From f39b37e5cd76976afb064e72fc3df82c7c37453f Mon Sep 17 00:00:00 2001 From: Julian Date: Tue, 25 Jun 2024 14:16:54 +0200 Subject: [PATCH 1/2] Add CWE information Adding 668 as Exposure of Resource to Wrong Sphere seems the best fit covering both confidentiality and integrity concerns. --- .../volume_has_sensitive_host_directory/metadata.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/assets/queries/dockerCompose/volume_has_sensitive_host_directory/metadata.json b/assets/queries/dockerCompose/volume_has_sensitive_host_directory/metadata.json index 8d278dfdcd3..d4d91406736 100644 --- a/assets/queries/dockerCompose/volume_has_sensitive_host_directory/metadata.json +++ b/assets/queries/dockerCompose/volume_has_sensitive_host_directory/metadata.json @@ -7,5 +7,5 @@ "descriptionUrl": "https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference", "platform": "DockerCompose", "descriptionID": "8361cc0a", - "cwe": "" -} \ No newline at end of file + "cwe": "668" +} From 2d4222bf59253141327396c614ff0039817ebb98 Mon Sep 17 00:00:00 2001 From: Julian Date: Tue, 2 Jul 2024 16:31:17 +0200 Subject: [PATCH 2/2] Update metadata.json Added missing fields --- .../volume_has_sensitive_host_directory/metadata.json | 2 ++ 1 file changed, 2 insertions(+) diff --git a/assets/queries/dockerCompose/volume_has_sensitive_host_directory/metadata.json b/assets/queries/dockerCompose/volume_has_sensitive_host_directory/metadata.json index d4d91406736..2efc4a55e26 100644 --- a/assets/queries/dockerCompose/volume_has_sensitive_host_directory/metadata.json +++ b/assets/queries/dockerCompose/volume_has_sensitive_host_directory/metadata.json @@ -7,5 +7,7 @@ "descriptionUrl": "https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference", "platform": "DockerCompose", "descriptionID": "8361cc0a", + "oldSeverity": "HIGH", + "cloudProvider": "common", "cwe": "668" }