Removed rule-CLRFInjectionLogs.yml and rule-CLRFInjectionLogs.java and updated the mapping file
Issue - gitlab-org/gitlab#433054 (closed)
Removed:
- rule-CLRFInjectionLogs.yml
- rule-CLRFInjectionLogs.java
and updated the mapping file.
Reason to remove the rules:
Vulnerabilities no longer are exploitable in systems containing logging dependencies (log4j, java.util.Logger and tinylog) after 2018.
Edited by Chathumina Vimukthi