diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.html
index 3bab734d1cc..66dda168791 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.html
@@ -70,5 +70,7 @@ Standards
Exposure
CWE - CWE-759 - Use of a One-Way Hash without a Salt
CWE - CWE-760 - Use of a One-Way Hash with a Predictable Salt
+ STIG Viewer - Application Security and
+ Development: V-222542 - The application must only store cryptographic representations of passwords.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.json
index 48635986451..6f426ba6a65 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.json
@@ -35,6 +35,9 @@
],
"PCI DSS 4.0": [
"6.2.4"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222542"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2092.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2092.html
index e2fabe531c8..f40117dc49a 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2092.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2092.html
@@ -38,5 +38,7 @@ See
CWE - CWE-311 - Missing Encryption of Sensitive Data
CWE - CWE-315 - Cleartext Storage of Sensitive Information in a Cookie
CWE - CWE-614 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
+ STIG Viewer - Application Security and
+ Development: V-222576 - The application must set the secure flag on session cookies.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2092.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2092.json
index 3d9c275857d..4893092b62c 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2092.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2092.json
@@ -45,6 +45,9 @@
"6.1.1",
"6.1.2",
"6.1.3"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222576"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2184.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2184.html
index e4f54e09e98..8c1eb2f52e3 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2184.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2184.html
@@ -55,11 +55,14 @@ Compliant solution
}
Resources
+Standards
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2184.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2184.json
index 768beedd205..8e308f998ba 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2184.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2184.json
@@ -31,6 +31,9 @@
],
"ASVS 4.0": [
"5.4.3"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222612"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2226.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2226.html
index 66ac8c69dc7..71be12f334c 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2226.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2226.html
@@ -134,7 +134,10 @@ Resources
Articles & blog posts
+Standards
+
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2226.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2226.json
index c598ab0cdc5..f1426202cc8 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2226.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2226.json
@@ -24,6 +24,9 @@
"securityStandards": {
"CERT": [
"MSC11-J."
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222567"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2254.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2254.html
index 402f2164d17..30f874d3d2a 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2254.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2254.html
@@ -49,5 +49,7 @@ Standards
OWASP - Top 10 2017 Category A2 - Broken Authentication
CWE - CWE-807 - Reliance on Untrusted Inputs in a Security Decision
+ STIG Viewer - Application Security and
+ Development: V-222582 - The application must not re-use or recycle session IDs.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2254.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2254.json
index 6153678f56e..eec339f3cdf 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2254.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2254.json
@@ -28,6 +28,9 @@
],
"OWASP Top 10 2021": [
"A4"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222582"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2612.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2612.html
index 962080da918..59a6f61fae6 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2612.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2612.html
@@ -73,5 +73,7 @@ See
Create files with appropriate access permissions
CERT, FIO06-C. - Create
files with appropriate access permissions
+ STIG Viewer - Application Security and
+ Development: V-222430 - The application must execute without excessive account permissions.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2612.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2612.json
index ee62fd05368..9e1235d6f1c 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2612.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2612.json
@@ -44,6 +44,9 @@
],
"ASVS 4.0": [
"4.3.3"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222430"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2647.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2647.html
index b70cf58bca9..d1c66bb56a4 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2647.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2647.html
@@ -105,5 +105,7 @@ Standards
OWASP Web Service Security
Cheat Sheet
CWE - CWE-522 - Insufficiently Protected Credentials
+ STIG Viewer - Application Security and
+ Development: V-222533 - The application must authenticate all network connected endpoint devices before establishing any connection.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2647.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2647.json
index 607d42653d4..8610ca35978 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2647.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2647.json
@@ -35,6 +35,9 @@
],
"ASVS 4.0": [
"2.10.3"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222533"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2696.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2696.html
index f19499f6052..66275ac36e7 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2696.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2696.html
@@ -15,4 +15,10 @@ Noncompliant code example
}
}
+Resources
+Standards
+
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2696.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2696.json
index 731024c82da..0a80eec87cc 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2696.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2696.json
@@ -19,5 +19,10 @@
"ruleSpecification": "RSPEC-2696",
"sqKey": "S2696",
"scope": "Main",
+ "securityStandards": {
+ "STIG ASD 2023-06-08": [
+ "V-222567"
+ ]
+ },
"quickfix": "unknown"
}
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2755.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2755.html
index 18e05fe5c12..c3d23046475 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2755.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2755.html
@@ -150,5 +150,7 @@ Standards
Entities (XXE)
CWE - CWE-611 - Information Exposure Through XML External Entity Reference
CWE - CWE-827 - Improper Control of Document Type Definition
+ STIG Viewer - Application Security and
+ Development: V-222608 - The application must not be vulnerable to XML-oriented attacks.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2755.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2755.json
index 79f1fbc1836..30d28d2f879 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2755.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2755.json
@@ -39,6 +39,9 @@
],
"ASVS 4.0": [
"5.5.2"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222608"
]
},
"quickfix": "infeasible"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2885.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2885.html
index d0c928a0094..879bb02f5f3 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2885.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2885.html
@@ -41,4 +41,9 @@ Articles & blog posts
Baeldung - Thread safety
Baeldung - Static
+Standards
+
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2885.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2885.json
index 2db3f672805..dca347e2b3a 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2885.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2885.json
@@ -19,5 +19,10 @@
"ruleSpecification": "RSPEC-2885",
"sqKey": "S2885",
"scope": "Main",
+ "securityStandards": {
+ "STIG ASD 2023-06-08": [
+ "V-222567"
+ ]
+ },
"quickfix": "unknown"
}
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2886.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2886.html
index 19b1433c58c..b94ce59941c 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2886.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2886.html
@@ -68,13 +68,15 @@ Documentation
Oracle Java - Synchronized Methods
Oracle SE 20 - Synchronized Methods
-Standards
-
- - CERT, VNA01-J. - Ensure visibility of shared references to immutable objects
-
Articles & blog posts
+Standards
+
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2886.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2886.json
index 763f637cb98..1d9bb7f2909 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2886.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2886.json
@@ -23,6 +23,9 @@
"securityStandards": {
"CERT": [
"VNA01-J."
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222567"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3330.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3330.html
index 24b7739eacc..4f754990d94 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3330.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3330.html
@@ -39,5 +39,7 @@ See
(XSS)
CWE - CWE-1004 - Sensitive Cookie Without 'HttpOnly' Flag
Derived from FindSecBugs rule HTTPONLY_COOKIE
+ STIG Viewer - Application Security and
+ Development: V-222575 - The application must set the HTTPOnly flag on session cookies.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3330.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3330.json
index e39ecd645f6..d88c94437cf 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3330.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3330.json
@@ -38,6 +38,9 @@
],
"ASVS 4.0": [
"3.4.2"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222575"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3518.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3518.html
index 22db6b6dc80..4606b5c6e94 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3518.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3518.html
@@ -44,16 +44,15 @@ Resources
Documentation
-Articles & blog posts
+Standards
-Standards
-
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3518.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3518.json
index 75e3d193022..bafd784f171 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3518.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S3518.json
@@ -29,6 +29,9 @@
],
"CWE": [
369
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222612"
]
},
"quickfix": "infeasible"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4502.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4502.html
index 85de4aeeb8d..606f6b8babc 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4502.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4502.html
@@ -57,5 +57,7 @@ See
OWASP - Top 10 2017 Category A6 - Security
Misconfiguration
OWASP: Cross-Site Request Forgery
+ STIG Viewer - Application Security and
+ Development: V-222603 - The application must protect from Cross-Site Request Forgery (CSRF) vulnerabilities.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4502.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4502.json
index f243103b32a..9d0a4f2ef7c 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4502.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4502.json
@@ -39,6 +39,9 @@
"ASVS 4.0": [
"13.2.3",
"4.2.2"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222603"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4830.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4830.html
index 6be4e0a2a94..cbecb915c47 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4830.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4830.html
@@ -70,6 +70,8 @@ Standards
OWASP - Mobile AppSec
Verification Standard - Network Communication Requirements
CWE - CWE-295 - Improper Certificate Validation
+ STIG Viewer - Application Security and
+ Development: V-222550 - The application must validate certificates by constructing a certification path to an accepted trust anchor.
https://wiki.sei.cmu.edu/confluence/display/java/MSC61-J.+Do+not+use+insecure+or+weak+cryptographic+algorithms
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4830.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4830.json
index bbcccc263f0..2c3ea6fc429 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4830.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4830.json
@@ -56,6 +56,9 @@
"ASVS 4.0": [
"1.9.2",
"9.2.1"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222550"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5332.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5332.html
index 033cea26e01..9d010389b5e 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5332.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5332.html
@@ -119,21 +119,51 @@ Exceptions
Insecure protocol scheme followed by loopback addresses like 127.0.0.1 or localhost.
See
+Documentation
+Articles & blog posts
+
+Standards
+
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5332.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5332.json
index 9c1e4922df5..1c02db62907 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5332.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5332.json
@@ -44,6 +44,17 @@
"1.9.1",
"9.1.1",
"9.2.2"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222397",
+ "V-222534",
+ "V-222562",
+ "V-222563",
+ "V-222577",
+ "V-222596",
+ "V-222597",
+ "V-222598",
+ "V-222599"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5344.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5344.html
index 8a00a320ce7..3dfc6d6b815 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5344.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5344.html
@@ -91,5 +91,7 @@ Standards
Exposure
CWE - CWE-256 - Plaintext Storage of a Password
CWE - CWE-916 - Use of Password Hash With Insufficient Computational Effort
+ STIG Viewer - Application Security and
+ Development: V-222542 - The application must only store cryptographic representations of passwords.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5344.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5344.json
index a1b9666abd2..982ecf7c343 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5344.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5344.json
@@ -45,6 +45,9 @@
"2.4.3",
"2.4.4",
"2.4.5"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222542"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5443.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5443.html
index 03e76d3bf76..9a8e9c51caa 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5443.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5443.html
@@ -82,5 +82,7 @@ See
CWE - CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions
OWASP, Insecure Temporary File
+ STIG Viewer - Application Security and
+ Development: V-222567 - The application must not be vulnerable to race conditions.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5443.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5443.json
index 6a9b0ff38f7..139e11afd8c 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5443.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5443.json
@@ -32,6 +32,9 @@
],
"PCI DSS 4.0": [
"6.2.4"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222567"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.html
index f591cd63fe9..ed4bc98515f 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.html
@@ -84,5 +84,7 @@ Standards
CWE - CWE-377 - Insecure Temporary File
CWE - CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions
+ STIG Viewer - Application Security and
+ Development: V-222567 - The application must not be vulnerable to race conditions.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.json
index bf744735699..13f111f8273 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.json
@@ -35,6 +35,9 @@
],
"PCI DSS 4.0": [
"6.2.4"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222567"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5527.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5527.html
index 5ef97225c91..c18f374c13a 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5527.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5527.html
@@ -204,6 +204,8 @@ Standards
OWASP - Mobile Top 10 2016 Category M3 - Insecure
Communication
CWE - CWE-297 - Improper Validation of Certificate with Host Mismatch
+ STIG Viewer - Application Security and
+ Development: V-222550 - The application must validate certificates by constructing a certification path to an accepted trust anchor.
https://wiki.sei.cmu.edu/confluence/display/java/MSC61-J.+Do+not+use+insecure+or+weak+cryptographic+algorithms
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5527.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5527.json
index 40979875cf4..cf1834c370f 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5527.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5527.json
@@ -48,6 +48,9 @@
"PCI DSS 4.0": [
"4.2.1",
"6.2.4"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222550"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5547.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5547.html
index 0fa717c315e..5eda82bb0a8 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5547.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5547.html
@@ -68,5 +68,7 @@ Standards
OWASP - Top 10 2017 Category A6 - Security
Misconfiguration
CWE - CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
+ STIG Viewer - Application Security and
+ Development: V-222396 - The application must implement DoD-approved encryption to protect the confidentiality of remote access sessions.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5547.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5547.json
index 6b8676249dc..e63fbe3dd10 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5547.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5547.json
@@ -55,6 +55,9 @@
"6.2.3",
"6.2.5",
"8.3.7"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222396"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5786.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5786.html
index 22ca282b877..b6cb3d71e80 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5786.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5786.html
@@ -14,8 +14,8 @@ What is the potential impact?
The code will be non-conventional and readability can be slightly affected.
Exceptions
This rule does not raise an issue when the visibility is set to private, because private test methods and classes are
-systematically ignored by JUnit5, without a proper warning. In this case, there is also an impact on reliability and so it is handled by the rule {rule:java:S5810}.
+systematically ignored by JUnit5, without a proper warning. In this case, there is also an impact on reliability and so it is handled by the rule
+{rule:java:S5810}.
How to fix it
You can simply change the visibility by removing the public or protected keywords.
Code examples
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5876.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5876.html
index 2f64310be9a..89edd0ede9b 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5876.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5876.html
@@ -82,5 +82,9 @@ Standards
OWASP Sesssion Fixation
CWE - CWE-384 - Session Fixation
+ STIG Viewer - Application Security and
+ Development: V-222579 - Applications must use system-generated session identifiers that protect against session fixation.
+ STIG Viewer - Application Security and
+ Development: V-222582 - The application must not re-use or recycle session IDs.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5876.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5876.json
index 1b0d2fd7757..2d65b9cbb22 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5876.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5876.json
@@ -38,6 +38,10 @@
],
"ASVS 4.0": [
"3.2.1"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222579",
+ "V-222582"
]
},
"quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6373.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6373.html
index 6de75a8c1f6..afe3d20dc89 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6373.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6373.html
@@ -98,5 +98,7 @@ Standards
OWASP - Top 10 2021 - Category A5 - Security Misconfiguration
CWE - CWE-611 - Improper Restriction of XML External Entity Reference
CWE - CWE-827 - Improper Control of Document Type Definition
+ STIG Viewer - Application Security and
+ Development: V-222608 - The application must not be vulnerable to XML-oriented attacks.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6373.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6373.json
index 62bcd906074..1574a93f442 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6373.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6373.json
@@ -38,6 +38,9 @@
],
"ASVS 4.0": [
"5.5.2"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222608"
]
},
"quickfix": "infeasible"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6376.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6376.html
index baddb5ced18..fedac9b9425 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6376.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6376.html
@@ -86,5 +86,11 @@ Standards
Entities (XXE)
CWE - CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity
Expansion')
+ STIG Viewer - Application Security and
+ Development: V-222593 - XML-based applications must mitigate DoS attacks by using XML filters, parser options, or gateways.
+ STIG Viewer - Application Security and
+ Development: V-222667 - Protections against DoS attacks must be implemented.
+ STIG Viewer - Application Security and
+ Development: V-222608 - The application must not be vulnerable to XML-oriented attacks.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6376.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6376.json
index c86f34cbc9c..71c531bc225 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6376.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6376.json
@@ -28,6 +28,11 @@
],
"OWASP Top 10 2021": [
"A5"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222593",
+ "V-222608",
+ "V-222667"
]
},
"quickfix": "infeasible"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6377.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6377.html
index b1f45a949b6..6560c6b1ddf 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6377.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6377.html
@@ -59,5 +59,7 @@ Standards
OWASP - Top 10 2017 Category A3 - Sensitive Data
Exposure
CWE - CWE-347 - Improper Verification of Cryptographic Signature
+ STIG Viewer - Application Security and
+ Development: V-222608 - The application must not be vulnerable to XML-oriented attacks.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6377.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6377.json
index 43deb9a7af1..48e9387c884 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6377.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6377.json
@@ -28,6 +28,9 @@
],
"OWASP Top 10 2021": [
"A2"
+ ],
+ "STIG ASD 2023-06-08": [
+ "V-222608"
]
},
"quickfix": "infeasible"
diff --git a/sonarpedia.json b/sonarpedia.json
index 20874ae9c44..e0c57ff7849 100644
--- a/sonarpedia.json
+++ b/sonarpedia.json
@@ -3,7 +3,7 @@
"languages": [
"JAVA"
],
- "latest-update": "2024-04-24T09:55:28.527679Z",
+ "latest-update": "2024-06-04T10:14:15.293345Z",
"options": {
"no-language-in-filenames": true,
"preserve-filenames": false