Issues · security-code-scan/security-code-scan

security-code-scan / security-code-scan Public

Notifications
Fork 135
Star 740

Code
Issues 34
Pull requests
Discussions
Actions
Projects
Security
Insights

Code
Issues
Pull requests
Discussions
Actions
Projects
Security
Insights

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

34 Open 139 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated

Most reactions

Investigate if double scanning with SCS tool can be avoided

#221 opened Aug 5, 2021 by JarLob

nuget 5.2.1 Warning CS8032

#218 opened Jul 28, 2021 by denhaandrei

3 of 11 tasks

Insecure Cookie not reported with AppendCookie/SetCookie

#216 opened Jul 19, 2021 by mus65

3 of 11 tasks

Add new issues and customizable content without recompiling

#215 opened Jul 15, 2021 by wisec

Missing full documentation on YAML rules

#214 opened Jul 15, 2021 by wisec

Missing dependencies in the nuget package?

#196 opened Mar 23, 2021 by ghandmann

CWE in SARIF

#194 opened Mar 21, 2021 by JarLob

2 tasks

No SCS0029 (XSS) on return from an action

#190 opened Mar 3, 2021 by dan-neumegen-xero

[Improvement] Flag CORS misconfigurations

#189 opened Mar 3, 2021 by Recurse-blip

Superseded web.config files (a cause for false positives)

#170 opened Jun 2, 2020 by mrstarware

Investigate if .Redirect should be always html escaped to prevent dom xss

#95 opened Nov 23, 2018 by JarLob

Reverse type checking logic enhancement

#91 opened Nov 8, 2018 by JarLob

Add HandleProcessCorruptedStateExceptions attribute check

#75 opened Aug 6, 2018 by JarLob

False positive when serializing with XmlSerializer false positive

#68 opened Jul 17, 2018 by JarLob

Hardcoded field value should be handled by taint as it is already in property case enhancement

#63 opened Jul 5, 2018 by JarLob

Expand weak cipher and hash analyzers enhancement

#45 opened Apr 26, 2018 by JarLob

Warnings on deserialization where only one argument of two is tainted auditing mode false positive

#44 opened Apr 24, 2018 by JarLob

2 tasks

Detect if encryptionPolicy is set to None enhancement

#36 opened Apr 11, 2018 by JarLob

Detect if checkCertificateName is disabled enhancement

#35 opened Apr 11, 2018 by JarLob

Detect when certificateValidationMode is set to None or Custom enhancement

#34 opened Apr 11, 2018 by JarLob

Detect RemoteCertificateValidationCallback enhancement

#33 opened Apr 11, 2018 by JarLob

Detect when RequestValidator is extended for auditing mode auditing mode enhancement

#32 opened Apr 11, 2018 by JarLob

Add ValidateRequestMode aspx analyzer enhancement

#31 opened Apr 11, 2018 by JarLob

Add IgnorableServerCertificateErrors.Add warning enhancement

#30 opened Apr 11, 2018 by JarLob

Nuget package install.ps1 should add <AdditionalFileItemNames> enhancement

#28 opened Apr 11, 2018 by JarLob

Previous 1 2 Next

Previous Next

ProTip! Adding no:label will show everything without a label.