tslint-microsoft-contrib/cwe_descriptions.json

{
    "22": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
    "75": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)",
    "79": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
    "85": "Doubled Character XSS Manipulations",
    "88": "Argument Injection or Modification",
    "95": "Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
    "116": "Improper Encoding or Escaping of Output",
    "157": "Failure to Sanitize Paired Delimiters",
    "159": "Failure to Sanitize Special Element",
    "242": "Use of Inherently Dangerous Function",
    "315": "Cleartext Storage of Sensitive Information in a Cookie",
    "319": "Cleartext Transmission of Sensitive Information",
    "330": "Use of Insufficiently Random Values",
    "351": "Insufficient Type Distinction",
    "398": "Indicator of Poor Code Quality",
    "453": "Insecure Default Variable Initialization",
    "454": "External Initialization of Trusted Variables or Data Stores",
    "456": "Missing Initialization of a Variable",
    "462": "Duplicate Key in Associative List (Alist)",
    "474": "Use of Function with Inconsistent Implementations",
    "478": "Missing Default Case in Switch Statement",
    "480": "Use of Incorrect Operator",
    "481": "Assigning instead of Comparing",
    "483": "Incorrect Block Delimitation",
    "484": "Omitted Break Statement in Switch",
    "539": "Information Exposure Through Persistent Cookies",
    "546": "Suspicious Comment",
    "563": "Assignment to Variable without Use ('Unused Variable')",
    "565": "Reliance on Cookies without Validation and Integrity Checking",
    "570": "Expression is Always False",
    "571": "Expression is Always True",
    "584": "Return Inside Finally Block",
    "597": "Use of Wrong Operator in String Comparison",
    "614": "Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
    "670": "Always-Incorrect Control Flow Implementation",
    "676": "Use of Potentially Dangerous Function",
    "694": "Use of Multiple Resources with Duplicate Identifier",
    "704": "Incorrect Type Conversion or Cast",
    "705": "Incorrect Control Flow Scoping",
    "710": "Coding Standards Violation",
    "749": "Exposed Dangerous Method or Function",
    "915": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
}
[Issue #183] CWE Weakness Spreadsheet - Added rule metadata to all rules 2016-08-03 11:11:26 +03:00			`{`
Use prettier to format source files (#623) * Add prettier, prettierrc and prettierignore * Add tslint-config-prettier to avoid tslint and prettier conflicts * First prettier run * Prettify json files * Ignore package.json and package-lock.json * Prettier json files * Use single quotes * Revert to single quotes * Use 4 spaces when creating JSON files * Remove TODO comments * Bring back TODO comments * Add tslint:check as part of test script * Remove conflicting rules from tslint.json as reported by tslint-config-prettier * Use exact version for prettier * Fix tests * tslint-disable for variable-name * Add no-unnecessary-semicolons to disabled rules * Disable arrow-return-shorthand * Make comment spacing consistent * Update recommendations * Single space before and after curly parens * Generate recommended_ruleset with single quotes * Single quote 'rule' key * Grammatical fix * Generate recommended ruleset * Ignore recommended_ruleset.js * Format markdown files using prettier * Format .md files Remove new line * Add tslint:check before linting * Update .prettierignore * Add husky and lint-staged * Run prettier on pre-commit * Add prettier-vscode as a recommendation * Escape asterisk * Remove extra space * Remove unwanted string concatenations 2018-11-05 09:56:31 +03:00			`"22": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",`
			`"75": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)",`
			`"79": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",`
			`"85": "Doubled Character XSS Manipulations",`
Added new `detect-child-process` rule (#252) (#855) * Added new `detect-child-process` rule (#252) * Minor docs changes (#252) 2019-04-24 15:19:55 +03:00			`"88": "Argument Injection or Modification",`
Use prettier to format source files (#623) * Add prettier, prettierrc and prettierignore * Add tslint-config-prettier to avoid tslint and prettier conflicts * First prettier run * Prettify json files * Ignore package.json and package-lock.json * Prettier json files * Use single quotes * Revert to single quotes * Use 4 spaces when creating JSON files * Remove TODO comments * Bring back TODO comments * Add tslint:check as part of test script * Remove conflicting rules from tslint.json as reported by tslint-config-prettier * Use exact version for prettier * Fix tests * tslint-disable for variable-name * Add no-unnecessary-semicolons to disabled rules * Disable arrow-return-shorthand * Make comment spacing consistent * Update recommendations * Single space before and after curly parens * Generate recommended_ruleset with single quotes * Single quote 'rule' key * Grammatical fix * Generate recommended ruleset * Ignore recommended_ruleset.js * Format markdown files using prettier * Format .md files Remove new line * Add tslint:check before linting * Update .prettierignore * Add husky and lint-staged * Run prettier on pre-commit * Add prettier-vscode as a recommendation * Escape asterisk * Remove extra space * Remove unwanted string concatenations 2018-11-05 09:56:31 +03:00			`"95": "Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",`
			`"116": "Improper Encoding or Escaping of Output",`
			`"157": "Failure to Sanitize Paired Delimiters",`
			`"159": "Failure to Sanitize Special Element",`
			`"242": "Use of Inherently Dangerous Function",`
			`"315": "Cleartext Storage of Sensitive Information in a Cookie",`
			`"319": "Cleartext Transmission of Sensitive Information",`
			`"330": "Use of Insufficiently Random Values",`
			`"351": "Insufficient Type Distinction",`
			`"398": "Indicator of Poor Code Quality",`
			`"453": "Insecure Default Variable Initialization",`
			`"454": "External Initialization of Trusted Variables or Data Stores",`
			`"456": "Missing Initialization of a Variable",`
			`"462": "Duplicate Key in Associative List (Alist)",`
			`"474": "Use of Function with Inconsistent Implementations",`
			`"478": "Missing Default Case in Switch Statement",`
			`"480": "Use of Incorrect Operator",`
			`"481": "Assigning instead of Comparing",`
			`"483": "Incorrect Block Delimitation",`
			`"484": "Omitted Break Statement in Switch",`
			`"539": "Information Exposure Through Persistent Cookies",`
			`"546": "Suspicious Comment",`
			`"563": "Assignment to Variable without Use ('Unused Variable')",`
			`"565": "Reliance on Cookies without Validation and Integrity Checking",`
			`"570": "Expression is Always False",`
			`"571": "Expression is Always True",`
			`"584": "Return Inside Finally Block",`
			`"597": "Use of Wrong Operator in String Comparison",`
			`"614": "Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",`
			`"670": "Always-Incorrect Control Flow Implementation",`
			`"676": "Use of Potentially Dangerous Function",`
			`"694": "Use of Multiple Resources with Duplicate Identifier",`
			`"704": "Incorrect Type Conversion or Cast",`
			`"705": "Incorrect Control Flow Scoping",`
			`"710": "Coding Standards Violation",`
			`"749": "Exposed Dangerous Method or Function",`
			`"915": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"`
			`}`