SONARJAVA-4332 Update rules metadata (#4160)

* broken links
* security standards
* missing quickfix information

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S106.html

@@ -19,8 +19,8 @@ <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/">OWASP Top 10 2021 Category A9</a> - Security Logging and
   Monitoring Failures </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data Exposure
-  </li>
+  <li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
+  Exposure </li>
   <li> <a href="https://wiki.sei.cmu.edu/confluence/x/nzdGBQ">CERT, ERR02-J.</a> - Prevent exceptions while logging data </li>
 </ul>
 

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S110.json

@@ -6,7 +6,7 @@
     "func": "Linear with offset",
     "linearDesc": "Number of parents above the defined threshold",
     "linearOffset": "4h",
-    "linearFactor": "30mn"
+    "linearFactor": "30min"
   },
   "tags": [
     "design"

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S1166.json

@@ -29,6 +29,11 @@
     ],
     "OWASP Top 10 2021": [
       "A9"
+    ],
+    "ASVS 4.0": [
+      "7.1.3",
+      "7.1.4",
+      "7.2.1"
     ]
   },
   "quickfix": "unknown"

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S1313.html

@@ -47,8 +47,8 @@ <h2>Exceptions</h2>
 <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A01_2021-Broken_Access_Control/">OWASP Top 10 2021 Category A1</a> - Broken Access Control </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data Exposure
-  </li>
+  <li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
+  Exposure </li>
   <li> <a href="https://wiki.sei.cmu.edu/confluence/x/OjdGBQ">CERT, MSC03-J.</a> - Never hard code sensitive information </li>
 </ul>
 

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S1313.json

@@ -24,5 +24,6 @@
     "OWASP Top 10 2021": [
       "A1"
     ]
-  }
+  },
+  "quickfix": "unknown"
 }

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S1874.json

@@ -21,6 +21,9 @@
     ],
     "CWE": [
       477
+    ],
+    "ASVS 4.0": [
+      "1.14.6"
     ]
   },
   "quickfix": "unknown"

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S1989.html

@@ -28,8 +28,8 @@ <h2>Compliant Solution</h2>
 </pre>
 <h2>See</h2>
 <ul>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data Exposure
-  </li>
+  <li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
+  Exposure </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/600">MITRE, CWE-600</a> - Uncaught Exception in Servlet </li>
   <li> <a href="https://wiki.sei.cmu.edu/confluence/x/-zZGBQ">CERT, ERR01-J.</a> - Do not allow exceptions to expose sensitive information </li>
 </ul>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2053.html

@@ -30,8 +30,8 @@ <h2>Compliant Solution</h2>
 <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A02_2021-Cryptographic_Failures/">OWASP Top 10 2021 Category A2</a> - Cryptographic Failures </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data Exposure
-  </li>
+  <li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
+  Exposure </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/759">MITRE, CWE-759</a> - Use of a One-Way Hash without a Salt </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/760">MITRE, CWE-760</a> - Use of a One-Way Hash with a Predictable Salt </li>
   <li> <a href="https://www.sans.org/top25-software-errors/#cat3">SANS Top 25</a> - Porous Defenses </li>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2068.html

@@ -24,31 +24,24 @@ <h2>Recommended Secure Coding Practices</h2>
 </ul>
 <h2>Sensitive Code Example</h2>
 <pre>
-Connection conn = null;
-try {
-  conn = DriverManager.getConnection("jdbc:mysql://localhost/test?" +
-        "user=steve&amp;password=blue"); // Sensitive
-  String uname = "steve";
-  String password = "blue";
-  conn = DriverManager.getConnection("jdbc:mysql://localhost/test?" +
-        "user=" + uname + "&amp;password=" + password); // Sensitive
-
-  java.net.PasswordAuthentication pa = new java.net.PasswordAuthentication("userName", "1234".toCharArray());  // Sensitive
+String username = "steve";
+String password = "blue";
+Connection conn = DriverManager.getConnection("jdbc:mysql://localhost/test?" +
+                  "user=" + uname + "&amp;password=" + password); // Sensitive
 </pre>
 <h2>Compliant Solution</h2>
 <pre>
-Connection conn = null;
-try {
-  String uname = getEncryptedUser();
-  String password = getEncryptedPass();
-  conn = DriverManager.getConnection("jdbc:mysql://localhost/test?" +
-        "user=" + uname + "&amp;password=" + password);
+String username = getEncryptedUser();
+String password = getEncryptedPassword();
+Connection conn = DriverManager.getConnection("jdbc:mysql://localhost/test?" +
+                  "user=" + uname + "&amp;password=" + password);
 </pre>
 <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/">OWASP Top 10 2021 Category A7</a> - Identification and
   Authentication Failures </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A2-Broken_Authentication">OWASP Top 10 2017 Category A2</a> - Broken Authentication </li>
+  <li> <a href="https://owasp.org/www-project-top-ten/2017/A2_2017-Broken_Authentication">OWASP Top 10 2017 Category A2</a> - Broken Authentication
+  </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/798">MITRE, CWE-798</a> - Use of Hard-coded Credentials </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/259">MITRE, CWE-259</a> - Use of Hard-coded Password </li>
   <li> <a href="https://wiki.sei.cmu.edu/confluence/x/OjdGBQ">CERT, MSC03-J.</a> - Never hard code sensitive information </li>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2068.json

@@ -34,6 +34,12 @@
     ],
     "PCI DSS 4.0": [
       "6.2.4"
+    ],
+    "ASVS 4.0": [
+      "2.10.4",
+      "3.5.2",
+      "6.4.1"
     ]
-  }
+  },
+  "quickfix": "unknown"
 }

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2077.html

@@ -9,8 +9,8 @@ <h2>Ask Yourself Whether</h2>
 <p>There is a risk if you answered yes to any of those questions.</p>
 <h2>Recommended Secure Coding Practices</h2>
 <ul>
-  <li> Use <a href="https://www.owasp.org/index.php/Query_Parameterization_Cheat_Sheet">parameterized queries, prepared statements, or stored
-  procedures</a> and bind variables to SQL query parameters. </li>
+  <li> Use <a href="https://cheatsheetseries.owasp.org/cheatsheets/Query_Parameterization_Cheat_Sheet.html">parameterized queries, prepared
+  statements, or stored procedures</a> and bind variables to SQL query parameters. </li>
   <li> Consider using ORM frameworks if there is a need to have an abstract layer to access data. </li>
 </ul>
 <h2>Sensitive Code Example</h2>
@@ -73,7 +73,7 @@ <h2>Compliant Solution</h2>
 <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A03_2021-Injection/">OWASP Top 10 2021 Category A3</a> - Injection </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A1-Injection">OWASP Top 10 2017 Category A1</a> - Injection </li>
+  <li> <a href="https://owasp.org/www-project-top-ten/2017/A1_2017-Injection">OWASP Top 10 2017 Category A1</a> - Injection </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/89">MITRE, CWE-89</a> - Improper Neutralization of Special Elements used in an SQL Command
   </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/564">MITRE, CWE-564</a> - SQL Injection: Hibernate </li>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2077.json

@@ -25,10 +25,8 @@
       "IDS00-J."
     ],
     "CWE": [
-      564,
-      89,
       20,
-      943
+      89
     ],
     "OWASP": [
       "A1"
@@ -41,6 +39,13 @@
     ],
     "PCI DSS 4.0": [
       "6.2.4"
+    ],
+    "ASVS 4.0": [
+      "5.1.3",
+      "5.1.4",
+      "5.3.4",
+      "5.3.5"
     ]
-  }
+  },
+  "quickfix": "unknown"
 }

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2092.html

@@ -33,8 +33,8 @@ <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A04_2021-Insecure_Design/">OWASP Top 10 2021 Category A4</a> - Insecure Design </li>
   <li> <a href="https://owasp.org/Top10/A05_2021-Security_Misconfiguration/">OWASP Top 10 2021 Category A5</a> - Security Misconfiguration </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data Exposure
-  </li>
+  <li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
+  Exposure </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/311">MITRE, CWE-311</a> - Missing Encryption of Sensitive Data </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/315">MITRE, CWE-315</a> - Cleartext Storage of Sensitive Information in a Cookie </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/614">MITRE, CWE-614</a> - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute </li>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2092.json

@@ -35,6 +35,13 @@
     ],
     "PCI DSS 4.0": [
       "6.2.4"
+    ],
+    "ASVS 4.0": [
+      "3.4.1",
+      "6.1.1",
+      "6.1.2",
+      "6.1.3"
     ]
-  }
+  },
+  "quickfix": "unknown"
 }

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2115.json

@@ -31,6 +31,10 @@
     ],
     "PCI DSS 4.0": [
       "6.2.4"
+    ],
+    "ASVS 4.0": [
+      "9.2.2",
+      "9.2.3"
     ]
   },
   "quickfix": "unknown"

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2119.html

@@ -23,7 +23,7 @@ <h2>Exceptions</h2>
 rule.</p>
 <h2>See</h2>
 <ul>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A6-Security_Misconfiguration">OWASP Top 10 2017 Category A6</a> - Security
+  <li> <a href="https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration">OWASP Top 10 2017 Category A6</a> - Security
   Misconfiguration </li>
 </ul>
 

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2184.json

@@ -23,6 +23,9 @@
     ],
     "CWE": [
       190
+    ],
+    "ASVS 4.0": [
+      "5.4.3"
     ]
   },
   "quickfix": "unknown"

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2245.html

@@ -39,8 +39,8 @@ <h2>Compliant Solution</h2>
 <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A02_2021-Cryptographic_Failures/">OWASP Top 10 2021 Category A2</a> - Cryptographic Failures </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data Exposure
-  </li>
+  <li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
+  Exposure </li>
   <li> <a href="https://mobile-security.gitbook.io/masvs/security-requirements/0x08-v3-cryptography_verification_requirements">Mobile AppSec
   Verification Standard</a> - Cryptography Requirements </li>
   <li> <a href="https://owasp.org/www-project-mobile-top-10/2016-risks/m5-insufficient-cryptography">OWASP Mobile Top 10 2016 Category M5</a> -

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2245.json

@@ -38,6 +38,10 @@
     ],
     "OWASP Top 10 2021": [
       "A2"
+    ],
+    "ASVS 4.0": [
+      "6.2.4"
     ]
-  }
+  },
+  "quickfix": "unknown"
 }

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2254.html

@@ -24,7 +24,8 @@ <h2>Noncompliant Code Example</h2>
 <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A04_2021-Insecure_Design/">OWASP Top 10 2021 Category A4</a> - Insecure Design </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A2-Broken_Authentication">OWASP Top 10 2017 Category A2</a> - Broken Authentication </li>
+  <li> <a href="https://owasp.org/www-project-top-ten/2017/A2_2017-Broken_Authentication">OWASP Top 10 2017 Category A2</a> - Broken Authentication
+  </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/807">MITRE, CWE-807</a> - Reliance on Untrusted Inputs in a Security Decision </li>
   <li> <a href="https://www.sans.org/top25-software-errors/#cat3">SANS Top 25</a> - Porous Defenses </li>
 </ul>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2257.html

@@ -18,8 +18,8 @@ <h2>Compliant Solution</h2>
 <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A02_2021-Cryptographic_Failures/">OWASP Top 10 2021 Category A2</a> - Cryptographic Failures </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data Exposure
-  </li>
+  <li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
+  Exposure </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/327">MITRE, CWE-327</a> - Use of a Broken or Risky Cryptographic Algorithm </li>
   <li> <a href="https://www.sans.org/top25-software-errors/#cat3">SANS Top 25</a> - Porous Defenses </li>
   <li> Derived from FindSecBugs rule <a href="https://h3xstream.github.io/find-sec-bugs/bugs.htm#CUSTOM_MESSAGE_DIGEST">MessageDigest is Custom</a>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2257.json

@@ -24,6 +24,12 @@
     ],
     "OWASP Top 10 2021": [
       "A2"
+    ],
+    "ASVS 4.0": [
+      "2.9.3",
+      "6.2.2",
+      "8.3.7"
     ]
-  }
+  },
+  "quickfix": "unknown"
 }

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2612.html

@@ -61,8 +61,10 @@ <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A01_2021-Broken_Access_Control/">OWASP Top 10 2021 Category A1</a> - Broken Access Control </li>
   <li> <a href="https://owasp.org/Top10/A04_2021-Insecure_Design/">OWASP Top 10 2021 Category A4</a> - Insecure Design </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A5-Broken_Access_Control">OWASP Top 10 2017 Category A5</a> - Broken Access Control </li>
-  <li> <a href="https://www.owasp.org/index.php/Test_File_Permission_(OTG-CONFIG-009)">OWASP File Permission</a> </li>
+  <li> <a href="https://owasp.org/www-project-top-ten/2017/A5_2017-Broken_Access_Control">OWASP Top 10 2017 Category A5</a> - Broken Access Control
+  </li>
+  <li> <a
+  href="https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/09-Test_File_Permission">OWASP File Permission</a> </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/732">MITRE, CWE-732</a> - Incorrect Permission Assignment for Critical Resource </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/266">MITRE, CWE-266</a> - Incorrect Privilege Assignment </li>
   <li> <a href="https://wiki.sei.cmu.edu/confluence/display/java/FIO01-J.+Create+files+with+appropriate+access+permissions">CERT, FIO01-J.</a> -

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2612.json

@@ -37,6 +37,10 @@
     ],
     "PCI DSS 4.0": [
       "6.2.4"
+    ],
+    "ASVS 4.0": [
+      "4.3.3"
     ]
-  }
+  },
+  "quickfix": "unknown"
 }

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2647.html

@@ -19,8 +19,8 @@ <h2>Noncompliant Code Example</h2>
 <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A04_2021-Insecure_Design/">OWASP Top 10 2021 Category A4</a> - Insecure Design </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data Exposure
-  </li>
+  <li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
+  Exposure </li>
   <li> <a href="https://cheatsheetseries.owasp.org/cheatsheets/Web_Service_Security_Cheat_Sheet.html#user-authentication">OWASP Web Service Security
   Cheat Sheet</a> </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/522">MITRE, CWE-522</a> - Insufficiently Protected Credentials </li>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2647.json

@@ -30,6 +30,9 @@
     ],
     "PCI DSS 4.0": [
       "6.2.4"
+    ],
+    "ASVS 4.0": [
+      "2.10.3"
     ]
   },
   "quickfix": "unknown"

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2658.html

@@ -8,7 +8,7 @@ <h2>Noncompliant Code Example</h2>
 </pre>
 <h2>See</h2>
 <ul>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A1-Injection">OWASP Top 10 2017 Category A1</a> - Injection </li>
+  <li> <a href="https://owasp.org/www-project-top-ten/2017/A1_2017-Injection">OWASP Top 10 2017 Category A1</a> - Injection </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/470">MITRE, CWE-470</a> - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe
   Reflection') </li>
 </ul>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2755.html

@@ -2,7 +2,7 @@
 href="https://www.w3.org/TR/xml/#sec-internal-ent">internal</a> or <a href="https://www.w3.org/TR/xml/#sec-external-ent">external</a>.</p>
 <p>When parsing the XML file, the content of the external entities is retrieved from an external storage such as the file system or network, which may
 lead, if no restrictions are put in place, to arbitrary file disclosures or <a
-href="https://www.owasp.org/index.php/Server_Side_Request_Forgery">server-side request forgery (SSRF)</a> vulnerabilities.</p>
+href="https://owasp.org/www-community/attacks/Server_Side_Request_Forgery">server-side request forgery (SSRF)</a> vulnerabilities.</p>
 <p>It’s recommended to limit resolution of external entities by using one of these solutions:</p>
 <ul>
   <li> If DOCTYPE is not necessary, completely disable all DOCTYPE declarations. </li>
@@ -106,8 +106,8 @@ <h2>See</h2>
   <li> <a href="https://owasp.org/Top10/A05_2021-Security_Misconfiguration/">OWASP Top 10 2021 Category A5</a> - Security Misconfiguration </li>
   <li> <a
   href="https://docs.oracle.com/en/java/javase/13/security/java-api-xml-processing-jaxp-security-guide.html#GUID-8CD65EF5-D113-4D5C-A564-B875C8625FAC">Oracle Java Documentation</a> - XML External Entity Injection Attack </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A4-XML_External_Entities_(XXE)">OWASP Top 10 2017 Category A4</a> - XML External Entities
-  (XXE) </li>
+  <li> <a href="https://owasp.org/www-project-top-ten/2017/A4_2017-XML_External_Entities_(XXE)">OWASP Top 10 2017 Category A4</a> - XML External
+  Entities (XXE) </li>
   <li> <a href="https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#java">OWASP XXE Prevention Cheat
   Sheet</a> </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/611">MITRE, CWE-611</a> - Information Exposure Through XML External Entity Reference </li>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2755.json

@@ -30,6 +30,9 @@
     ],
     "PCI DSS 4.0": [
       "6.2.4"
+    ],
+    "ASVS 4.0": [
+      "5.5.2"
     ]
   },
   "quickfix": "infeasible"

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S3329.html

@@ -48,7 +48,7 @@ <h2>Compliant Solution</h2>
 <h2>See</h2>
 <ul>
   <li> <a href="https://owasp.org/Top10/A02_2021-Cryptographic_Failures/">OWASP Top 10 2021 Category A2</a> - Cryptographic Failures </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A6-Security_Misconfiguration">OWASP Top 10 2017 Category A6</a> - Security
+  <li> <a href="https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration">OWASP Top 10 2017 Category A6</a> - Security
   Misconfiguration </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/329">MITRE, CWE-329</a> - CWE-329: Not Using an Unpredictable IV with CBC Mode </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/330">MITRE, CWE-330</a> - Use of Insufficiently Random Values </li>