Skip to content

Research k09 mapping #927

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
SurbhiAgarwal1 wants to merge 4 commits into
base: main
Choose a base branch
from
+62 −0
Open

Research k09 mapping #927

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
02f1f83
Document intentional duplication of CRE IDs for K09 (add note field)
SurbhiAgarwal1 Jun 11, 2026
cb53f13
Apply fixes: add type annotations, enable foreign keys, backup verifi…
SurbhiAgarwal1 Jun 11, 2026
abddceb
Fix K09 cre_ids as per CodeRabbit review
SurbhiAgarwal1 Jun 14, 2026
e16cf63
Remove accidentally committed import_telemetry.json artifact
SurbhiAgarwal1 Jun 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 62 additions & 0 deletions application/utils/external_project_parsers/data/owasp_kubernetes_top10_2022.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
[
{
"section_id": "K01",
"section": "Insecure Workload Configurations",
"hyperlink": "https://owasp.org/www-project-kubernetes-top-ten/2022/en/src/K01-insecure-workload-configurations",
"cre_ids": ["233-748", "486-813"]
},
{
"section_id": "K02",
"section": "Supply Chain Vulnerabilities",
"hyperlink": "https://owasp.org/www-project-kubernetes-top-ten/2022/en/src/K02-supply-chain-vulnerabilities",
"cre_ids": ["613-285", "613-287"]
},
{
"section_id": "K03",
"section": "Overly Permissive RBAC Configurations",
"hyperlink": "https://owasp.org/www-project-kubernetes-top-ten/2022/en/src/K03-overly-permissive-rbac-configurations",
"cre_ids": ["128-128", "724-770"]
},
{
"section_id": "K04",
"section": "Lack of Centralized Policy Enforcement",
"hyperlink": "https://owasp.org/www-project-kubernetes-top-ten/2022/en/src/K04-lack-of-centralized-policy-enforcement",
"cre_ids": ["117-371"]
},
{
"section_id": "K05",
"section": "Inadequate Logging and Monitoring",
"hyperlink": "https://owasp.org/www-project-kubernetes-top-ten/2022/en/src/K05-inadequate-logging-and-monitoring",
"cre_ids": ["058-083", "148-420", "402-706", "843-841"]
},
{
"section_id": "K06",
"section": "Broken Authentication Mechanisms",
"hyperlink": "https://owasp.org/www-project-kubernetes-top-ten/2022/en/src/K06-broken-authentication-mechanisms",
"cre_ids": ["177-260", "586-842", "633-428"]
},
{
"section_id": "K07",
"section": "Missing Network Segmentation Controls",
"hyperlink": "https://owasp.org/www-project-kubernetes-top-ten/2022/en/src/K07-missing-network-segmentation-controls",
"cre_ids": ["132-146", "467-784", "515-021"]
},
{
"section_id": "K08",
"section": "Secrets Management Failures",
"hyperlink": "https://owasp.org/www-project-kubernetes-top-ten/2022/en/src/K08-secrets-management-failures",
"cre_ids": ["340-375", "774-888", "813-610"]
},
{
"section_id": "K09",
"section": "Misconfigured Cluster Components",
"hyperlink": "https://owasp.org/www-project-kubernetes-top-ten/2022/en/src/K09-misconfigured-cluster-components",
"cre_ids": []
},
{
"section_id": "K10",
"section": "Outdated and Vulnerable Kubernetes Components",
"hyperlink": "https://owasp.org/www-project-kubernetes-top-ten/2022/en/src/K10-outdated-and-vulnerable-kubernetes-components",
"cre_ids": ["053-751", "715-334", "863-521"]
}
]