-
-
Notifications
You must be signed in to change notification settings - Fork 658
Issues: OWASP/ASVS
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
V51 revokation for OAuth tokens
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2111
opened Sep 23, 2024 by
elarlang
V51 - OAuth - sender-contrained refresh tokens
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2110
opened Sep 23, 2024 by
elarlang
V51 - OAuth - confidential client
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2109
opened Sep 23, 2024 by
elarlang
V1.3 Session Management Architecture - Section Text Proposal
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V1
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2103
opened Sep 21, 2024 by
ryarmst
1.3.3 - Handling Session Termination with SSO (Documentation)
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V1
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2102
opened Sep 21, 2024 by
ryarmst
1.3.2 - Multiple Concurrent Sessions Handling (Documentation)
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V1
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2101
opened Sep 21, 2024 by
ryarmst
V3 Terminology Addition
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2100
opened Sep 21, 2024 by
ryarmst
V51, Verify usage of the "iss" parameter in by the authorization server
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2095
opened Sep 19, 2024 by
randomstuff
51.2.2 - what is the purpose for the requirement?
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2092
opened Sep 18, 2024 by
elarlang
51.2.1 OAuth authorization code - prevent replay and limit the lifetime
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2090
opened Sep 18, 2024 by
elarlang
Are parts of 14.2.x section out of scope for ASVS?
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V14
_5.0 - prep
This needs to be addressed to prepare 5.0
#2088
opened Sep 17, 2024 by
tghosth
1.3.1 - Session Controls Documentation
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V1
V3
_5.0 - prep
This needs to be addressed to prepare 5.0
#2076
opened Sep 13, 2024 by
ryarmst
move configuration related requirements from V1 to V14.6
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V1
V14
_5.0 - prep
This needs to be addressed to prepare 5.0
#2072
opened Sep 12, 2024 by
elarlang
1.4.7 - Access Control Documentation
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V1
V4
Temporary label for grouping authorization related issues
_5.0 - prep
This needs to be addressed to prepare 5.0
#2065
opened Sep 4, 2024 by
EnigmaRosa
4.3.5 - Coverage by access control policies and deny by default otherwise
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V4
Temporary label for grouping authorization related issues
_5.0 - prep
This needs to be addressed to prepare 5.0
#2063
opened Sep 4, 2024 by
EnigmaRosa
4.2.4 - Originating component permissions
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V4
Temporary label for grouping authorization related issues
_5.0 - prep
This needs to be addressed to prepare 5.0
#2061
opened Sep 4, 2024 by
EnigmaRosa
4.1.7 - Real time access control decision making
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V4
Temporary label for grouping authorization related issues
_5.0 - prep
This needs to be addressed to prepare 5.0
#2059
opened Sep 4, 2024 by
EnigmaRosa
V51 OAuth: Add new OIDC Authorization Server verifications
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
2) Awaiting response
Awaiting a response from the original poster
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2047
opened Aug 31, 2024 by
TobiasAhnoff
V51 OAuth: Add resource server verifications (modify 51.4.1)
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
2) Awaiting response
Awaiting a response from the original poster
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2045
opened Aug 31, 2024 by
TobiasAhnoff
V51 OAuth: Add client verifications
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2044
opened Aug 31, 2024 by
TobiasAhnoff
V51 OAuth: Add verifications for Authorization Server client configuration
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2043
opened Aug 31, 2024 by
TobiasAhnoff
V51 OAuth: Add verification for PAR
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2042
opened Aug 31, 2024 by
TobiasAhnoff
V51 OAuth: Add code and PKCE related verifications
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2041
opened Aug 31, 2024 by
TobiasAhnoff
proposal: add/merge OIDC requirements into OAuth2 paragraph (instead of separate OIDC paragraph)
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2039
opened Aug 31, 2024 by
elarlang
V51 OAuth: Add OAuth verifications for token management
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V51
Group issues related to OAuth
_5.0 - prep
This needs to be addressed to prepare 5.0
#2038
opened Aug 31, 2024 by
TobiasAhnoff
Previous Next
ProTip!
Updated in the last three days: updated:>2024-09-20.