issues
search
OWASP
/
ASVS
Application Security Verification Standard
Creative Commons Attribution Share Alike 4.0 International
2.76k
stars
671
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Remove duplicate req to resolve #2402
#2404
danielcuthbert
closed
11 hours ago
0
Move default accounts to 14.1 to resolve #2394 (@elarlang to review)
#2403
tghosth
closed
11 hours ago
0
New 6.6.1 and 6.6.5 are duplicates
#2402
tghosth
closed
11 hours ago
1
Requirement for managing user consents
#2401
elarlang
opened
1 day ago
5
Crypto appendix - mention missing mechanisms
#2400
randomstuff
closed
9 hours ago
1
Crypto appendix: allow HMAC-SHA-1
#2399
randomstuff
closed
9 hours ago
2
Appendix Crypto - Allowed mechanisms and requirement levels
#2398
randomstuff
opened
1 day ago
2
V51, Add requirements about user consent
#2397
randomstuff
closed
1 day ago
2
V6 - Requirement about UUIDs and CSPRNG
#2396
randomstuff
opened
1 day ago
10
V1.6.5 - Unclear "cryptographic discovery mechanism"
#2395
randomstuff
opened
2 days ago
0
2.5.4 doesn't relate to credential recovery
#2394
tghosth
closed
11 hours ago
6
V6 corrections
#2393
elarlang
closed
2 days ago
0
Move secret management to configuration chapter to resolve #2130
#2392
tghosth
closed
2 days ago
0
Try and slightly clarify scope of chapters to resolve #2375
#2391
tghosth
closed
2 days ago
1
Fix backend/back-end terminology
#2390
tghosth
opened
2 days ago
1
Updates to section 1.6
#2389
tghosth
closed
2 days ago
0
Add requirement about validation of client mTLS certificate
#2388
randomstuff
closed
2 days ago
0
Clarify 6.7.1
#2387
tghosth
closed
2 days ago
0
Clarify 6.6.5
#2386
tghosth
closed
2 days ago
0
Area51 vol13 feat V3
#2385
elarlang
closed
2 days ago
4
Where to move or what to do with V3.5 section (tokens section in session management chapter)
#2384
elarlang
opened
4 days ago
24
Area51 vol12
#2383
elarlang
closed
4 days ago
1
added encrypted client hello to 9.4
#2382
danielcuthbert
closed
4 days ago
0
V5 Why is Sanitation or Deny-list not recommended
#2381
timurozkul
closed
4 days ago
10
Crypto appendix - mention missing mechanisms
#2380
randomstuff
opened
4 days ago
5
Abstract requirement for "tokens can be used only for the intended usage" (move or duplicate 51.1.1)
#2379
elarlang
closed
2 days ago
8
#2111 - correct references between 5.3.1 and 51.2.14
#2378
elarlang
closed
6 days ago
0
Add 3.5.7 to resolve 2362
#2377
ryarmst
closed
1 week ago
0
V1.6 cleanup from non-documentation requirements
#2376
elarlang
closed
2 days ago
12
V6 - "Stored cryptography" vs "cryptography"
#2375
randomstuff
closed
2 days ago
5
Crypto appendix - give alias names for groups
#2374
randomstuff
opened
1 week ago
2
V3 updates
#2373
elarlang
closed
1 week ago
0
Update 3.5.3 to resolve 2184
#2372
ryarmst
closed
1 week ago
1
Dc v6 patch3
#2371
danielcuthbert
closed
3 days ago
0
aud restriction for access token, closes #2182
#2369
elarlang
closed
1 week ago
0
V3 - Move and update 3.2.5
#2368
ryarmst
closed
1 week ago
7
fix for issue #2366
#2367
danielcuthbert
closed
1 week ago
0
Small change to 6.2.1
#2366
jmanico
closed
1 week ago
2
[IN PROGRESS] Improve front text
#2365
tghosth
opened
1 week ago
0
who stole the table header?
#2364
elarlang
closed
1 week ago
0
Add token requirement for intented audience
#2363
TobiasAhnoff
closed
2 days ago
19
Add token requirement - key material from a trusted source
#2362
TobiasAhnoff
closed
1 week ago
14
Add access token requirement for preventing "key confusion"
#2361
TobiasAhnoff
opened
1 week ago
13
Modify 3.5.5 - split key confusion part to a separate requirement
#2360
TobiasAhnoff
opened
1 week ago
11
Issue #2358 for ECH
#2359
danielcuthbert
closed
4 days ago
1
V6 Cryptography - requirement for Encrypted Client Hello (ECH)
#2358
danielcuthbert
closed
4 days ago
14
Added 9.2.6 to resolve 2309
#2357
ryarmst
closed
2 weeks ago
0
remove v3 from NIST to resolve #2355
#2356
tghosth
closed
2 weeks ago
0
Remove NIST references from V3
#2355
tghosth
closed
2 weeks ago
0
Include risk of malicious lockout to resolve #2134
#2354
tghosth
closed
2 weeks ago
0
Next