Skip to content

Issues: OWASP/ASVS

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

67 Open 1,394 Closed
67 Open 1,394 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

OAuth/OIDC - different levels for public and confidential clients 3) awaiting proposal There is some discussion in issue and reach to some results but it's not concluded with clear propos V51 Group issues related to OAuth _5.0 - draft This should be discussed once a 5.0 draft has been prepared.
#2637 opened Feb 20, 2025 by tghosth
@elarlang
3
OAuth 2.0 V51 - Sanity Check Comments/Suggestions for v.5.0 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V51 Group issues related to OAuth _5.0 - rc1
#2621 opened Feb 18, 2025 by csfreak92
Device code flow phishing 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V2 _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#2618 opened Feb 15, 2025 by jmanico
2
Session Management V3 - Sanity Check Comments/Suggestions for v.5.0 5) awaiting PR A proposal hs been accepted and reviewed and we are now waiting for a PR V3 _5.0 - rc1
#2610 opened Feb 12, 2025 by csfreak92
@csfreak92
7
Authentication V2 - Sanity Check Comments/Suggestions for v.5.0 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V2 _5.0 - rc1
#2609 opened Feb 12, 2025 by csfreak92
Web APIs V13 - Sanity Check Comments/Suggestions for v.5.0 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V13 _5.0 - rc1
#2607 opened Feb 12, 2025 by csfreak92
Inconsistent requirements about number of bits of security 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V6 _5.0 - prep This needs to be addressed to prepare 5.0
#2595 opened Feb 10, 2025 by randomstuff
1
Secure Coding V10 - Sanity Check Comments/Suggestions for v.5.0 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V10 _5.0 - rc1
#2594 opened Feb 10, 2025 by csfreak92
5
Files and Resources V12 - Sanity Check Comments/Suggestions for v.5.0 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V12 _5.0 - rc1
#2593 opened Feb 10, 2025 by csfreak92
6
Configuration V14 - Sanity Check Comments/Suggestions for v.5.0 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V14 _5.0 - rc1
#2592 opened Feb 10, 2025 by csfreak92
2
Business Logic V11 - Sanity Check Comments/Suggestions for v.5.0 3) awaiting proposal There is some discussion in issue and reach to some results but it's not concluded with clear propos V11 _5.0 - rc1
#2585 opened Feb 7, 2025 by csfreak92
@csfreak92
6
ASVS v5.0 Overall Sanity Check _5.0 - draft This should be discussed once a 5.0 draft has been prepared.
#2582 opened Feb 7, 2025 by csfreak92
@csfreak92
V5 chapter texts - move input validation parts to correct place V5 Temporary label for grouping input validation, sanitization, encoding, escaping related requirements _5.0 - rc1
#2580 opened Feb 6, 2025 by elarlang
@tghosth @elarlang
9
V2 chapter texts V2 _5.0 - rc1
#2568 opened Feb 5, 2025 by elarlang
7
Approve Poly1305 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#2562 opened Feb 1, 2025 by randomstuff
4
ASVS v5.0 release checklist - rough workings _5.0 - rc1
#2555 opened Jan 29, 2025 by tghosth
1 of 31 tasks
2
Must vs should _5.0 - draft This should be discussed once a 5.0 draft has been prepared.
#2554 opened Jan 29, 2025 by elarlang
Reordering chapters 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet _5.0 - rc1
#2553 opened Jan 29, 2025 by elarlang
Feedback about approved KEX schemes 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#2514 opened Jan 8, 2025 by randomstuff
1
Feedback about approved MAC algorithms 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#2513 opened Jan 8, 2025 by randomstuff
Feedback about hash functions 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#2512 opened Jan 8, 2025 by randomstuff
Requirement about key wrapping 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#2511 opened Jan 8, 2025 by randomstuff
3
Crypto appendix AEGIS 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#2510 opened Jan 8, 2025 by randomstuff
Feedback about recommended AES modes 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#2509 opened Jan 8, 2025 by randomstuff
4
Cryptography - suggested verification of Diffie-Hellman points 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details Bart Preneel Issues raised from a crypto review by Bart Preneel (received via Aram H) _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#2501 opened Jan 2, 2025 by randomstuff
@danielcuthbert
16
ProTip! no:milestone will show everything without a milestone.