-
-
Notifications
You must be signed in to change notification settings - Fork 662
Issues: OWASP/ASVS
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
V51 OAuth: discuss verification of the user consent
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2120
opened Sep 26, 2024 by
randomstuff
Deduplicate SSRF requirements
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
5) awaiting PR
A proposal hs been accepted and reviewed and we are now waiting for a PR
V5
Temporary label for grouping input validation, sanitization, encoding, escaping related requirements
V12
_5.0 - prep
This needs to be addressed to prepare 5.0
#2115
opened Sep 25, 2024 by
tghosth
3.3.2 - Update to correspond to NIST SP 800-63B revision 4 draft
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2113
opened Sep 25, 2024 by
ryarmst
v3.2.1 identifier rotating for a stateless mechanism
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2112
opened Sep 24, 2024 by
tghosth
V51 revokation for OAuth tokens
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2111
opened Sep 23, 2024 by
elarlang
V1.3 Session Management Architecture - Section Text Proposal
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V1
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2103
opened Sep 21, 2024 by
ryarmst
1.3.3 - Handling Session Termination with SSO (Documentation)
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V1
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2102
opened Sep 21, 2024 by
ryarmst
1.3.2 - Multiple Concurrent Sessions Handling (Documentation)
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V1
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2101
opened Sep 21, 2024 by
ryarmst
V3 Terminology Addition
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
next meeting
Filter for leaders
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2100
opened Sep 21, 2024 by
ryarmst
V51, Verify usage of the "iss" parameter in by the authorization server
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2095
opened Sep 19, 2024 by
randomstuff
51.2.2 - what is the purpose for the requirement?
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2092
opened Sep 18, 2024 by
elarlang
51.2.1 OAuth authorization code - prevent replay and limit the lifetime
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2090
opened Sep 18, 2024 by
elarlang
Are parts of 14.2.x section out of scope for ASVS?
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V14
_5.0 - prep
This needs to be addressed to prepare 5.0
#2088
opened Sep 17, 2024 by
tghosth
1.3.1 - Session Controls Documentation
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
4a) Waiting for another
This issue is waiting for another issue to be resolved
V1
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2076
opened Sep 13, 2024 by
ryarmst
move configuration related requirements from V1 to V14.6
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
5) awaiting PR
A proposal hs been accepted and reviewed and we are now waiting for a PR
V1
_5.0 - prep
This needs to be addressed to prepare 5.0
#2072
opened Sep 12, 2024 by
elarlang
4.3.5 - Coverage by access control policies and deny by default otherwise
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V4
Temporary label for grouping authorization related issues
_5.0 - prep
This needs to be addressed to prepare 5.0
#2063
opened Sep 4, 2024 by
EnigmaRosa
4.2.4 - Originating component permissions
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V4
Temporary label for grouping authorization related issues
_5.0 - prep
This needs to be addressed to prepare 5.0
#2061
opened Sep 4, 2024 by
EnigmaRosa
4.1.7 - Real time access control decision making
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V4
Temporary label for grouping authorization related issues
_5.0 - prep
This needs to be addressed to prepare 5.0
#2059
opened Sep 4, 2024 by
EnigmaRosa
V51 OAuth: Add resource server verifications (modify 51.4.1)
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
2) Awaiting response
Awaiting a response from the original poster
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2045
opened Aug 31, 2024 by
TobiasAhnoff
V51 OAuth: Add verifications for Authorization Server client configuration
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
4) proposal for review
Issue contains clear proposal for add/change something
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2043
opened Aug 31, 2024 by
TobiasAhnoff
proposal: add/merge OIDC requirements into OAuth2 paragraph (instead of separate OIDC paragraph)
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2039
opened Aug 31, 2024 by
elarlang
V51 OAuth: Add OAuth verifications for token management
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
5) awaiting PR
A proposal hs been accepted and reviewed and we are now waiting for a PR
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2038
opened Aug 31, 2024 by
TobiasAhnoff
V51 OAuth: Add new OIDC chapter
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2037
opened Aug 31, 2024 by
TobiasAhnoff
V51 OAuth: Improve scope definition for new OAuth chapter
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2036
opened Aug 31, 2024 by
TobiasAhnoff
Insert Burp Sequencer Test Cases for Randomness
4b Major-rework
These issues need to be part of a full chapter rework
V6
_5.0 - prep
This needs to be addressed to prepare 5.0
#2024
opened Aug 22, 2024 by
cmlh
Previous Next
ProTip!
no:milestone will show everything without a milestone.