Skip to content

Issues: OWASP/ASVS

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
65 Open 1,409 Closed
65 Open 1,409 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Review feedback from App Defense Alliance CASA 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet Community wanted We would like feedback from the community to guide our decision otherwise we will progress _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1677 opened Jul 5, 2023 by tghosth
@csfreak92
16
[Proposal] Automatically generate GH page Community wanted We would like feedback from the community to guide our decision otherwise we will progress _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#895 opened Jan 15, 2021 by josh-hemphill
@elarlang
7
Add OpenControl Format as generated output MAKEFILE _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#941 opened Mar 24, 2021 by yruss972
@vanderaj @tghosth
4
Clarify intro to "V7 Error Handling and Logging" 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V7 Temporary label for grouping logging related issues _5.0 - rc1
#1132 opened Nov 11, 2021 by mjang-cobalt
@mjang-cobalt
8
HTTP/2 is not addressed 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V13 _5.0 - prep This needs to be addressed to prepare 5.0
#1154 opened Dec 16, 2021 by svdb-ncc
@svdb-ncc
13
language code for translations translation _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1175 opened Jan 27, 2022 by elarlang
2
translators section to translated documents translation _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1179 opened Feb 1, 2022 by elarlang
4 tasks
@tghosth @elarlang
2
Unique Identifier column provided here 5) awaiting PR A proposal hs been accepted and reviewed and we are now waiting for a PR Community wanted We would like feedback from the community to guide our decision otherwise we will progress MAKEFILE _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1252 opened Apr 1, 2022 by 1songb1rd
8
Enhancement: tool to validate exports against branch enhancement _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1300 opened Jun 22, 2022 by vanderaj
@vanderaj @elarlang
3
Enhancement: markdown linting on PR Community wanted We would like feedback from the community to guide our decision otherwise we will progress enhancement _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1301 opened Jun 22, 2022 by tghosth
@vanderaj
2
Updated Excel Sheet for ASVS! 2) Awaiting response Awaiting a response from the original poster MAKEFILE _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1318 opened Jul 19, 2022 by deFr0ggy
@tghosth @deFr0ggy
8
CWE mapping will be dropped Leaders decision Big decisions, like re-structuring or concept changes _5.0 - draft This should be discussed once a 5.0 draft has been prepared.
#1481 opened Dec 27, 2022 by elarlang
@jmanico @danielcuthbert
@tghosth @elarlang
13
WebAssembly standard Community needed This issue will not be progressed without community input. Will be closed if stale. _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#708 opened Jan 30, 2020 by carllaw6885
@tghosth
28
Recheck NIST originated requirements after SP 800-63B revision 4 release V2 V3 _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1557 opened Feb 18, 2023 by elarlang
@elarlang
11
Consider Adding Feature-Policy Header Verification to ASVS 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet Community wanted We would like feedback from the community to guide our decision otherwise we will progress V50 Group issues related to Web Frontend _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1755 opened Oct 13, 2023 by ImanSharaf
@tghosth @elarlang @ImanSharaf
14
proposal: requirement for having reasonable timeouts for (external) services 3) awaiting proposal There is some discussion in issue and reach to some results but it's not concluded with clear propos Community needed This issue will not be progressed without community input. Will be closed if stale. next meeting Filter for leaders V12 _5.0 - prep This needs to be addressed to prepare 5.0
#1778 opened Nov 8, 2023 by elarlang
@elarlang
37
Section and requirement relevance questions 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet Community wanted We would like feedback from the community to guide our decision otherwise we will progress _5.0 - draft This should be discussed once a 5.0 draft has been prepared.
#1797 opened Dec 1, 2023 by tghosth
@ryarmst
3
Consideration for HTTP/3 Security 2) Awaiting response Awaiting a response from the original poster Community needed This issue will not be progressed without community input. Will be closed if stale. _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1798 opened Dec 1, 2023 by ImanSharaf
@ImanSharaf
12
Most recent artifacts 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet GH_ACTIONS MAKEFILE _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1848 opened Jan 25, 2024 by tghosth
@ike
7
lowercase vs uppercase grammar (original: 6.2.1 causes capitalization inconsistency) 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet _5.0 - draft This should be discussed once a 5.0 draft has been prepared.
#1875 opened Feb 24, 2024 by alitasdln
13
Tracking supporters _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1888 opened Mar 13, 2024 by tghosth
@tghosth
10
Link checker is temperamental and apparently deprecated GH_ACTIONS MAKEFILE _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#1990 opened Jul 10, 2024 by tghosth
@ike
13
Handle Glossary _5.0 - draft This should be discussed once a 5.0 draft has been prepared.
#2201 opened Oct 28, 2024 by tghosth
@ryarmst
1
V6 - Requirement mitigating against rerouting/Selfie attacks in when using TLS PSK authentication with group membership 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet V9 _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
#2216 opened Nov 2, 2024 by randomstuff
3
Missing requirements related to OAuth/OIDC audience injection attacks? 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet 4) proposal for review Issue contains clear proposal for add/change something V52 _5.0 - prep This needs to be addressed to prepare 5.0
#2678 opened Mar 6, 2025 by randomstuff
6
ProTip! Updated in the last three days: updated:>2025-03-06.