org.sonar.l10n.java.rules.java.S4684.json Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of sonar-java-plugin Show documentation

Code Analyzer for Java

There is a newer version: 8.6.0.37351

{
  "title": "Persistent entities should not be used as arguments of \"@RequestMapping\" methods",
  "type": "VULNERABILITY",
  "code": {
    "impacts": {
      "SECURITY": "HIGH"
    },
    "attribute": "CONVENTIONAL"
  },
  "status": "ready",
  "remediation": {
    "func": "Constant\/Issue",
    "constantCost": "10min"
  },
  "tags": [
    "cwe",
    "spring"
  ],
  "defaultSeverity": "Critical",
  "ruleSpecification": "RSPEC-4684",
  "sqKey": "S4684",
  "scope": "Main",
  "securityStandards": {
    "CWE": [
      915
    ],
    "OWASP": [
      "A5"
    ],
    "OWASP Top 10 2021": [
      "A8"
    ],
    "ASVS 4.0": [
      "5.1.2"
    ]
  },
  "quickfix": "unknown"
}