jensdietrich xshady issues

jensdietrich / xshady

vulnerabilities found in shaded projects

Apache License 2.0

5 stars 2 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Upload missing scan results used for Table 4 in the paper

#42 wtwhite closed 2 months ago
2
for some CVEs /scan-results are missing

#41 jensdietrich closed 2 months ago
2
`snyk` can hang

#40 wtwhite opened 11 months ago
1
Automatically sum stats*.log into summed_stats.log after finishing

#39 wtwhite closed 11 months ago
0
Enable adding shadedetector command-line options to the Makefile easily, and record them

#38 wtwhite closed 11 months ago
0
Fix test for CVE-2019-0225

#37 wtwhite closed 11 months ago
1
CVE-2019-0225: articleId in pov-project.json != articleId in pom.xml, also version should already be patched

#36 wtwhite closed 11 months ago
2
Improve shadedetector run script generator

#35 wtwhite closed 11 months ago
0
Make `fixVersion` metadata field optional and add final CVE's metadata

#34 wtwhite closed 11 months ago
0
Add more metadata

#33 wtwhite closed 11 months ago
0
No possible `fixVersion` exists for `CVE-2019-0225`

#32 wtwhite closed 11 months ago
1
Metadata for CVE-2015-7501

#31 wtwhite closed 11 months ago
0
Metadata for CVE-2015-6420

#30 wtwhite closed 11 months ago
1
Record JDK version in metadata

#29 wtwhite closed 11 months ago
0
Add 11 `pov-project.json`s with `fixedVersion`s

#28 wtwhite closed 11 months ago
1
Tooling for generating Tim's shadedetector run scripts

#27 wtwhite closed 11 months ago
0
Update pom.xml to later version (1.30) that is still vulnerable

#26 wtwhite closed 11 months ago
0
Add environment information to pov-project.json metadata

#25 wtwhite closed 11 months ago
2
add pov-project.json to all projects

#24 jensdietrich closed 11 months ago
1
Make CVE-2021-44228 test succeed as intended even when not root

#23 wtwhite closed 11 months ago
0
CVE-2021-44228 test should succeed on vulnerable artifacts but fails for an irrelevant reason

#22 wtwhite closed 11 months ago
2
Make artifact name in pov-project.json agree with pom.xml

#21 wtwhite closed 1 year ago
0
`Error: Can't use 'tar -xzf' extract archive file` from GitHub Actions validation

#20 wtwhite opened 1 year ago
0
Rename `testSignal` field to `testSignalWhenVulnerable`

#19 wtwhite closed 1 year ago
2
Actually add CVE-2016-0779 PoV. Fail->Succeed on 1.7.3->1.7.4 and 7.0.0-M2->7.0.0-M3

#18 wtwhite closed 1 year ago
0
Maven Central Repo missing CVE-2016-0779 vulnerability info for Apache Tomcat

#17 wtwhite opened 1 year ago
4
Add CVE-2016-0779

#16 wtwhite closed 1 year ago
2
Unreviewed GHSAs missing from all.zip, and from its likely source API

#15 wtwhite opened 1 year ago
1
Fix a couple of leftover occurrences of `vulnableVersions`

#14 wtwhite closed 1 year ago
0
PoV project POM should include vulnerable version

#13 alexjordan closed 1 year ago
0
Fix typo

#12 alexjordan closed 1 year ago
0
pov-project structure

#11 jensdietrich opened 1 year ago
5
Add URL references to CVE-2018-1324

#10 alexjordan closed 1 year ago
0
Add references to JSON metadata format

#9 alexjordan closed 1 year ago
2
Add CVE-2018-1324

#8 alexjordan closed 1 year ago
0
Add CVE-2017-15717

#7 wtwhite closed 1 year ago
0
5 CVE-2016-5394 POV fails the same way before and after vuln fixed

#6 wtwhite closed 1 year ago
0
CVE-2016-5394 POV fails the same way before and after vuln fixed

#5 wtwhite closed 1 year ago
0
Add CVE-2016-6798

#4 wtwhite closed 1 year ago
0
Metadata format for PoV projects

#3 alexjordan closed 1 year ago
2
Add CVE-2018-1002201

#2 alexjordan closed 1 year ago
0
Add org.json:json vulnerability CVE-2022-45688

#1 alexjordan closed 1 year ago
1