Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-14442

Add CWE Top 25 security report

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 8.8
    • Component/s: None
    • Labels:
      None
    • Edition:
      Enterprise
    • Production Notes:
      None

      Description

      Add CWE Top 25 security report 2019, 2020.
      Links to reports:

      Technical notes:
      Frontend:

      Add one new Tab for CWE Top 25 to the Security Reports page:

      • Display a dropdown to let the user select the version, 2019 or 2020 (default)
      • Display the list of CWE in order, with their rank, following the appropriate version (selected by the user)
      • Include a link to Mitre's website

      See attachment for reference.

      Backend:
      Modify “api/security_report”:

      • Add ‘cweTop25’ value for parameter standard
      • Use category field in a response to distinguish years of cwe reports.

        Attachments

          Activity

            People

            Assignee:
            jeremy.davis Jeremy Davis
            Reporter:
            jacek.poreda Jacek Poreda
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Due:
              Created:
              Updated:
              Resolved: