rspec/rules/S6350/see.adoc

== See

* https://owasp.org/Top10/A03_2021-Injection/[OWASP Top 10 2021 Category A3] - Injection
* https://owasp.org/www-project-top-ten/2017/A1_2017-Injection[OWASP Top 10 2017 Category A1] - Injection
* https://cwe.mitre.org/data/definitions/88[MITRE, CWE-88] - Argument Injection or Modification
* https://blog.sonarsource.com/php-supply-chain-attack-on-composer[CVE-2021-29472] - PHP Supply Chain Attack on Composer
Create rule S6350: Constructing arguments of system commands from user input is security-sensitive (#260) * Create rule S6350 * Update description * Add code samples * Make stdin more verbose * Make stdin more verbose * Update recommended * Improve description * Extend ask yourself * Add compliant solutions and rename tainted variables * Add input var * Add link to blog post * Use find as example * Update csharp example * Add OWASP Top 10 2021 mapping * add missing message * fix metadata * Use type-safe in_array for PHP Co-authored-by: hendrik-buchwald-sonarsource <hendrik-buchwald-sonarsource@users.noreply.github.com> Co-authored-by: Hendrik Buchwald <hendrik.buchwald@sonarsource.com> Co-authored-by: Pierre-Loup Tristant <pierre-loup.tristant@sonarsource.com> Co-authored-by: eric-therond-sonarsource <eric.therond@sonarsource.com> Co-authored-by: Roberto Orlandi <71495874+roberto-orlandi-sonarsource@users.noreply.github.com> 2021-11-09 15:01:30 +01:00			`== See`

			`* https://owasp.org/Top10/A03_2021-Injection/[OWASP Top 10 2021 Category A3] - Injection`
Modify: Fix old/broken embedded links (#1100) 2022-07-08 13:58:56 +02:00			`* https://owasp.org/www-project-top-ten/2017/A1_2017-Injection[OWASP Top 10 2017 Category A1] - Injection`
RULEAPI-755 Update CWE URLs by removing .html suffix and update with https protocol (#926) * Change affects only see.adoc and rule.adoc files, not comments-and-links.adoc files 2022-04-07 08:53:59 -05:00			`* https://cwe.mitre.org/data/definitions/88[MITRE, CWE-88] - Argument Injection or Modification`
Create rule S6350: Constructing arguments of system commands from user input is security-sensitive (#260) * Create rule S6350 * Update description * Add code samples * Make stdin more verbose * Make stdin more verbose * Update recommended * Improve description * Extend ask yourself * Add compliant solutions and rename tainted variables * Add input var * Add link to blog post * Use find as example * Update csharp example * Add OWASP Top 10 2021 mapping * add missing message * fix metadata * Use type-safe in_array for PHP Co-authored-by: hendrik-buchwald-sonarsource <hendrik-buchwald-sonarsource@users.noreply.github.com> Co-authored-by: Hendrik Buchwald <hendrik.buchwald@sonarsource.com> Co-authored-by: Pierre-Loup Tristant <pierre-loup.tristant@sonarsource.com> Co-authored-by: eric-therond-sonarsource <eric.therond@sonarsource.com> Co-authored-by: Roberto Orlandi <71495874+roberto-orlandi-sonarsource@users.noreply.github.com> 2021-11-09 15:01:30 +01:00			`* https://blog.sonarsource.com/php-supply-chain-attack-on-composer[CVE-2021-29472] - PHP Supply Chain Attack on Composer`