-
### Finding Description
Stack smashing protection has not been implemented in components included in the application. When an application is compiled with stack smashing protection, a known value or …
-
### Finding Description
Stack smashing protection has not been implemented in components included in the application. When an application is compiled with stack smashing protection, a known value or …
-
## ENVIRONMENT
```
OS and Version: Win11 21H2 22000.16963.
Python Version: python 3.8.8
MobSF Version: v3.6.3Beta
```
## EXPLANATION OF THE ISSUE
```
I can check some old version of this…
-
“Block erase” should be clarified. Flash memory, a common form of wear-leveled memory, only allows reading and writing whole blocks, so requiring a block erase might be interpreted as erasing the blo…
-
I have begun mapping Nessus plugins to 800-53 controls and CCIs. The data is in a spreadsheet. so far, I have about 240 mappings. Are you interested in the data?
-
In the assurance activities, test 4 says the following:
Test 4: If any OCSP option is selected, the evaluator shall configure the OCSP server or use a man-in-the-middle tool to present a certificat…
-
Hi,
I'm consuming this repository to have an xml version of all NIAP protection profiles, PP modules and Extended Packages. I've noticed that the grammar varies between one project and the other.
…
-
### Comment:
The text claims conformance with APE_OBJ.2 and APE_REQ.2. This implies a lot of work with mapping objectives to the SPD and mapping the SFRs to the TOE objectives.
### Proposal:
Consi…
-
Once the proposal comes out for the ALC_FLR update to support EUCC/CRA, add this to the SD.
Waiting on NIAP to send this out.
-
CC:2022 supports Security Problem Definition (and thus Threats, Assumptions, etc.) in Functional Packages. NIAP may never use them, but they should be supported in the XML.