kics icon indicating copy to clipboard operation
kics copied to clipboard
verified publisher icon Checkmarx

bug(openapi): operationScheme tags shown as missing required fields

Open UncleGoogle opened this issue 1 year ago • 0 comments

Found a bug? You're welcome to GitHub Discussions

Using gitlab integrartion, false positive is raised that tags are missing required fields for this kind of the openapi schema

swagger: '2.0'
paths:
  /v1/getX:
    get:
      tags:
      - data_sources
      - v1

From docs operationSchema tags are list of strings. Note that this is a different object than root level tags. https://swagger.io/specification/v2/

Expected Behavior

no error

Actual Behavior

(from gitlab sast report artifact)

        {
            "id": "91e8e47733a87adce77d6ff58f67a8755e9471fc8ea7ac008f24bd82e0a2b7f4",
            "category": "sast",
            "name": "OpenAPI Object should contain all of its required fields",
            "description": "tags is missing required fields",
            "cve": "kics_id:5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275:1086:0",
            "severity": "Info",
            "scanner": {
                "id": "kics",
                "name": "kics"
            },
            "location": {
                "file": "terraform/environments/xes/openapi_config.yaml",
                "start_line": 1086
            },
            "identifiers": [
                {
                    "type": "kics_id",
                    "name": "Object Without Required Property (v2)",
                    "value": "5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275",
                    "url": "https://swagger.io/specification/v2/"
                }
            ]
        },

Specifications

  • Version: GitLab kics analyzer v4.1.13

UncleGoogle avatar Apr 22 '24 10:04 UncleGoogle