lib/brakeman/report/config/remediation.yml
---
basic_auth_password: 300000
cross_site_scripting: 300000
xss_content_tag: 300000
CVE_2014_3514_call: 600000
all_default_routes: 2000000
unsafe_deserialize: 2000000
local_request_config: 100000
CVE_2012_3424: 4000000
CVE_2011_2932: 8000000
code_eval: 2000000
command_injection: 2000000
file_access: 2000000
CVE_2014_7829: 4000000
CVE_2011_2929: 4000000
csrf_protection_disabled: 4000000
CVE_2013_6414: 4000000
CVE_2013_4491: 4000000
CVE_2013_1856: 4000000
CVE_2015_3226: 4000000
CVE_2013_0333: 4000000
xss_link_to: 300000
xss_link_to_href: 300000
CVE_2011_0446: 300000
mass_assign_call: 2000000
dangerous_attr_accessible: 2000000
no_attr_accessible: 2000000
CVE_2013_0277: 2000000
CVE_2010_3933: 4000000
CVE_2014_0081: 300000
CVE_2011_2930: 600000
open_redirect: 300000
regex_dos: 600000
dynamic_render_path: 4000000
CVE_2014_0082: 4000000
cross_site_scripting_inline: 600000
CVE_2011_3186: 2000000
safe_buffer_vuln: 4000000
CVE_2013_1855: 4000000
CVE_2013_1857: 4000000
CVE_2012_3463: 600000
select_options_vuln: 4000000
dangerous_send: 600000
session_key_manipulation: 600000
http_cookies: 600000
session_secret: 600000
secure_cookies: 600000
CVE_2013_6416: 600000
CVE_2012_3464: 4000000
csrf_blacklist: 300000
auth_blacklist: 300000
sql_injection: 1200000
CVE-2012-2660: 4000000
CVE-2012-2661: 4000000
CVE-2012-2695: 4000000
CVE-2012-5664: 4000000
CVE-2013-0155: 4000000
CVE-2013-6417: 4000000
CVE-2014-3482: 4000000
CVE-2014-3483: 4000000
ssl_verification_bypass: 2500000
CVE_2011_2931: 4000000
unsafe_symbol_creation: 300000
translate_vuln: 300000
unsafe_constantize: 600000
unscoped_find: 300000
validation_regex: 300000
mass_assign_without_protection: 600000
CVE_2015_3227: 4000000
CVE_2013_0156: 4000000
weak_hash_digest: 800000