder(uri).build();\n\t\tclient.send(r, null);\n\n\t\t// GOOD: the request parameter is validated against a known fixed string\n\t\tif (VALID_URI.equals(request.getParameter(\"uri\"))) {\n\t\t\tHttpRequest r2 = HttpRequest.newBuilder(uri).build();\n\t\t\tclient.send(r2, null);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* [OWASP SSRF](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)\n* Common Weakness Enumeration: [CWE-918](https://cwe.mitre.org/data/definitions/918.html).\n"
-                },
-                "id": "java/ssrf",
-                "name": "java/ssrf",
-                "properties": {
-                  "security-severity": "9.100000",
-                  "tags": [
-                    "external/cwe/cwe-918",
-                    "security"
+              }
+            }
+          ],
+          "guid": "0d8a7cae-2cc4-409e-8034-e8e5afb61e20",
+          "correlation_guid": "3a93a5b9-6728-4c54-821b-8f16e9f62d47",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "31dcbb8961cbab44:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java",
+                            "index": 15
+                          },
+                          "region": {
+                            "start_line": 65,
+                            "start_column": 35,
+                            "end_line": 65,
+                            "end_column": 47
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java",
+                            "index": 15
+                          },
+                          "region": {
+                            "start_line": 66,
+                            "start_column": 32,
+                            "end_line": 66,
+                            "end_column": 37
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java",
+                            "index": 15
+                          },
+                          "region": {
+                            "start_line": 69,
+                            "start_column": 44,
+                            "end_line": 69,
+                            "end_column": 56
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java",
+                            "index": 15
+                          },
+                          "region": {
+                            "start_line": 72,
+                            "start_column": 40,
+                            "end_line": 72,
+                            "end_column": 45
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "Server-side request forgery"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Information from a stack trace propagates to an external user. Stack traces can unintentionally reveal implementation details that are useful to an attacker for developing a subsequent exploit."
-                },
-                "help": {
-                  "markdown": "# Information exposure through a stack trace\nSoftware developers often add stack traces to error messages, as a debugging aid. Whenever that error message occurs for an end user, the developer can use the stack trace to help identify how to fix the problem. In particular, stack traces can tell the developer more about the sequence of events that led to a failure, as opposed to merely the final state of the software when the error occurred.\n\nUnfortunately, the same information can be useful to an attacker. The sequence of class names in a stack trace can reveal the structure of the application as well as any internal components it relies on. Furthermore, the error message at the top of a stack trace can include information such as server-side file names and SQL code that the application relies on, allowing an attacker to fine-tune a subsequent injection attack.\n\n\n## Recommendation\nSend the user a more generic error message that reveals less information. Either suppress the stack trace entirely, or log it only on the server.\n\n\n## Example\nIn the following example, an exception is handled in two different ways. In the first version, labeled BAD, the exception is sent back to the remote user using the `sendError()` method. As such, the user is able to see a detailed stack trace, which may contain sensitive information. In the second version, the error message is logged only on the server. That way, the developers can still access and use the error log, but remote users will not see the information.\n\n\n```java\nprotected void doGet(HttpServletRequest request, HttpServletResponse response) {\n\ttry {\n\t\tdoSomeWork();\n\t} catch (NullPointerException ex) {\n\t\t// BAD: printing a stack trace back to the response\n\t\tex.printStackTrace(response.getWriter());\n\t\treturn;\n\t}\n\n\ttry {\n\t\tdoSomeWork();\n\t} catch (NullPointerException ex) {\n\t\t// GOOD: log the stack trace, and send back a non-revealing response\n\t\tlog(\"Exception occurred\", ex);\n\t\tresponse.sendError(\n\t\t\tHttpServletResponse.SC_INTERNAL_SERVER_ERROR,\n\t\t\t\"Exception occurred\");\n\t\treturn;\n\t}\n}\n\n```\n\n## References\n* OWASP: [Improper Error Handling](https://owasp.org/www-community/Improper_Error_Handling).\n* CERT Java Coding Standard: [ERR01-J. Do not allow exceptions to expose sensitive information](https://www.securecoding.cert.org/confluence/display/java/ERR01-J.+Do+not+allow+exceptions+to+expose+sensitive+information).\n* Common Weakness Enumeration: [CWE-209](https://cwe.mitre.org/data/definitions/209.html).\n* Common Weakness Enumeration: [CWE-497](https://cwe.mitre.org/data/definitions/497.html).\n",
-                  "text": "# Information exposure through a stack trace\nSoftware developers often add stack traces to error messages, as a debugging aid. Whenever that error message occurs for an end user, the developer can use the stack trace to help identify how to fix the problem. In particular, stack traces can tell the developer more about the sequence of events that led to a failure, as opposed to merely the final state of the software when the error occurred.\n\nUnfortunately, the same information can be useful to an attacker. The sequence of class names in a stack trace can reveal the structure of the application as well as any internal components it relies on. Furthermore, the error message at the top of a stack trace can include information such as server-side file names and SQL code that the application relies on, allowing an attacker to fine-tune a subsequent injection attack.\n\n\n## Recommendation\nSend the user a more generic error message that reveals less information. Either suppress the stack trace entirely, or log it only on the server.\n\n\n## Example\nIn the following example, an exception is handled in two different ways. In the first version, labeled BAD, the exception is sent back to the remote user using the `sendError()` method. As such, the user is able to see a detailed stack trace, which may contain sensitive information. In the second version, the error message is logged only on the server. That way, the developers can still access and use the error log, but remote users will not see the information.\n\n\n```java\nprotected void doGet(HttpServletRequest request, HttpServletResponse response) {\n\ttry {\n\t\tdoSomeWork();\n\t} catch (NullPointerException ex) {\n\t\t// BAD: printing a stack trace back to the response\n\t\tex.printStackTrace(response.getWriter());\n\t\treturn;\n\t}\n\n\ttry {\n\t\tdoSomeWork();\n\t} catch (NullPointerException ex) {\n\t\t// GOOD: log the stack trace, and send back a non-revealing response\n\t\tlog(\"Exception occurred\", ex);\n\t\tresponse.sendError(\n\t\t\tHttpServletResponse.SC_INTERNAL_SERVER_ERROR,\n\t\t\t\"Exception occurred\");\n\t\treturn;\n\t}\n}\n\n```\n\n## References\n* OWASP: [Improper Error Handling](https://owasp.org/www-community/Improper_Error_Handling).\n* CERT Java Coding Standard: [ERR01-J. Do not allow exceptions to expose sensitive information](https://www.securecoding.cert.org/confluence/display/java/ERR01-J.+Do+not+allow+exceptions+to+expose+sensitive+information).\n* Common Weakness Enumeration: [CWE-209](https://cwe.mitre.org/data/definitions/209.html).\n* Common Weakness Enumeration: [CWE-497](https://cwe.mitre.org/data/definitions/497.html).\n"
-                },
-                "id": "java/stack-trace-exposure",
-                "name": "java/stack-trace-exposure",
-                "properties": {
-                  "security-severity": "5.400000",
-                  "tags": [
-                    "external/cwe/cwe-209",
-                    "external/cwe/cwe-497",
-                    "security"
-                  ]
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson5.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Information exposure through a stack trace"
+                "region": {
+                  "start_line": 65,
+                  "start_column": 35,
+                  "end_line": 65,
+                  "end_column": 47
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "warning"
-                },
-                "fullDescription": {
-                  "text": "The total number of lines of code across all files. This is a useful metric of the size of a database. For all files that were seen during the build, this query counts the lines of code, excluding whitespace or comments."
-                },
-                "id": "java/summary/lines-of-code",
-                "name": "java/summary/lines-of-code",
-                "properties": {
-                  "tags": [
-                    "lines-of-code",
-                    "summary"
-                  ]
+              "message": {
+                "text": "this user input"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 6,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/6"
+          }
+        },
+        {
+          "rule": {
+            "index": 28,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Query might include code from [this user input](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java",
+                  "index": 16
                 },
-                "shortDescription": {
-                  "text": "Total lines of code in the database"
+                "region": {
+                  "start_line": 63,
+                  "start_column": 41,
+                  "end_line": 63,
+                  "end_column": 46
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Using external input in format strings can lead to exceptions or information leaks."
-                },
-                "help": {
-                  "markdown": "# Use of externally-controlled format string\nThe `String.format` method and related methods, like `PrintStream.printf` and `Formatter.format`, all accept a format string that is used to format the trailing arguments to the format call by providing inline format specifiers. If the format string contains unsanitized input from an untrusted source, then that string may contain extra format specifiers that cause an exception to be thrown or information to be leaked.\n\nThe Java standard library implementation for the format methods throws an exception if either the format specifier does not match the type of the argument, or if there are too few or too many arguments. If unsanitized input is used in the format string, it may contain invalid extra format specifiers which cause an exception to be thrown.\n\nPositional format specifiers may be used to access an argument to the format call by position. Unsanitized input in the format string may use a positional format specifier to access information that was not intended to be visible. For example, when formatting a Calendar instance we may intend to print only the year, but a user-specified format string may include a specifier to access the month and day.\n\n\n## Recommendation\nIf the argument passed as a format string is meant to be a plain string rather than a format string, then pass `%s` as the format string, and pass the original argument as the sole trailing argument.\n\n\n## Example\nThe following program is meant to check a card security code for a stored credit card:\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n  protected void doGet(HttpServletRequest request, HttpServletResponse response)\n  throws ServletException, IOException {\n    Calendar expirationDate = new GregorianCalendar(2017, GregorianCalendar.SEPTEMBER, 1);\n    // User provided value\n    String cardSecurityCode = request.getParameter(\"cardSecurityCode\");\n    \n    if (notValid(cardSecurityCode)) {\n      \n      /*\n       * BAD: user provided value is included in the format string.\n       * A malicious user could provide an extra format specifier, which causes an\n       * exception to be thrown. Or they could provide a %1$tm or %1$te format specifier to\n       * access the month or day of the expiration date.\n       */\n      System.out.format(cardSecurityCode +\n                          \" is not the right value. Hint: the card expires in %1$ty.\",\n                        expirationDate);\n      \n      // GOOD: %s is used to include the user-provided cardSecurityCode in the output\n      System.out.format(\"%s is not the right value. Hint: the card expires in %2$ty.\",\n                        cardSecurityCode,\n                        expirationDate);\n    }\n\n  }\n}\n```\nHowever, in the first format call it uses the cardSecurityCode provided by the user in a format string. If the user includes a format specifier in the cardSecurityCode field, they may be able to cause an exception to be thrown, or to be able to access extra information about the stored card expiration date.\n\nThe second format call shows the correct approach. The user-provided value is passed as an argument to the format call. This prevents any format specifiers in the user provided value from being evaluated.\n\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [IDS06-J. Exclude unsanitized user input from format strings](https://wiki.sei.cmu.edu/confluence/display/java/IDS06-J.+Exclude+unsanitized+user+input+from+format+strings).\n* The Java Tutorials: [Formatting Numeric Print Output](https://docs.oracle.com/javase/tutorial/java/data/numberformat.html).\n* Java API Specification: [Formatter](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/Formatter.html).\n* Common Weakness Enumeration: [CWE-134](https://cwe.mitre.org/data/definitions/134.html).\n",
-                  "text": "# Use of externally-controlled format string\nThe `String.format` method and related methods, like `PrintStream.printf` and `Formatter.format`, all accept a format string that is used to format the trailing arguments to the format call by providing inline format specifiers. If the format string contains unsanitized input from an untrusted source, then that string may contain extra format specifiers that cause an exception to be thrown or information to be leaked.\n\nThe Java standard library implementation for the format methods throws an exception if either the format specifier does not match the type of the argument, or if there are too few or too many arguments. If unsanitized input is used in the format string, it may contain invalid extra format specifiers which cause an exception to be thrown.\n\nPositional format specifiers may be used to access an argument to the format call by position. Unsanitized input in the format string may use a positional format specifier to access information that was not intended to be visible. For example, when formatting a Calendar instance we may intend to print only the year, but a user-specified format string may include a specifier to access the month and day.\n\n\n## Recommendation\nIf the argument passed as a format string is meant to be a plain string rather than a format string, then pass `%s` as the format string, and pass the original argument as the sole trailing argument.\n\n\n## Example\nThe following program is meant to check a card security code for a stored credit card:\n\n\n```java\npublic class ResponseSplitting extends HttpServlet {\n  protected void doGet(HttpServletRequest request, HttpServletResponse response)\n  throws ServletException, IOException {\n    Calendar expirationDate = new GregorianCalendar(2017, GregorianCalendar.SEPTEMBER, 1);\n    // User provided value\n    String cardSecurityCode = request.getParameter(\"cardSecurityCode\");\n    \n    if (notValid(cardSecurityCode)) {\n      \n      /*\n       * BAD: user provided value is included in the format string.\n       * A malicious user could provide an extra format specifier, which causes an\n       * exception to be thrown. Or they could provide a %1$tm or %1$te format specifier to\n       * access the month or day of the expiration date.\n       */\n      System.out.format(cardSecurityCode +\n                          \" is not the right value. Hint: the card expires in %1$ty.\",\n                        expirationDate);\n      \n      // GOOD: %s is used to include the user-provided cardSecurityCode in the output\n      System.out.format(\"%s is not the right value. Hint: the card expires in %2$ty.\",\n                        cardSecurityCode,\n                        expirationDate);\n    }\n\n  }\n}\n```\nHowever, in the first format call it uses the cardSecurityCode provided by the user in a format string. If the user includes a format specifier in the cardSecurityCode field, they may be able to cause an exception to be thrown, or to be able to access extra information about the stored card expiration date.\n\nThe second format call shows the correct approach. The user-provided value is passed as an argument to the format call. This prevents any format specifiers in the user provided value from being evaluated.\n\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [IDS06-J. Exclude unsanitized user input from format strings](https://wiki.sei.cmu.edu/confluence/display/java/IDS06-J.+Exclude+unsanitized+user+input+from+format+strings).\n* The Java Tutorials: [Formatting Numeric Print Output](https://docs.oracle.com/javase/tutorial/java/data/numberformat.html).\n* Java API Specification: [Formatter](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/Formatter.html).\n* Common Weakness Enumeration: [CWE-134](https://cwe.mitre.org/data/definitions/134.html).\n"
-                },
-                "id": "java/tainted-format-string",
-                "name": "java/tainted-format-string",
-                "properties": {
-                  "security-severity": "9.300000",
-                  "tags": [
-                    "external/cwe/cwe-134",
-                    "security"
+              }
+            }
+          ],
+          "guid": "cc2855cc-4d9e-4c5d-a070-502469570f91",
+          "correlation_guid": "6a76563a-8f5a-449f-8349-31bb71545891",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "70e3ff06f7af756a:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java",
+                            "index": 16
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 35,
+                            "end_line": 56,
+                            "end_column": 61
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java",
+                            "index": 16
+                          },
+                          "region": {
+                            "start_line": 57,
+                            "start_column": 32,
+                            "end_line": 57,
+                            "end_column": 37
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java",
+                            "index": 16
+                          },
+                          "region": {
+                            "start_line": 60,
+                            "start_column": 44,
+                            "end_line": 60,
+                            "end_column": 56
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java",
+                            "index": 16
+                          },
+                          "region": {
+                            "start_line": 63,
+                            "start_column": 41,
+                            "end_line": 63,
+                            "end_column": 46
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "Use of externally-controlled format string"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Casting user-controlled numeric data to a narrower type without validation can cause unexpected truncation."
-                },
-                "help": {
-                  "markdown": "# User-controlled data in numeric cast\nCasting a user-controlled numeric value to a narrower type can result in truncated values unless the input is validated.\n\nNarrowing conversions may cause potentially unintended results. For example, casting the positive integer value `128` to type `byte` yields the negative value `-128`.\n\n\n## Recommendation\nGuard against unexpected truncation of user-controlled arithmetic data by doing one of the following:\n\n* Validate the user input.\n* Define a guard on the cast expression, so that the cast is performed only if the input is known to be within the range of the resulting type.\n* Avoid casting to a narrower type, and instead continue to use a wider type.\n\n## Example\nIn this example, a value is read from standard input into a `long`. Because the value is a user-controlled value, it could be extremely large. Casting this value to a narrower type could therefore cause unexpected truncation. The `scaled2` example uses a guard to avoid this problem and checks the range of the input before performing the cast. If the value is too large to cast to type `int` it is rejected as invalid.\n\n\n```java\nclass Test {\n\tpublic static void main(String[] args) throws IOException {\n\t\t{\n\t\t\tlong data;\n\n\t\t\tBufferedReader readerBuffered = new BufferedReader(\n\t\t\t\t\tnew InputStreamReader(System.in, \"UTF-8\"));\n\t\t\tString stringNumber = readerBuffered.readLine();\n\t\t\tif (stringNumber != null) {\n\t\t\t\tdata = Long.parseLong(stringNumber.trim());\n\t\t\t} else {\n\t\t\t\tdata = 0;\n\t\t\t}\n\n\t\t\t// AVOID: potential truncation if input data is very large,\n\t\t\t// for example 'Long.MAX_VALUE'\n\t\t\tint scaled = (int)data;\n\n\t\t\t//...\n\n\t\t\t// GOOD: use a guard to ensure no truncation occurs\n\t\t\tint scaled2;\n\t\t\tif (data > Integer.MIN_VALUE && data < Integer.MAX_VALUE)\n\t\t\t\tscaled2 = (int)data;\n\t\t\telse\n\t\t\t\tthrow new IllegalArgumentException(\"Invalid input\");\n\t\t}\n\t}\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data](https://wiki.sei.cmu.edu/confluence/display/java/NUM12-J.+Ensure+conversions+of+numeric+types+to+narrower+types+do+not+result+in+lost+or+misinterpreted+data).\n* Common Weakness Enumeration: [CWE-197](https://cwe.mitre.org/data/definitions/197.html).\n* Common Weakness Enumeration: [CWE-681](https://cwe.mitre.org/data/definitions/681.html).\n",
-                  "text": "# User-controlled data in numeric cast\nCasting a user-controlled numeric value to a narrower type can result in truncated values unless the input is validated.\n\nNarrowing conversions may cause potentially unintended results. For example, casting the positive integer value `128` to type `byte` yields the negative value `-128`.\n\n\n## Recommendation\nGuard against unexpected truncation of user-controlled arithmetic data by doing one of the following:\n\n* Validate the user input.\n* Define a guard on the cast expression, so that the cast is performed only if the input is known to be within the range of the resulting type.\n* Avoid casting to a narrower type, and instead continue to use a wider type.\n\n## Example\nIn this example, a value is read from standard input into a `long`. Because the value is a user-controlled value, it could be extremely large. Casting this value to a narrower type could therefore cause unexpected truncation. The `scaled2` example uses a guard to avoid this problem and checks the range of the input before performing the cast. If the value is too large to cast to type `int` it is rejected as invalid.\n\n\n```java\nclass Test {\n\tpublic static void main(String[] args) throws IOException {\n\t\t{\n\t\t\tlong data;\n\n\t\t\tBufferedReader readerBuffered = new BufferedReader(\n\t\t\t\t\tnew InputStreamReader(System.in, \"UTF-8\"));\n\t\t\tString stringNumber = readerBuffered.readLine();\n\t\t\tif (stringNumber != null) {\n\t\t\t\tdata = Long.parseLong(stringNumber.trim());\n\t\t\t} else {\n\t\t\t\tdata = 0;\n\t\t\t}\n\n\t\t\t// AVOID: potential truncation if input data is very large,\n\t\t\t// for example 'Long.MAX_VALUE'\n\t\t\tint scaled = (int)data;\n\n\t\t\t//...\n\n\t\t\t// GOOD: use a guard to ensure no truncation occurs\n\t\t\tint scaled2;\n\t\t\tif (data > Integer.MIN_VALUE && data < Integer.MAX_VALUE)\n\t\t\t\tscaled2 = (int)data;\n\t\t\telse\n\t\t\t\tthrow new IllegalArgumentException(\"Invalid input\");\n\t\t}\n\t}\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data](https://wiki.sei.cmu.edu/confluence/display/java/NUM12-J.+Ensure+conversions+of+numeric+types+to+narrower+types+do+not+result+in+lost+or+misinterpreted+data).\n* Common Weakness Enumeration: [CWE-197](https://cwe.mitre.org/data/definitions/197.html).\n* Common Weakness Enumeration: [CWE-681](https://cwe.mitre.org/data/definitions/681.html).\n"
-                },
-                "id": "java/tainted-numeric-cast",
-                "name": "java/tainted-numeric-cast",
-                "properties": {
-                  "security-severity": "9.000000",
-                  "tags": [
-                    "external/cwe/cwe-197",
-                    "external/cwe/cwe-681",
-                    "security"
-                  ]
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson4.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "User-controlled data in numeric cast"
+                "region": {
+                  "start_line": 56,
+                  "start_column": 35,
+                  "end_line": 56,
+                  "end_column": 61
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Using user-controlled data in a permissions check may result in inappropriate permissions being granted."
-                },
-                "help": {
-                  "markdown": "# User-controlled data used in permissions check\nUsing user-controlled data in a permissions check may allow a user to gain unauthorized access to protected functionality or data.\n\n\n## Recommendation\nWhen checking whether a user is authorized for a particular activity, do not use data that is controlled by that user in the permissions check. If necessary, always validate the input, ideally against a fixed list of expected values.\n\nSimilarly, do not decide which permission to check for based on user data. In particular, avoid using computation to decide which permissions to check for. Use fixed permissions for particular actions, rather than generating the permission to check for.\n\n\n## Example\nThis example, using the Apache Shiro security framework, shows two ways to specify the permissions to check. The first way uses a string, `whatDoTheyWantToDo`, to specify the permissions to check. However, this string is built from user input. This can allow an attacker to force a check against a permission that they know they have, rather than the permission that should be checked. For example, while trying to access the account details of another user, the attacker could force the system to check whether they had permissions to access their *own* account details, which is incorrect, and would allow them to perform the action. The second, more secure way uses a fixed check that does not depend on data that is controlled by the user.\n\n\n```java\npublic static void main(String[] args) {\n\tString whatDoTheyWantToDo = args[0];\n\tSubject subject = SecurityUtils.getSubject();\n\n\t// BAD: permissions decision made using tainted data\n\tif(subject.isPermitted(\"domain:sublevel:\" + whatDoTheyWantToDo))\n\t\tdoIt();\n\n\t// GOOD: use fixed checks\n\tif(subject.isPermitted(\"domain:sublevel:whatTheMethodDoes\"))\n\t\tdoIt();\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SEC02-J. Do not base security checks on untrusted sources](https://wiki.sei.cmu.edu/confluence/display/java/SEC02-J.+Do+not+base+security+checks+on+untrusted+sources).\n* Common Weakness Enumeration: [CWE-807](https://cwe.mitre.org/data/definitions/807.html).\n* Common Weakness Enumeration: [CWE-290](https://cwe.mitre.org/data/definitions/290.html).\n",
-                  "text": "# User-controlled data used in permissions check\nUsing user-controlled data in a permissions check may allow a user to gain unauthorized access to protected functionality or data.\n\n\n## Recommendation\nWhen checking whether a user is authorized for a particular activity, do not use data that is controlled by that user in the permissions check. If necessary, always validate the input, ideally against a fixed list of expected values.\n\nSimilarly, do not decide which permission to check for based on user data. In particular, avoid using computation to decide which permissions to check for. Use fixed permissions for particular actions, rather than generating the permission to check for.\n\n\n## Example\nThis example, using the Apache Shiro security framework, shows two ways to specify the permissions to check. The first way uses a string, `whatDoTheyWantToDo`, to specify the permissions to check. However, this string is built from user input. This can allow an attacker to force a check against a permission that they know they have, rather than the permission that should be checked. For example, while trying to access the account details of another user, the attacker could force the system to check whether they had permissions to access their *own* account details, which is incorrect, and would allow them to perform the action. The second, more secure way uses a fixed check that does not depend on data that is controlled by the user.\n\n\n```java\npublic static void main(String[] args) {\n\tString whatDoTheyWantToDo = args[0];\n\tSubject subject = SecurityUtils.getSubject();\n\n\t// BAD: permissions decision made using tainted data\n\tif(subject.isPermitted(\"domain:sublevel:\" + whatDoTheyWantToDo))\n\t\tdoIt();\n\n\t// GOOD: use fixed checks\n\tif(subject.isPermitted(\"domain:sublevel:whatTheMethodDoes\"))\n\t\tdoIt();\n}\n```\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [SEC02-J. Do not base security checks on untrusted sources](https://wiki.sei.cmu.edu/confluence/display/java/SEC02-J.+Do+not+base+security+checks+on+untrusted+sources).\n* Common Weakness Enumeration: [CWE-807](https://cwe.mitre.org/data/definitions/807.html).\n* Common Weakness Enumeration: [CWE-290](https://cwe.mitre.org/data/definitions/290.html).\n"
+              "message": {
+                "text": "this user input"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 5,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/5"
+          }
+        },
+        {
+          "rule": {
+            "index": 28,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Query might include code from [this user input](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java",
+                  "index": 17
                 },
-                "id": "java/tainted-permissions-check",
-                "name": "java/tainted-permissions-check",
-                "properties": {
-                  "security-severity": "7.800000",
-                  "tags": [
-                    "external/cwe/cwe-290",
-                    "external/cwe/cwe-807",
-                    "security"
+                "region": {
+                  "start_line": 65,
+                  "start_column": 41,
+                  "end_line": 65,
+                  "end_column": 46
+                }
+              }
+            }
+          ],
+          "guid": "9b48d4d2-0c73-42c9-b0d5-5a967f13c172",
+          "correlation_guid": "571c000e-9298-4012-9547-f63907ae8dec",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "6831612ccb8d413b:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java",
+                            "index": 17
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 35,
+                            "end_line": 56,
+                            "end_column": 61
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java",
+                            "index": 17
+                          },
+                          "region": {
+                            "start_line": 57,
+                            "start_column": 32,
+                            "end_line": 57,
+                            "end_column": 37
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java",
+                            "index": 17
+                          },
+                          "region": {
+                            "start_line": 60,
+                            "start_column": 44,
+                            "end_line": 60,
+                            "end_column": 56
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java",
+                            "index": 17
+                          },
+                          "region": {
+                            "start_line": 65,
+                            "start_column": 41,
+                            "end_line": 65,
+                            "end_column": 46
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "User-controlled data used in permissions check"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Deserializing user-controlled data may allow attackers to execute arbitrary code."
-                },
-                "help": {
-                  "markdown": "# Deserialization of user-controlled data\nDeserializing untrusted data using any deserialization framework that allows the construction of arbitrary serializable objects is easily exploitable and in many cases allows an attacker to execute arbitrary code. Even before a deserialized object is returned to the caller of a deserialization method a lot of code may have been executed, including static initializers, constructors, and finalizers. Automatic deserialization of fields means that an attacker may craft a nested combination of objects on which the executed initialization code may have unforeseen effects, such as the execution of arbitrary code.\n\nThere are many different serialization frameworks. This query currently supports Kryo, XmlDecoder, XStream, SnakeYaml, JYaml, JsonIO, YAMLBeans, HessianBurlap, Castor, Burlap, Jackson, Jabsorb, Jodd JSON, Flexjson, Gson and Java IO serialization through `ObjectInputStream`/`ObjectOutputStream`.\n\n\n## Recommendation\nAvoid deserialization of untrusted data if at all possible. If the architecture permits it then use other formats instead of serialized objects, for example JSON or XML. However, these formats should not be deserialized into complex objects because this provides further opportunities for attack. For example, XML-based deserialization attacks are possible through libraries such as XStream and XmlDecoder. Alternatively, a tightly controlled whitelist can limit the vulnerability of code, but be aware of the existence of so-called Bypass Gadgets, which can circumvent such protection measures.\n\n\n## Example\nThe following example calls `readObject` directly on an `ObjectInputStream` that is constructed from untrusted data, and is therefore inherently unsafe.\n\n\n```java\npublic MyObject {\n  public int field;\n  MyObject(int field) {\n    this.field = field;\n  }\n}\n\npublic MyObject deserialize(Socket sock) {\n  try(ObjectInputStream in = new ObjectInputStream(sock.getInputStream())) {\n    return (MyObject)in.readObject(); // unsafe\n  }\n}\n\n```\nRewriting the communication protocol to only rely on reading primitive types from the input stream removes the vulnerability.\n\n\n```java\npublic MyObject deserialize(Socket sock) {\n  try(DataInputStream in = new DataInputStream(sock.getInputStream())) {\n    return new MyObject(in.readInt());\n  }\n}\n\n```\n\n## References\n* OWASP vulnerability description: [Deserialization of untrusted data](https://www.owasp.org/index.php/Deserialization_of_untrusted_data).\n* OWASP guidance on deserializing objects: [Deserialization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html).\n* Talks by Chris Frohoff &amp; Gabriel Lawrence: [ AppSecCali 2015: Marshalling Pickles - how deserializing objects will ruin your day](http://frohoff.github.io/appseccali-marshalling-pickles/), [OWASP SD: Deserialize My Shorts: Or How I Learned to Start Worrying and Hate Java Object Deserialization](http://frohoff.github.io/owaspsd-deserialize-my-shorts/).\n* Alvaro Muñoz &amp; Christian Schneider, RSAConference 2016: [Serial Killer: Silently Pwning Your Java Endpoints](https://speakerdeck.com/pwntester/serial-killer-silently-pwning-your-java-endpoints).\n* SnakeYaml documentation on deserialization: [SnakeYaml deserialization](https://bitbucket.org/asomov/snakeyaml/wiki/Documentation#markdown-header-loading-yaml).\n* Hessian deserialization and related gadget chains: [Hessian deserialization](https://paper.seebug.org/1137/).\n* Castor and Hessian java deserialization vulnerabilities: [Castor and Hessian deserialization](https://securitylab.github.com/research/hessian-java-deserialization-castor-vulnerabilities/).\n* Remote code execution in JYaml library: [JYaml deserialization](https://www.cybersecurity-help.cz/vdb/SB2020022512).\n* JsonIO deserialization vulnerabilities: [JsonIO deserialization](https://klezvirus.github.io/Advanced-Web-Hacking/Serialisation/).\n* Research by Moritz Bechler: [Java Unmarshaller Security - Turning your data into code execution](https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true)\n* Blog posts by the developer of Jackson libraries: [On Jackson CVEs: Don’t Panic — Here is what you need to know](https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062) [Jackson 2.10: Safe Default Typing](https://cowtowncoder.medium.com/jackson-2-10-safe-default-typing-2d018f0ce2ba)\n* Jabsorb documentation on deserialization: [Jabsorb JSON Serializer](https://github.com/Servoy/jabsorb/blob/master/src/org/jabsorb/).\n* Jodd JSON documentation on deserialization: [JoddJson Parser](https://json.jodd.org/parser).\n* RCE in Flexjson: [Flexjson deserialization](https://codewhitesec.blogspot.com/2020/03/liferay-portal-json-vulns.html).\n* Android Intent deserialization vulnerabilities with GSON parser: [Insecure use of JSON parsers](https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android/#insecure-use-of-json-parsers).\n* Common Weakness Enumeration: [CWE-502](https://cwe.mitre.org/data/definitions/502.html).\n",
-                  "text": "# Deserialization of user-controlled data\nDeserializing untrusted data using any deserialization framework that allows the construction of arbitrary serializable objects is easily exploitable and in many cases allows an attacker to execute arbitrary code. Even before a deserialized object is returned to the caller of a deserialization method a lot of code may have been executed, including static initializers, constructors, and finalizers. Automatic deserialization of fields means that an attacker may craft a nested combination of objects on which the executed initialization code may have unforeseen effects, such as the execution of arbitrary code.\n\nThere are many different serialization frameworks. This query currently supports Kryo, XmlDecoder, XStream, SnakeYaml, JYaml, JsonIO, YAMLBeans, HessianBurlap, Castor, Burlap, Jackson, Jabsorb, Jodd JSON, Flexjson, Gson and Java IO serialization through `ObjectInputStream`/`ObjectOutputStream`.\n\n\n## Recommendation\nAvoid deserialization of untrusted data if at all possible. If the architecture permits it then use other formats instead of serialized objects, for example JSON or XML. However, these formats should not be deserialized into complex objects because this provides further opportunities for attack. For example, XML-based deserialization attacks are possible through libraries such as XStream and XmlDecoder. Alternatively, a tightly controlled whitelist can limit the vulnerability of code, but be aware of the existence of so-called Bypass Gadgets, which can circumvent such protection measures.\n\n\n## Example\nThe following example calls `readObject` directly on an `ObjectInputStream` that is constructed from untrusted data, and is therefore inherently unsafe.\n\n\n```java\npublic MyObject {\n  public int field;\n  MyObject(int field) {\n    this.field = field;\n  }\n}\n\npublic MyObject deserialize(Socket sock) {\n  try(ObjectInputStream in = new ObjectInputStream(sock.getInputStream())) {\n    return (MyObject)in.readObject(); // unsafe\n  }\n}\n\n```\nRewriting the communication protocol to only rely on reading primitive types from the input stream removes the vulnerability.\n\n\n```java\npublic MyObject deserialize(Socket sock) {\n  try(DataInputStream in = new DataInputStream(sock.getInputStream())) {\n    return new MyObject(in.readInt());\n  }\n}\n\n```\n\n## References\n* OWASP vulnerability description: [Deserialization of untrusted data](https://www.owasp.org/index.php/Deserialization_of_untrusted_data).\n* OWASP guidance on deserializing objects: [Deserialization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html).\n* Talks by Chris Frohoff &amp; Gabriel Lawrence: [ AppSecCali 2015: Marshalling Pickles - how deserializing objects will ruin your day](http://frohoff.github.io/appseccali-marshalling-pickles/), [OWASP SD: Deserialize My Shorts: Or How I Learned to Start Worrying and Hate Java Object Deserialization](http://frohoff.github.io/owaspsd-deserialize-my-shorts/).\n* Alvaro Muñoz &amp; Christian Schneider, RSAConference 2016: [Serial Killer: Silently Pwning Your Java Endpoints](https://speakerdeck.com/pwntester/serial-killer-silently-pwning-your-java-endpoints).\n* SnakeYaml documentation on deserialization: [SnakeYaml deserialization](https://bitbucket.org/asomov/snakeyaml/wiki/Documentation#markdown-header-loading-yaml).\n* Hessian deserialization and related gadget chains: [Hessian deserialization](https://paper.seebug.org/1137/).\n* Castor and Hessian java deserialization vulnerabilities: [Castor and Hessian deserialization](https://securitylab.github.com/research/hessian-java-deserialization-castor-vulnerabilities/).\n* Remote code execution in JYaml library: [JYaml deserialization](https://www.cybersecurity-help.cz/vdb/SB2020022512).\n* JsonIO deserialization vulnerabilities: [JsonIO deserialization](https://klezvirus.github.io/Advanced-Web-Hacking/Serialisation/).\n* Research by Moritz Bechler: [Java Unmarshaller Security - Turning your data into code execution](https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true)\n* Blog posts by the developer of Jackson libraries: [On Jackson CVEs: Don’t Panic — Here is what you need to know](https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062) [Jackson 2.10: Safe Default Typing](https://cowtowncoder.medium.com/jackson-2-10-safe-default-typing-2d018f0ce2ba)\n* Jabsorb documentation on deserialization: [Jabsorb JSON Serializer](https://github.com/Servoy/jabsorb/blob/master/src/org/jabsorb/).\n* Jodd JSON documentation on deserialization: [JoddJson Parser](https://json.jodd.org/parser).\n* RCE in Flexjson: [Flexjson deserialization](https://codewhitesec.blogspot.com/2020/03/liferay-portal-json-vulns.html).\n* Android Intent deserialization vulnerabilities with GSON parser: [Insecure use of JSON parsers](https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android/#insecure-use-of-json-parsers).\n* Common Weakness Enumeration: [CWE-502](https://cwe.mitre.org/data/definitions/502.html).\n"
-                },
-                "id": "java/unsafe-deserialization",
-                "name": "java/unsafe-deserialization",
-                "properties": {
-                  "security-severity": "9.800000",
-                  "tags": [
-                    "external/cwe/cwe-502",
-                    "security"
-                  ]
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson3.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Deserialization of user-controlled data"
+                "region": {
+                  "start_line": 56,
+                  "start_column": 35,
+                  "end_line": 56,
+                  "end_column": 61
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Marking a certificate as valid for a host without checking the certificate hostname allows an attacker to perform a machine-in-the-middle attack."
-                },
-                "help": {
-                  "markdown": "# Unsafe hostname verification\nIf a `HostnameVerifier` always returns `true` it will not verify the hostname at all. This stops Transport Layer Security (TLS) providing any security and allows an attacker to perform a man-in-the-middle attack against the application.\n\nAn attack might look like this:\n\n1. The program connects to `https://example.com`.\n1. The attacker intercepts this connection and presents an apparently-valid certificate of their choosing.\n1. The `TrustManager` of the program verifies that the certificate has been issued by a trusted certificate authority.\n1. The Java HTTPS library checks whether the certificate has been issued for the host `example.com`. This check fails because the certificate has been issued for a domain controlled by the attacker, for example: `malicious.domain`.\n1. The HTTPS library wants to reject the certificate because the hostname does not match. Before doing this it checks whether a `HostnameVerifier` exists.\n1. Your `HostnameVerifier` is called which returns `true` for any certificate so also for this one.\n1. The program proceeds with the connection since your `HostnameVerifier` accepted it.\n1. The attacker can now read the data your program sends to `https://example.com` and/or alter its replies while the program thinks the connection is secure.\n\n## Recommendation\nDo not use an open `HostnameVerifier`. If you have a configuration problem with TLS/HTTPS, you should always solve the configuration problem instead of using an open verifier.\n\n\n## Example\nIn the first (bad) example, the `HostnameVerifier` always returns `true`. This allows an attacker to perform a man-in-the-middle attack, because any certificate is accepted despite an incorrect hostname. In the second (good) example, the `HostnameVerifier` only returns `true` when the certificate has been correctly checked.\n\n\n```java\npublic static void main(String[] args) {\n\n\t{\n\t\tHostnameVerifier verifier = new HostnameVerifier() {\n\t\t\t@Override\n\t\t\tpublic boolean verify(String hostname, SSLSession session) {\n\t\t\t\treturn true; // BAD: accept even if the hostname doesn't match\n\t\t\t}\n\t\t};\n\t\tHttpsURLConnection.setDefaultHostnameVerifier(verifier);\n\t}\n\n\t{\n\t\tHostnameVerifier verifier = new HostnameVerifier() {\n\t\t\t@Override\n\t\t\tpublic boolean verify(String hostname, SSLSession session) {\n\t\t\t\ttry { // GOOD: verify the certificate\n\t\t\t\t\tCertificate[] certs = session.getPeerCertificates();\n\t\t\t\t\tX509Certificate x509 = (X509Certificate) certs[0];\n\t\t\t\t\tcheck(new String[]{host}, x509);\n\t\t\t\t\treturn true;\n\t\t\t\t} catch (SSLException e) {\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\t\t\t}\n\t\t};\n\t\tHttpsURLConnection.setDefaultHostnameVerifier(verifier);\n\t}\n\n}\n```\n\n## References\n* Android developers: [Security with HTTPS and SSL](https://developer.android.com/training/articles/security-ssl).\n* Terse systems blog: [Fixing Hostname Verification](https://tersesystems.com/blog/2014/03/23/fixing-hostname-verification/).\n* Common Weakness Enumeration: [CWE-297](https://cwe.mitre.org/data/definitions/297.html).\n",
-                  "text": "# Unsafe hostname verification\nIf a `HostnameVerifier` always returns `true` it will not verify the hostname at all. This stops Transport Layer Security (TLS) providing any security and allows an attacker to perform a man-in-the-middle attack against the application.\n\nAn attack might look like this:\n\n1. The program connects to `https://example.com`.\n1. The attacker intercepts this connection and presents an apparently-valid certificate of their choosing.\n1. The `TrustManager` of the program verifies that the certificate has been issued by a trusted certificate authority.\n1. The Java HTTPS library checks whether the certificate has been issued for the host `example.com`. This check fails because the certificate has been issued for a domain controlled by the attacker, for example: `malicious.domain`.\n1. The HTTPS library wants to reject the certificate because the hostname does not match. Before doing this it checks whether a `HostnameVerifier` exists.\n1. Your `HostnameVerifier` is called which returns `true` for any certificate so also for this one.\n1. The program proceeds with the connection since your `HostnameVerifier` accepted it.\n1. The attacker can now read the data your program sends to `https://example.com` and/or alter its replies while the program thinks the connection is secure.\n\n## Recommendation\nDo not use an open `HostnameVerifier`. If you have a configuration problem with TLS/HTTPS, you should always solve the configuration problem instead of using an open verifier.\n\n\n## Example\nIn the first (bad) example, the `HostnameVerifier` always returns `true`. This allows an attacker to perform a man-in-the-middle attack, because any certificate is accepted despite an incorrect hostname. In the second (good) example, the `HostnameVerifier` only returns `true` when the certificate has been correctly checked.\n\n\n```java\npublic static void main(String[] args) {\n\n\t{\n\t\tHostnameVerifier verifier = new HostnameVerifier() {\n\t\t\t@Override\n\t\t\tpublic boolean verify(String hostname, SSLSession session) {\n\t\t\t\treturn true; // BAD: accept even if the hostname doesn't match\n\t\t\t}\n\t\t};\n\t\tHttpsURLConnection.setDefaultHostnameVerifier(verifier);\n\t}\n\n\t{\n\t\tHostnameVerifier verifier = new HostnameVerifier() {\n\t\t\t@Override\n\t\t\tpublic boolean verify(String hostname, SSLSession session) {\n\t\t\t\ttry { // GOOD: verify the certificate\n\t\t\t\t\tCertificate[] certs = session.getPeerCertificates();\n\t\t\t\t\tX509Certificate x509 = (X509Certificate) certs[0];\n\t\t\t\t\tcheck(new String[]{host}, x509);\n\t\t\t\t\treturn true;\n\t\t\t\t} catch (SSLException e) {\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\t\t\t}\n\t\t};\n\t\tHttpsURLConnection.setDefaultHostnameVerifier(verifier);\n\t}\n\n}\n```\n\n## References\n* Android developers: [Security with HTTPS and SSL](https://developer.android.com/training/articles/security-ssl).\n* Terse systems blog: [Fixing Hostname Verification](https://tersesystems.com/blog/2014/03/23/fixing-hostname-verification/).\n* Common Weakness Enumeration: [CWE-297](https://cwe.mitre.org/data/definitions/297.html).\n"
-                },
-                "id": "java/unsafe-hostname-verification",
-                "name": "java/unsafe-hostname-verification",
-                "properties": {
-                  "security-severity": "5.900000",
-                  "tags": [
-                    "external/cwe/cwe-297",
-                    "security"
-                  ]
+              "message": {
+                "text": "this user input"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 4,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/4"
+          }
+        },
+        {
+          "rule": {
+            "index": 28,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Query might include code from [this user input](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java",
+                  "index": 18
                 },
-                "shortDescription": {
-                  "text": "Unsafe hostname verification"
+                "region": {
+                  "start_line": 62,
+                  "start_column": 56,
+                  "end_line": 62,
+                  "end_column": 61
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "URL redirection based on unvalidated user-input may cause redirection to malicious web sites."
-                },
-                "help": {
-                  "markdown": "# URL redirection from remote source\nDirectly incorporating user input into a URL redirect request without validating the input can facilitate phishing attacks. In these attacks, unsuspecting users can be redirected to a malicious site that looks very similar to the real site they intend to visit, but which is controlled by the attacker.\n\n\n## Recommendation\nTo guard against untrusted URL redirection, it is advisable to avoid putting user input directly into a redirect URL. Instead, maintain a list of authorized redirects on the server; then choose from that list based on the user input provided.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly in a URL redirect without validating the input, which facilitates phishing attacks. It also shows how to remedy the problem by validating the user input against a known fixed string.\n\n\n```java\npublic class UrlRedirect extends HttpServlet {\n\tprivate static final String VALID_REDIRECT = \"http://cwe.mitre.org/data/definitions/601.html\";\n\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: a request parameter is incorporated without validation into a URL redirect\n\t\tresponse.sendRedirect(request.getParameter(\"target\"));\n\n\t\t// GOOD: the request parameter is validated against a known fixed string\n\t\tif (VALID_REDIRECT.equals(request.getParameter(\"target\"))) {\n\t\t\tresponse.sendRedirect(VALID_REDIRECT);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* Common Weakness Enumeration: [CWE-601](https://cwe.mitre.org/data/definitions/601.html).\n",
-                  "text": "# URL redirection from remote source\nDirectly incorporating user input into a URL redirect request without validating the input can facilitate phishing attacks. In these attacks, unsuspecting users can be redirected to a malicious site that looks very similar to the real site they intend to visit, but which is controlled by the attacker.\n\n\n## Recommendation\nTo guard against untrusted URL redirection, it is advisable to avoid putting user input directly into a redirect URL. Instead, maintain a list of authorized redirects on the server; then choose from that list based on the user input provided.\n\n\n## Example\nThe following example shows an HTTP request parameter being used directly in a URL redirect without validating the input, which facilitates phishing attacks. It also shows how to remedy the problem by validating the user input against a known fixed string.\n\n\n```java\npublic class UrlRedirect extends HttpServlet {\n\tprivate static final String VALID_REDIRECT = \"http://cwe.mitre.org/data/definitions/601.html\";\n\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: a request parameter is incorporated without validation into a URL redirect\n\t\tresponse.sendRedirect(request.getParameter(\"target\"));\n\n\t\t// GOOD: the request parameter is validated against a known fixed string\n\t\tif (VALID_REDIRECT.equals(request.getParameter(\"target\"))) {\n\t\t\tresponse.sendRedirect(VALID_REDIRECT);\n\t\t}\n\t}\n}\n\n```\n\n## References\n* Common Weakness Enumeration: [CWE-601](https://cwe.mitre.org/data/definitions/601.html).\n"
-                },
-                "id": "java/unvalidated-url-redirection",
-                "name": "java/unvalidated-url-redirection",
-                "properties": {
-                  "security-severity": "6.100000",
-                  "tags": [
-                    "external/cwe/cwe-601",
-                    "security"
+              }
+            }
+          ],
+          "guid": "84fe36ea-80b9-46e2-a83b-bfff1fb6fdb3",
+          "correlation_guid": "83f28801-a3dc-49ab-a2d9-d096032b3d82",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "1c69de562b7d4118:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java",
+                            "index": 18
+                          },
+                          "region": {
+                            "start_line": 55,
+                            "start_column": 35,
+                            "end_line": 55,
+                            "end_column": 61
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java",
+                            "index": 18
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 32,
+                            "end_line": 56,
+                            "end_column": 37
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java",
+                            "index": 18
+                          },
+                          "region": {
+                            "start_line": 59,
+                            "start_column": 44,
+                            "end_line": 59,
+                            "end_column": 56
+                          }
+                        },
+                        "message": {
+                          "text": "query : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java",
+                            "index": 18
+                          },
+                          "region": {
+                            "start_line": 62,
+                            "start_column": 56,
+                            "end_line": 62,
+                            "end_column": 61
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "URL redirection from remote source"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "warning"
-                },
-                "fullDescription": {
-                  "text": "Using broken or weak cryptographic algorithms can allow an attacker to compromise security."
-                },
-                "help": {
-                  "markdown": "# Use of a broken or risky cryptographic algorithm\nUsing broken or weak cryptographic algorithms can leave data vulnerable to being decrypted.\n\nMany cryptographic algorithms provided by cryptography libraries are known to be weak, or flawed. Using such an algorithm means that an attacker may be able to easily decrypt the encrypted data.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic algorithm. Use at least AES-128 or RSA-2048. Do not use the ECB encryption mode since it is vulnerable to replay and other attacks.\n\n\n## Example\nThe following code shows an example of using a java `Cipher` to encrypt some data. When creating a `Cipher` instance, you must specify the encryption algorithm to use. The first example uses DES, which is an older algorithm that is now considered weak. The second example uses AES, which is a strong modern algorithm.\n\n\n```java\n// BAD: DES is a weak algorithm \nCipher des = Cipher.getInstance(\"DES\");\ncipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);\n\nbyte[] encrypted = cipher.doFinal(input.getBytes(\"UTF-8\"));\n\n// ...\n\n// GOOD: AES is a strong algorithm\nCipher des = Cipher.getInstance(\"AES\");\n\n// ...\n```\n\n## References\n* NIST, FIPS 140 Annex a: [ Approved Security Functions](http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf).\n* NIST, SP 800-131A: [ Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n* Common Weakness Enumeration: [CWE-328](https://cwe.mitre.org/data/definitions/328.html).\n",
-                  "text": "# Use of a broken or risky cryptographic algorithm\nUsing broken or weak cryptographic algorithms can leave data vulnerable to being decrypted.\n\nMany cryptographic algorithms provided by cryptography libraries are known to be weak, or flawed. Using such an algorithm means that an attacker may be able to easily decrypt the encrypted data.\n\n\n## Recommendation\nEnsure that you use a strong, modern cryptographic algorithm. Use at least AES-128 or RSA-2048. Do not use the ECB encryption mode since it is vulnerable to replay and other attacks.\n\n\n## Example\nThe following code shows an example of using a java `Cipher` to encrypt some data. When creating a `Cipher` instance, you must specify the encryption algorithm to use. The first example uses DES, which is an older algorithm that is now considered weak. The second example uses AES, which is a strong modern algorithm.\n\n\n```java\n// BAD: DES is a weak algorithm \nCipher des = Cipher.getInstance(\"DES\");\ncipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);\n\nbyte[] encrypted = cipher.doFinal(input.getBytes(\"UTF-8\"));\n\n// ...\n\n// GOOD: AES is a strong algorithm\nCipher des = Cipher.getInstance(\"AES\");\n\n// ...\n```\n\n## References\n* NIST, FIPS 140 Annex a: [ Approved Security Functions](http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf).\n* NIST, SP 800-131A: [ Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf).\n* Common Weakness Enumeration: [CWE-327](https://cwe.mitre.org/data/definitions/327.html).\n* Common Weakness Enumeration: [CWE-328](https://cwe.mitre.org/data/definitions/328.html).\n"
-                },
-                "id": "java/weak-cryptographic-algorithm",
-                "name": "java/weak-cryptographic-algorithm",
-                "properties": {
-                  "security-severity": "7.500000",
-                  "tags": [
-                    "external/cwe/cwe-327",
-                    "external/cwe/cwe-328",
-                    "security"
-                  ]
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson2.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Use of a broken or risky cryptographic algorithm"
+                "region": {
+                  "start_line": 55,
+                  "start_column": 35,
+                  "end_line": 55,
+                  "end_column": 61
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Reading from a file which is set as world writable is dangerous because the file may be modified or removed by external actors."
-                },
-                "help": {
-                  "markdown": "# Reading from a world writable file\nReading from a world-writable file is dangerous on a multi-user system because other users may be able to affect program execution by modifying or deleting the file.\n\n\n## Recommendation\nDo not make files explicitly world writable unless the file is intended to be written by multiple users on a multi-user system. In many cases, the file may only need to be writable for the current user.\n\nFor some file systems, there may be alternatives to setting the file to be world writable. For example, POSIX file systems support \"groups\" which may be used to ensure that only subset of all the users can write to the file. Access Control Lists (ACLs) are available for many operating system and file system combinations, and can provide fine-grained read and write support without resorting to world writable permissions.\n\n\n## Example\nIn the following example, we are loading some configuration parameters from a file:\n\n```java\n\nprivate void readConfig(File configFile) {\n  if (!configFile.exists()) {\n    // Create an empty config file\n    configFile.createNewFile();\n    // Make the file writable for all\n    configFile.setWritable(true, false);\n  }\n  // Now read the config\n  loadConfig(configFile);\n}\n\n```\nIf the configuration file does not yet exist, an empty file is created. Creating an empty file can simplify the later code and is a convenience for the user. However, by setting the file to be world writable, we allow any user on the system to modify the configuration, not just the current user. If there may be untrusted users on the system, this is potentially dangerous.\n\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [FIO01-J. Create files with appropriate access permissions](https://wiki.sei.cmu.edu/confluence/display/java/FIO01-J.+Create+files+with+appropriate+access+permissions).\n* Common Weakness Enumeration: [CWE-732](https://cwe.mitre.org/data/definitions/732.html).\n",
-                  "text": "# Reading from a world writable file\nReading from a world-writable file is dangerous on a multi-user system because other users may be able to affect program execution by modifying or deleting the file.\n\n\n## Recommendation\nDo not make files explicitly world writable unless the file is intended to be written by multiple users on a multi-user system. In many cases, the file may only need to be writable for the current user.\n\nFor some file systems, there may be alternatives to setting the file to be world writable. For example, POSIX file systems support \"groups\" which may be used to ensure that only subset of all the users can write to the file. Access Control Lists (ACLs) are available for many operating system and file system combinations, and can provide fine-grained read and write support without resorting to world writable permissions.\n\n\n## Example\nIn the following example, we are loading some configuration parameters from a file:\n\n```java\n\nprivate void readConfig(File configFile) {\n  if (!configFile.exists()) {\n    // Create an empty config file\n    configFile.createNewFile();\n    // Make the file writable for all\n    configFile.setWritable(true, false);\n  }\n  // Now read the config\n  loadConfig(configFile);\n}\n\n```\nIf the configuration file does not yet exist, an empty file is created. Creating an empty file can simplify the later code and is a convenience for the user. However, by setting the file to be world writable, we allow any user on the system to modify the configuration, not just the current user. If there may be untrusted users on the system, this is potentially dangerous.\n\n\n## References\n* SEI CERT Oracle Coding Standard for Java: [FIO01-J. Create files with appropriate access permissions](https://wiki.sei.cmu.edu/confluence/display/java/FIO01-J.+Create+files+with+appropriate+access+permissions).\n* Common Weakness Enumeration: [CWE-732](https://cwe.mitre.org/data/definitions/732.html).\n"
-                },
-                "id": "java/world-writable-file-read",
-                "name": "java/world-writable-file-read",
-                "properties": {
-                  "security-severity": "7.800000",
-                  "tags": [
-                    "external/cwe/cwe-732",
-                    "security"
-                  ]
+              "message": {
+                "text": "this user input"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 3,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/3"
+          }
+        },
+        {
+          "rule": {
+            "index": 28,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Query might include code from [this user input](1)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java",
+                  "index": 19
                 },
-                "shortDescription": {
-                  "text": "Reading from a world writable file"
+                "region": {
+                  "start_line": 63,
+                  "start_column": 60,
+                  "end_line": 63,
+                  "end_column": 65
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Building an XPath expression from user-controlled sources is vulnerable to insertion of malicious code by the user."
-                },
-                "help": {
-                  "markdown": "# XPath injection\nIf an XPath expression is built using string concatenation, and the components of the concatenation include user input, it makes it very easy for a user to create a malicious XPath expression.\n\n\n## Recommendation\nIf user input must be included in an XPath expression, either sanitize the data or pre-compile the query and use variable references to include the user input.\n\nXPath injection can also be prevented by using XQuery.\n\n\n## Example\nIn the first three examples, the code accepts a name and password specified by the user, and uses this unvalidated and unsanitized value in an XPath expression. This is vulnerable to the user providing special characters or string sequences that change the meaning of the XPath expression to search for different values.\n\nIn the fourth example, the code uses `setXPathVariableResolver` which prevents XPath injection.\n\nThe final two examples are for dom4j. They show an example of XPath injection and one method of preventing it.\n\n\n```java\nfinal String xmlStr = \"<users>\" + \n                        \"   <user name=\\\"aaa\\\" pass=\\\"pass1\\\"></user>\" + \n                        \"   <user name=\\\"bbb\\\" pass=\\\"pass2\\\"></user>\" + \n                        \"</users>\";\ntry {\n    DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance();\n    domFactory.setNamespaceAware(true);\n    DocumentBuilder builder = domFactory.newDocumentBuilder();\n    //Document doc = builder.parse(\"user.xml\");\n    Document doc = builder.parse(new InputSource(new StringReader(xmlStr)));\n\n    XPathFactory factory = XPathFactory.newInstance();\n    XPath xpath = factory.newXPath();\n\n    // Injectable data\n    String user = request.getParameter(\"user\");\n    String pass = request.getParameter(\"pass\");\n    if (user != null && pass != null) {\n        boolean isExist = false;\n\n        // Bad expression\n        String expression1 = \"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\";\n        isExist = (boolean)xpath.evaluate(expression1, doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Bad expression\n        XPathExpression expression2 = xpath.compile(\"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\");\n        isExist = (boolean)expression2.evaluate(doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Bad expression\n        StringBuffer sb = new StringBuffer(\"/users/user[@name=\");\n        sb.append(user);\n        sb.append(\"' and @pass='\");\n        sb.append(pass);\n        sb.append(\"']\");\n        String query = sb.toString();\n        XPathExpression expression3 = xpath.compile(query);\n        isExist = (boolean)expression3.evaluate(doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Good expression\n        String expression4 = \"/users/user[@name=$user and @pass=$pass]\";\n        xpath.setXPathVariableResolver(v -> {\n        switch (v.getLocalPart()) {\n            case \"user\":\n                return user;\n            case \"pass\":\n                return pass;\n            default:\n                throw new IllegalArgumentException();\n            }\n        });\n        isExist = (boolean)xpath.evaluate(expression4, doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n\n        // Bad Dom4j \n        org.dom4j.io.SAXReader reader = new org.dom4j.io.SAXReader();\n        org.dom4j.Document document = reader.read(new InputSource(new StringReader(xmlStr)));\n        isExist = document.selectSingleNode(\"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\") != null;\n        // or document.selectNodes\n        System.out.println(isExist);\n\n        // Good Dom4j\n        org.jaxen.SimpleVariableContext svc = new org.jaxen.SimpleVariableContext();\n        svc.setVariableValue(\"user\", user);\n        svc.setVariableValue(\"pass\", pass);\n        String xpathString = \"/users/user[@name=$user and @pass=$pass]\";\n        org.dom4j.XPath safeXPath = document.createXPath(xpathString);\n        safeXPath.setVariableContext(svc);\n        isExist = safeXPath.selectSingleNode(document) != null;\n        System.out.println(isExist);\n    }\n} catch (ParserConfigurationException e) {\n\n} catch (SAXException e) {\n\n} catch (XPathExpressionException e) {\n\n} catch (org.dom4j.DocumentException e) {\n\n}\n```\n\n## References\n* OWASP: [Testing for XPath Injection](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/09-Testing_for_XPath_Injection).\n* OWASP: [XPath Injection](https://owasp.org/www-community/attacks/XPATH_Injection).\n* Common Weakness Enumeration: [CWE-643](https://cwe.mitre.org/data/definitions/643.html).\n",
-                  "text": "# XPath injection\nIf an XPath expression is built using string concatenation, and the components of the concatenation include user input, it makes it very easy for a user to create a malicious XPath expression.\n\n\n## Recommendation\nIf user input must be included in an XPath expression, either sanitize the data or pre-compile the query and use variable references to include the user input.\n\nXPath injection can also be prevented by using XQuery.\n\n\n## Example\nIn the first three examples, the code accepts a name and password specified by the user, and uses this unvalidated and unsanitized value in an XPath expression. This is vulnerable to the user providing special characters or string sequences that change the meaning of the XPath expression to search for different values.\n\nIn the fourth example, the code uses `setXPathVariableResolver` which prevents XPath injection.\n\nThe final two examples are for dom4j. They show an example of XPath injection and one method of preventing it.\n\n\n```java\nfinal String xmlStr = \"<users>\" + \n                        \"   <user name=\\\"aaa\\\" pass=\\\"pass1\\\"></user>\" + \n                        \"   <user name=\\\"bbb\\\" pass=\\\"pass2\\\"></user>\" + \n                        \"</users>\";\ntry {\n    DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance();\n    domFactory.setNamespaceAware(true);\n    DocumentBuilder builder = domFactory.newDocumentBuilder();\n    //Document doc = builder.parse(\"user.xml\");\n    Document doc = builder.parse(new InputSource(new StringReader(xmlStr)));\n\n    XPathFactory factory = XPathFactory.newInstance();\n    XPath xpath = factory.newXPath();\n\n    // Injectable data\n    String user = request.getParameter(\"user\");\n    String pass = request.getParameter(\"pass\");\n    if (user != null && pass != null) {\n        boolean isExist = false;\n\n        // Bad expression\n        String expression1 = \"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\";\n        isExist = (boolean)xpath.evaluate(expression1, doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Bad expression\n        XPathExpression expression2 = xpath.compile(\"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\");\n        isExist = (boolean)expression2.evaluate(doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Bad expression\n        StringBuffer sb = new StringBuffer(\"/users/user[@name=\");\n        sb.append(user);\n        sb.append(\"' and @pass='\");\n        sb.append(pass);\n        sb.append(\"']\");\n        String query = sb.toString();\n        XPathExpression expression3 = xpath.compile(query);\n        isExist = (boolean)expression3.evaluate(doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n        // Good expression\n        String expression4 = \"/users/user[@name=$user and @pass=$pass]\";\n        xpath.setXPathVariableResolver(v -> {\n        switch (v.getLocalPart()) {\n            case \"user\":\n                return user;\n            case \"pass\":\n                return pass;\n            default:\n                throw new IllegalArgumentException();\n            }\n        });\n        isExist = (boolean)xpath.evaluate(expression4, doc, XPathConstants.BOOLEAN);\n        System.out.println(isExist);\n\n\n        // Bad Dom4j \n        org.dom4j.io.SAXReader reader = new org.dom4j.io.SAXReader();\n        org.dom4j.Document document = reader.read(new InputSource(new StringReader(xmlStr)));\n        isExist = document.selectSingleNode(\"/users/user[@name='\" + user + \"' and @pass='\" + pass + \"']\") != null;\n        // or document.selectNodes\n        System.out.println(isExist);\n\n        // Good Dom4j\n        org.jaxen.SimpleVariableContext svc = new org.jaxen.SimpleVariableContext();\n        svc.setVariableValue(\"user\", user);\n        svc.setVariableValue(\"pass\", pass);\n        String xpathString = \"/users/user[@name=$user and @pass=$pass]\";\n        org.dom4j.XPath safeXPath = document.createXPath(xpathString);\n        safeXPath.setVariableContext(svc);\n        isExist = safeXPath.selectSingleNode(document) != null;\n        System.out.println(isExist);\n    }\n} catch (ParserConfigurationException e) {\n\n} catch (SAXException e) {\n\n} catch (XPathExpressionException e) {\n\n} catch (org.dom4j.DocumentException e) {\n\n}\n```\n\n## References\n* OWASP: [Testing for XPath Injection](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/09-Testing_for_XPath_Injection).\n* OWASP: [XPath Injection](https://owasp.org/www-community/attacks/XPATH_Injection).\n* Common Weakness Enumeration: [CWE-643](https://cwe.mitre.org/data/definitions/643.html).\n"
-                },
-                "id": "java/xml/xpath-injection",
-                "name": "java/xml/xpath-injection",
-                "properties": {
-                  "security-severity": "9.800000",
-                  "tags": [
-                    "external/cwe/cwe-643",
-                    "security"
+              }
+            }
+          ],
+          "guid": "f56013f4-52aa-40b5-bd4f-ebb2f5a86602",
+          "correlation_guid": "352c4a51-9495-4013-b121-da4188468c12",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "983b99783dada75a:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java",
+                            "index": 19
+                          },
+                          "region": {
+                            "start_line": 52,
+                            "start_column": 35,
+                            "end_line": 52,
+                            "end_column": 69
+                          }
+                        },
+                        "message": {
+                          "text": "action_string : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java",
+                            "index": 19
+                          },
+                          "region": {
+                            "start_line": 53,
+                            "start_column": 44,
+                            "end_line": 53,
+                            "end_column": 57
+                          }
+                        },
+                        "message": {
+                          "text": "action_string : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java",
+                            "index": 19
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 56,
+                            "end_line": 56,
+                            "end_column": 69
+                          }
+                        },
+                        "message": {
+                          "text": "action : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java",
+                            "index": 19
+                          },
+                          "region": {
+                            "start_line": 63,
+                            "start_column": 60,
+                            "end_line": 63,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "XPath injection"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Performing an XSLT transformation with user-controlled stylesheets can lead to information disclosure or execution of arbitrary code."
-                },
-                "help": {
-                  "markdown": "# XSLT transformation with user-controlled stylesheet\nXSLT (Extensible Stylesheet Language Transformations) is a language for transforming XML documents into other XML documents or other formats. Processing unvalidated XSLT stylesheets can allow attackers to read arbitrary files from the filesystem or to execute arbitrary code.\n\n\n## Recommendation\nThe general recommendation is to not process untrusted XSLT stylesheets. If user-provided stylesheets must be processed, enable the secure processing mode.\n\n\n## Example\nIn the following examples, the code accepts an XSLT stylesheet from the user and processes it.\n\nIn the first example, the user-provided XSLT stylesheet is parsed and processed.\n\nIn the second example, secure processing mode is enabled.\n\n\n```java\nimport javax.xml.XMLConstants;\nimport javax.xml.transform.TransformerFactory;\nimport javax.xml.transform.stream.StreamResult;\nimport javax.xml.transform.stream.StreamSource;\n\npublic void transform(Socket socket, String inputXml) throws Exception {\n  StreamSource xslt = new StreamSource(socket.getInputStream());\n  StreamSource xml = new StreamSource(new StringReader(inputXml));\n  StringWriter result = new StringWriter();\n  TransformerFactory factory = TransformerFactory.newInstance();\n\n  // BAD: User provided XSLT stylesheet is processed\n  factory.newTransformer(xslt).transform(xml, new StreamResult(result));\n\n  // GOOD: The secure processing mode is enabled\n  factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);\n  factory.newTransformer(xslt).transform(xml, new StreamResult(result));\n}  \n```\n\n## References\n* Wikipedia: [XSLT](https://en.wikipedia.org/wiki/XSLT).\n* The Java Tutorials: [Transforming XML Data with XSLT](https://docs.oracle.com/javase/tutorial/jaxp/xslt/transformingXML.html).\n* [XSLT Injection Basics](https://blog.hunniccyber.com/ektron-cms-remote-code-execution-xslt-transform-injection-java/).\n* Common Weakness Enumeration: [CWE-74](https://cwe.mitre.org/data/definitions/74.html).\n",
-                  "text": "# XSLT transformation with user-controlled stylesheet\nXSLT (Extensible Stylesheet Language Transformations) is a language for transforming XML documents into other XML documents or other formats. Processing unvalidated XSLT stylesheets can allow attackers to read arbitrary files from the filesystem or to execute arbitrary code.\n\n\n## Recommendation\nThe general recommendation is to not process untrusted XSLT stylesheets. If user-provided stylesheets must be processed, enable the secure processing mode.\n\n\n## Example\nIn the following examples, the code accepts an XSLT stylesheet from the user and processes it.\n\nIn the first example, the user-provided XSLT stylesheet is parsed and processed.\n\nIn the second example, secure processing mode is enabled.\n\n\n```java\nimport javax.xml.XMLConstants;\nimport javax.xml.transform.TransformerFactory;\nimport javax.xml.transform.stream.StreamResult;\nimport javax.xml.transform.stream.StreamSource;\n\npublic void transform(Socket socket, String inputXml) throws Exception {\n  StreamSource xslt = new StreamSource(socket.getInputStream());\n  StreamSource xml = new StreamSource(new StringReader(inputXml));\n  StringWriter result = new StringWriter();\n  TransformerFactory factory = TransformerFactory.newInstance();\n\n  // BAD: User provided XSLT stylesheet is processed\n  factory.newTransformer(xslt).transform(xml, new StreamResult(result));\n\n  // GOOD: The secure processing mode is enabled\n  factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);\n  factory.newTransformer(xslt).transform(xml, new StreamResult(result));\n}  \n```\n\n## References\n* Wikipedia: [XSLT](https://en.wikipedia.org/wiki/XSLT).\n* The Java Tutorials: [Transforming XML Data with XSLT](https://docs.oracle.com/javase/tutorial/jaxp/xslt/transformingXML.html).\n* [XSLT Injection Basics](https://blog.hunniccyber.com/ektron-cms-remote-code-execution-xslt-transform-injection-java/).\n* Common Weakness Enumeration: [CWE-74](https://cwe.mitre.org/data/definitions/74.html).\n"
-                },
-                "id": "java/xslt-injection",
-                "name": "java/xslt-injection",
-                "properties": {
-                  "tags": [
-                    "external/cwe/cwe-074",
-                    "security"
-                  ]
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/introduction/SqlInjectionLesson10.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "XSLT transformation with user-controlled stylesheet"
+                "region": {
+                  "start_line": 52,
+                  "start_column": 35,
+                  "end_line": 52,
+                  "end_column": 69
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Writing user input directly to a web page allows for a cross-site scripting vulnerability."
-                },
-                "help": {
-                  "markdown": "# Cross-site scripting\nDirectly writing user input (for example, an HTTP request parameter) to a web page, without properly sanitizing the input first, allows for a cross-site scripting vulnerability.\n\n\n## Recommendation\nTo guard against cross-site scripting, consider using contextual output encoding/escaping before writing user input to the page, or one of the other solutions that are mentioned in the reference.\n\n\n## Example\nThe following example shows the page parameter being written directly to the server error page, leaving the website vulnerable to cross-site scripting.\n\n\n```java\npublic class XSS extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: a request parameter is written directly to an error response page\n\t\tresponse.sendError(HttpServletResponse.SC_NOT_FOUND,\n\t\t\t\t\"The page \\\"\" + request.getParameter(\"page\") + \"\\\" was not found.\");\n\t}\n}\n\n```\n\n## References\n* OWASP: [XSS (Cross Site Scripting) Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html).\n* Wikipedia: [Cross-site scripting](http://en.wikipedia.org/wiki/Cross-site_scripting).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n",
-                  "text": "# Cross-site scripting\nDirectly writing user input (for example, an HTTP request parameter) to a web page, without properly sanitizing the input first, allows for a cross-site scripting vulnerability.\n\n\n## Recommendation\nTo guard against cross-site scripting, consider using contextual output encoding/escaping before writing user input to the page, or one of the other solutions that are mentioned in the reference.\n\n\n## Example\nThe following example shows the page parameter being written directly to the server error page, leaving the website vulnerable to cross-site scripting.\n\n\n```java\npublic class XSS extends HttpServlet {\n\tprotected void doGet(HttpServletRequest request, HttpServletResponse response)\n\tthrows ServletException, IOException {\n\t\t// BAD: a request parameter is written directly to an error response page\n\t\tresponse.sendError(HttpServletResponse.SC_NOT_FOUND,\n\t\t\t\t\"The page \\\"\" + request.getParameter(\"page\") + \"\\\" was not found.\");\n\t}\n}\n\n```\n\n## References\n* OWASP: [XSS (Cross Site Scripting) Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html).\n* Wikipedia: [Cross-site scripting](http://en.wikipedia.org/wiki/Cross-site_scripting).\n* Common Weakness Enumeration: [CWE-79](https://cwe.mitre.org/data/definitions/79.html).\n"
+              "message": {
+                "text": "this user input"
+              }
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 2,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/2"
+          }
+        },
+        {
+          "rule": {
+            "index": 28,
+            "tool_component": {
+              "index": 14
+            }
+          },
+          "level": "error",
+          "message": {
+            "text": "Query might include code from [this user input](1).\nQuery might include code from [this user input](2)."
+          },
+          "locations": [
+            {
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java",
+                  "index": 20
                 },
-                "id": "java/xss",
-                "name": "java/xss",
-                "properties": {
-                  "security-severity": "6.100000",
-                  "tags": [
-                    "external/cwe/cwe-079",
-                    "security"
+                "region": {
+                  "start_line": 67,
+                  "start_column": 60,
+                  "end_line": 67,
+                  "end_column": 65
+                }
+              }
+            }
+          ],
+          "guid": "636c5002-c56a-44a4-8eb4-db0b94fbb0c9",
+          "correlation_guid": "11e9ead0-0c29-494d-a56c-ffb63d9d57b1",
+          "partial_fingerprints": {
+            "primaryLocationLineHash": "2b95e3c48ba92cd0:1"
+          },
+          "code_flows": [
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java",
+                            "index": 20
+                          },
+                          "region": {
+                            "start_line": 51,
+                            "start_column": 35,
+                            "end_line": 51,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "userid_6a : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java",
+                            "index": 20
+                          },
+                          "region": {
+                            "start_line": 52,
+                            "start_column": 32,
+                            "end_line": 52,
+                            "end_column": 41
+                          }
+                        },
+                        "message": {
+                          "text": "userid_6a : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java",
+                            "index": 20
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 41,
+                            "end_line": 56,
+                            "end_column": 59
+                          }
+                        },
+                        "message": {
+                          "text": "accountName : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java",
+                            "index": 20
+                          },
+                          "region": {
+                            "start_line": 67,
+                            "start_column": 60,
+                            "end_line": 67,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
-                },
-                "shortDescription": {
-                  "text": "Cross-site scripting"
                 }
-              },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Parsing user-controlled XML documents and allowing expansion of external entity references may lead to disclosure of confidential data or denial of service."
-                },
-                "help": {
-                  "markdown": "# Resolving XML external entity in user-controlled data\nParsing untrusted XML files with a weakly configured XML parser may lead to an XML External Entity (XXE) attack. This type of attack uses external entity references to access arbitrary files on a system, carry out denial of service, or server side request forgery. Even when the result of parsing is not returned to the user, out-of-band data retrieval techniques may allow attackers to steal sensitive data. Denial of services can also be carried out in this situation.\n\nThere are many XML parsers for Java, and most of them are vulnerable to XXE because their default settings enable parsing of external entities. This query currently identifies vulnerable XML parsing from the following parsers: `javax.xml.parsers.DocumentBuilder`, `javax.xml.stream.XMLStreamReader`, `org.jdom.input.SAXBuilder`/`org.jdom2.input.SAXBuilder`, `javax.xml.parsers.SAXParser`,`org.dom4j.io.SAXReader`, `org.xml.sax.XMLReader`, `javax.xml.transform.sax.SAXSource`, `javax.xml.transform.TransformerFactory`, `javax.xml.transform.sax.SAXTransformerFactory`, `javax.xml.validation.SchemaFactory`, `javax.xml.bind.Unmarshaller` and `javax.xml.xpath.XPathExpression`.\n\n\n## Recommendation\nThe best way to prevent XXE attacks is to disable the parsing of any Document Type Declarations (DTDs) in untrusted data. If this is not possible you should disable the parsing of external general entities and external parameter entities. This improves security but the code will still be at risk of denial of service and server side request forgery attacks. Protection against denial of service attacks may also be implemented by setting entity expansion limits, which is done by default in recent JDK and JRE implementations. Because there are many different ways to disable external entity retrieval with varying support between different providers, in this query we choose to specifically check for the [OWASP recommended way](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#java) to disable external entity retrieval for a particular parser. There may be other ways of making a particular parser safe which deviate from these guidelines, in which case this query will continue to flag the parser as potentially dangerous.\n\n\n## Example\nThe following example calls `parse` on a `DocumentBuilder` that is not safely configured on untrusted data, and is therefore inherently unsafe.\n\n\n```java\npublic void parse(Socket sock) throws Exception {\n  DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();\n  DocumentBuilder builder = factory.newDocumentBuilder();\n  builder.parse(sock.getInputStream()); //unsafe\n}\n\n```\nIn this example, the `DocumentBuilder` is created with DTD disabled, securing it against XXE attack.\n\n\n```java\npublic void disableDTDParse(Socket sock) throws Exception {\n  DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();\n  factory.setFeature(\"http://apache.org/xml/features/disallow-doctype-decl\", true);\n  DocumentBuilder builder = factory.newDocumentBuilder();\n  builder.parse(sock.getInputStream()); //safe\n}\n\n```\n\n## References\n* OWASP vulnerability description: [XML External Entity (XXE) Processing](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing).\n* OWASP guidance on parsing xml files: [XXE Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#java).\n* Paper by Timothy Morgen: [XML Schema, DTD, and Entity Attacks](https://research.nccgroup.com/2014/05/19/xml-schema-dtd-and-entity-attacks-a-compendium-of-known-techniques/)\n* Out-of-band data retrieval: Timur Yunusov &amp; Alexey Osipov, Black hat EU 2013: [XML Out-Of-Band Data Retrieval](https://www.slideshare.net/qqlan/bh-ready-v4).\n* Denial of service attack (Billion laughs): [Billion Laughs.](https://en.wikipedia.org/wiki/Billion_laughs)\n* The Java Tutorials: [Processing Limit Definitions.](https://docs.oracle.com/javase/tutorial/jaxp/limits/limits.html)\n* Common Weakness Enumeration: [CWE-611](https://cwe.mitre.org/data/definitions/611.html).\n* Common Weakness Enumeration: [CWE-776](https://cwe.mitre.org/data/definitions/776.html).\n* Common Weakness Enumeration: [CWE-827](https://cwe.mitre.org/data/definitions/827.html).\n",
-                  "text": "# Resolving XML external entity in user-controlled data\nParsing untrusted XML files with a weakly configured XML parser may lead to an XML External Entity (XXE) attack. This type of attack uses external entity references to access arbitrary files on a system, carry out denial of service, or server side request forgery. Even when the result of parsing is not returned to the user, out-of-band data retrieval techniques may allow attackers to steal sensitive data. Denial of services can also be carried out in this situation.\n\nThere are many XML parsers for Java, and most of them are vulnerable to XXE because their default settings enable parsing of external entities. This query currently identifies vulnerable XML parsing from the following parsers: `javax.xml.parsers.DocumentBuilder`, `javax.xml.stream.XMLStreamReader`, `org.jdom.input.SAXBuilder`/`org.jdom2.input.SAXBuilder`, `javax.xml.parsers.SAXParser`,`org.dom4j.io.SAXReader`, `org.xml.sax.XMLReader`, `javax.xml.transform.sax.SAXSource`, `javax.xml.transform.TransformerFactory`, `javax.xml.transform.sax.SAXTransformerFactory`, `javax.xml.validation.SchemaFactory`, `javax.xml.bind.Unmarshaller` and `javax.xml.xpath.XPathExpression`.\n\n\n## Recommendation\nThe best way to prevent XXE attacks is to disable the parsing of any Document Type Declarations (DTDs) in untrusted data. If this is not possible you should disable the parsing of external general entities and external parameter entities. This improves security but the code will still be at risk of denial of service and server side request forgery attacks. Protection against denial of service attacks may also be implemented by setting entity expansion limits, which is done by default in recent JDK and JRE implementations. Because there are many different ways to disable external entity retrieval with varying support between different providers, in this query we choose to specifically check for the [OWASP recommended way](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#java) to disable external entity retrieval for a particular parser. There may be other ways of making a particular parser safe which deviate from these guidelines, in which case this query will continue to flag the parser as potentially dangerous.\n\n\n## Example\nThe following example calls `parse` on a `DocumentBuilder` that is not safely configured on untrusted data, and is therefore inherently unsafe.\n\n\n```java\npublic void parse(Socket sock) throws Exception {\n  DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();\n  DocumentBuilder builder = factory.newDocumentBuilder();\n  builder.parse(sock.getInputStream()); //unsafe\n}\n\n```\nIn this example, the `DocumentBuilder` is created with DTD disabled, securing it against XXE attack.\n\n\n```java\npublic void disableDTDParse(Socket sock) throws Exception {\n  DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();\n  factory.setFeature(\"http://apache.org/xml/features/disallow-doctype-decl\", true);\n  DocumentBuilder builder = factory.newDocumentBuilder();\n  builder.parse(sock.getInputStream()); //safe\n}\n\n```\n\n## References\n* OWASP vulnerability description: [XML External Entity (XXE) Processing](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing).\n* OWASP guidance on parsing xml files: [XXE Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#java).\n* Paper by Timothy Morgen: [XML Schema, DTD, and Entity Attacks](https://research.nccgroup.com/2014/05/19/xml-schema-dtd-and-entity-attacks-a-compendium-of-known-techniques/)\n* Out-of-band data retrieval: Timur Yunusov &amp; Alexey Osipov, Black hat EU 2013: [XML Out-Of-Band Data Retrieval](https://www.slideshare.net/qqlan/bh-ready-v4).\n* Denial of service attack (Billion laughs): [Billion Laughs.](https://en.wikipedia.org/wiki/Billion_laughs)\n* The Java Tutorials: [Processing Limit Definitions.](https://docs.oracle.com/javase/tutorial/jaxp/limits/limits.html)\n* Common Weakness Enumeration: [CWE-611](https://cwe.mitre.org/data/definitions/611.html).\n* Common Weakness Enumeration: [CWE-776](https://cwe.mitre.org/data/definitions/776.html).\n* Common Weakness Enumeration: [CWE-827](https://cwe.mitre.org/data/definitions/827.html).\n"
-                },
-                "id": "java/xxe",
-                "name": "java/xxe",
-                "properties": {
-                  "security-severity": "9.100000",
-                  "tags": [
-                    "external/cwe/cwe-611",
-                    "external/cwe/cwe-776",
-                    "external/cwe/cwe-827",
-                    "security"
+              ]
+            },
+            {
+              "thread_flows": [
+                {
+                  "locations": [
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidation.java",
+                            "index": 21
+                          },
+                          "region": {
+                            "start_line": 48,
+                            "start_column": 32,
+                            "end_line": 48,
+                            "end_column": 95
+                          }
+                        },
+                        "message": {
+                          "text": "userId : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidation.java",
+                            "index": 21
+                          },
+                          "region": {
+                            "start_line": 52,
+                            "start_column": 62,
+                            "end_line": 52,
+                            "end_column": 68
+                          }
+                        },
+                        "message": {
+                          "text": "userId : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java",
+                            "index": 20
+                          },
+                          "region": {
+                            "start_line": 56,
+                            "start_column": 41,
+                            "end_line": 56,
+                            "end_column": 59
+                          }
+                        },
+                        "message": {
+                          "text": "accountName : String"
+                        }
+                      }
+                    },
+                    {
+                      "location": {
+                        "physical_location": {
+                          "artifact_location": {
+                            "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java",
+                            "index": 20
+                          },
+                          "region": {
+                            "start_line": 67,
+                            "start_column": 60,
+                            "end_line": 67,
+                            "end_column": 65
+                          }
+                        },
+                        "message": {
+                          "text": "query"
+                        }
+                      }
+                    }
                   ]
+                }
+              ]
+            }
+          ],
+          "related_locations": [
+            {
+              "id": 1,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/advanced/SqlInjectionLesson6a.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Resolving XML external entity in user-controlled data"
+                "region": {
+                  "start_line": 51,
+                  "start_column": 35,
+                  "end_line": 51,
+                  "end_column": 65
                 }
               },
-              {
-                "defaultConfiguration": {
-                  "level": "error"
-                },
-                "fullDescription": {
-                  "text": "Extracting files from a malicious archive without validating that the destination file path is within the destination directory can cause files outside the destination directory to be overwritten."
-                },
-                "help": {
-                  "markdown": "# Arbitrary file write during archive extraction (\"Zip Slip\")\nExtracting files from a malicious zip archive (or another archive format) without validating that the destination file path is within the destination directory can cause files outside the destination directory to be overwritten, due to the possible presence of directory traversal elements (`..`) in archive paths.\n\nZip archives contain archive entries representing each file in the archive. These entries include a file path for the entry, but these file paths are not restricted and may contain unexpected special elements such as the directory traversal element (`..`). If these file paths are used to determine an output file to write the contents of the archive item to, then the file may be written to an unexpected location. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\nFor example, if a zip file contains a file entry `..\\sneaky-file`, and the zip file is extracted to the directory `c:\\output`, then naively combining the paths would result in an output file path of `c:\\output\\..\\sneaky-file`, which would cause the file to be written to `c:\\sneaky-file`.\n\n\n## Recommendation\nEnsure that output paths constructed from zip archive entries are validated to prevent writing files to unexpected locations.\n\nThe recommended way of writing an output file from a zip archive entry is to verify that the normalized full path of the output file starts with a prefix that matches the destination directory. Path normalization can be done with either `java.io.File.getCanonicalFile()` or `java.nio.file.Path.normalize()`. Prefix checking can be done with `String.startsWith(..)`, but it is better to use `java.nio.file.Path.startsWith(..)`, as the latter works on complete path segments.\n\nAnother alternative is to validate archive entries against a whitelist of expected files.\n\n\n## Example\nIn this example, a file path taken from a zip archive item entry is combined with a destination directory. The result is used as the destination file path without verifying that the result is within the destination directory. If provided with a zip file containing an archive path like `..\\sneaky-file`, then this file would be written outside the destination directory.\n\n\n```java\nvoid writeZipEntry(ZipEntry entry, File destinationDir) {\n    File file = new File(destinationDir, entry.getName());\n    FileOutputStream fos = new FileOutputStream(file); // BAD\n    // ... write entry to fos ...\n}\n\n```\nTo fix this vulnerability, we need to verify that the normalized `file` still has `destinationDir` as its prefix, and throw an exception if this is not the case.\n\n\n```java\nvoid writeZipEntry(ZipEntry entry, File destinationDir) {\n    File file = new File(destinationDir, entry.getName());\n    if (!file.toPath().normalize().startsWith(destinationDir.toPath()))\n        throw new Exception(\"Bad zip entry\");\n    FileOutputStream fos = new FileOutputStream(file); // OK\n    // ... write entry to fos ...\n}\n\n```\n\n## References\n* Snyk: [Zip Slip Vulnerability](https://snyk.io/research/zip-slip-vulnerability).\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n",
-                  "text": "# Arbitrary file write during archive extraction (\"Zip Slip\")\nExtracting files from a malicious zip archive (or another archive format) without validating that the destination file path is within the destination directory can cause files outside the destination directory to be overwritten, due to the possible presence of directory traversal elements (`..`) in archive paths.\n\nZip archives contain archive entries representing each file in the archive. These entries include a file path for the entry, but these file paths are not restricted and may contain unexpected special elements such as the directory traversal element (`..`). If these file paths are used to determine an output file to write the contents of the archive item to, then the file may be written to an unexpected location. This can result in sensitive information being revealed or deleted, or an attacker being able to influence behavior by modifying unexpected files.\n\nFor example, if a zip file contains a file entry `..\\sneaky-file`, and the zip file is extracted to the directory `c:\\output`, then naively combining the paths would result in an output file path of `c:\\output\\..\\sneaky-file`, which would cause the file to be written to `c:\\sneaky-file`.\n\n\n## Recommendation\nEnsure that output paths constructed from zip archive entries are validated to prevent writing files to unexpected locations.\n\nThe recommended way of writing an output file from a zip archive entry is to verify that the normalized full path of the output file starts with a prefix that matches the destination directory. Path normalization can be done with either `java.io.File.getCanonicalFile()` or `java.nio.file.Path.normalize()`. Prefix checking can be done with `String.startsWith(..)`, but it is better to use `java.nio.file.Path.startsWith(..)`, as the latter works on complete path segments.\n\nAnother alternative is to validate archive entries against a whitelist of expected files.\n\n\n## Example\nIn this example, a file path taken from a zip archive item entry is combined with a destination directory. The result is used as the destination file path without verifying that the result is within the destination directory. If provided with a zip file containing an archive path like `..\\sneaky-file`, then this file would be written outside the destination directory.\n\n\n```java\nvoid writeZipEntry(ZipEntry entry, File destinationDir) {\n    File file = new File(destinationDir, entry.getName());\n    FileOutputStream fos = new FileOutputStream(file); // BAD\n    // ... write entry to fos ...\n}\n\n```\nTo fix this vulnerability, we need to verify that the normalized `file` still has `destinationDir` as its prefix, and throw an exception if this is not the case.\n\n\n```java\nvoid writeZipEntry(ZipEntry entry, File destinationDir) {\n    File file = new File(destinationDir, entry.getName());\n    if (!file.toPath().normalize().startsWith(destinationDir.toPath()))\n        throw new Exception(\"Bad zip entry\");\n    FileOutputStream fos = new FileOutputStream(file); // OK\n    // ... write entry to fos ...\n}\n\n```\n\n## References\n* Snyk: [Zip Slip Vulnerability](https://snyk.io/research/zip-slip-vulnerability).\n* OWASP: [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal).\n* Common Weakness Enumeration: [CWE-22](https://cwe.mitre.org/data/definitions/22.html).\n"
-                },
-                "id": "java/zipslip",
-                "name": "java/zipslip",
-                "properties": {
-                  "security-severity": "7.500000",
-                  "tags": [
-                    "external/cwe/cwe-022",
-                    "security"
-                  ]
+              "message": {
+                "text": "this user input"
+              }
+            },
+            {
+              "id": 2,
+              "physical_location": {
+                "artifact_location": {
+                  "uri": "webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/sql_injection/mitigation/SqlOnlyInputValidation.java",
+                  "index": 0
                 },
-                "shortDescription": {
-                  "text": "Arbitrary file write during archive extraction (\"Zip Slip\")"
+                "region": {
+                  "start_line": 48,
+                  "start_column": 32,
+                  "end_line": 48,
+                  "end_column": 95
                 }
+              },
+              "message": {
+                "text": "this user input"
               }
-            ],
-            "semanticVersion": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/javascript-examples",
-            "semanticVersion": "0.0.3+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/go-queries",
-            "semanticVersion": "0.0.7+14d227a232489bccc3e2661088452af185a2516b"
-          },
-          {
-            "name": "codeql/python-queries",
-            "semanticVersion": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/cpp-all",
-            "semanticVersion": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/cpp-queries",
-            "semanticVersion": "0.0.8+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/javascript-queries",
-            "semanticVersion": "0.0.9+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
-          },
-          {
-            "name": "codeql/go-all",
-            "semanticVersion": "0.0.7+14d227a232489bccc3e2661088452af185a2516b"
-          },
-          {
-            "name": "codeql/suite-helpers",
-            "semanticVersion": "0.0.3+50f546043a9ecea98b2bf34e7376ee9ef30a8779"
+            }
+          ],
+          "properties": {
+            "github/alertNumber": 1,
+            "github/alertUrl": "https://api.github.com/repos/nahsra/WebGoat/code-scanning/alerts/1"
           }
-        ]
-      },
-      "versionControlProvenance": [
-        {
-          "branch": "refs/heads/develop",
-          "repositoryUri": "https://github.com/nahsra/WebGoat",
-          "revisionId": "701eef1f1db29088d14480b3a2aad4610aa709df"
         }
-      ]
+      ],
+      "automation_details": {
+        "id": ".github/workflows/codeql.yml:analyse/"
+      }
     }
-  ],
-  "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
-  "version": "2.1.0"
+  ]
 }
diff --git a/tests/test_codeql.py b/tests/test_codeql.py
index 2591c686..dd599716 100644
--- a/tests/test_codeql.py
+++ b/tests/test_codeql.py
@@ -222,6 +222,7 @@ def test_from_sarif(self):
             },
             "results": [
                 {
+                    "guid": "66018abf-e7e3-4725-b227-f130a8256ecc",
                     "ruleId": "python/sql-injection",
                     "message": {"text": "Possible SQL injection"},
                     "locations": [
@@ -243,6 +244,7 @@ def test_from_sarif(self):
                     },
                 },
                 {
+                    "guid": "408ec96f-3c9f-4db7-ad23-1eb5c0fd9dc9",
                     "ruleId": "cs/web/missing-x-frame-options",
                     "message": {
                         "text": "Configuration file is missing the X-Frame-Options setting."
@@ -264,6 +266,7 @@ def test_from_sarif(self):
                     },
                 },
                 {
+                    "guid": "b670d14a-36fe-47e4-94ff-b21a0c81219e",
                     "codeFlows": [
                         {
                             "threadFlows": [
diff --git a/tests/test_regex_transformer.py b/tests/test_regex_transformer.py
index 5f794b45..6b0f4ef0 100644
--- a/tests/test_regex_transformer.py
+++ b/tests/test_regex_transformer.py
@@ -147,6 +147,7 @@ def test_sast_transformer(mocker, tmp_path_factory):
                     "tool": {"driver": {"name": "Semgrep OSS"}},
                     "results": [
                         {
+                            "guid": "e6e6f84a-0fac-472e-9215-4e31e6898f81",
                             "message": {"text": "message"},
                             "fingerprints": {"matchBasedId/v1": "123"},
                             "locations": [
diff --git a/tests/test_xml_transformer.py b/tests/test_xml_transformer.py
index f8602806..44cd6e19 100644
--- a/tests/test_xml_transformer.py
+++ b/tests/test_xml_transformer.py
@@ -135,6 +135,7 @@ def test_change_only_line_matching_result(self):
                         "tool": {"driver": {"name": "Semgrep OSS"}},
                         "results": [
                             {
+                                "guid": "d556141d-ee92-4bb7-85d8-ce605451289a",
                                 "message": {"text": "message"},
                                 "fingerprints": {"matchBasedId/v1": "123"},
                                 "locations": [