Data

Tools

Indexes

Applications

Experiments

Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / security-code-scan/security-code-scan issues and pull requests

#302 - Please Delete

Issue - State: closed - Opened by Fennerr over 1 year ago

#301 - Upgrade .NET Core to .NET 8 LTS

Pull Request - State: closed - Opened by cvocvo over 1 year ago - 2 comments

#301 - Upgrade .NET Core to .NET 8 LTS

Pull Request - State: closed - Opened by cvocvo over 1 year ago - 3 comments

#300 - Security Scan no longer running in AzureDevOps pipeline

Issue - State: closed - Opened by Eric1243123 over 1 year ago - 3 comments

#299 - Bump NHibernate from 4.1.2.4000 to 5.4.9 in /SecurityCodeScan.Test

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, .NET

#296 - .NET8 - No findings found

Issue - State: open - Opened by muaz-jasman almost 2 years ago

#295 - Bump Npgsql from 3.0.8 to 8.0.3 in /SecurityCodeScan.Test

Pull Request - State: open - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, .NET

#295 - Bump Npgsql from 3.0.8 to 8.0.3 in /SecurityCodeScan.Test

Pull Request - State: open - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, .NET

#289 - New exceptions thrown for SCS extension after upgrading VS

Issue - State: open - Opened by catherinelpowell over 2 years ago - 2 comments

#287 - Bump NuGet.Common from 5.6.0 to 5.11.5 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] almost 3 years ago - 1 comment
Labels: dependencies, .NET

#286 - Bump NuGet.Protocol from 5.6.0 to 5.11.5 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] almost 3 years ago - 1 comment
Labels: dependencies, .NET

#284 - Bump NuGet.Common from 5.6.0 to 6.0.5 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] almost 3 years ago - 1 comment
Labels: dependencies, .NET

#283 - Bump NuGet.Protocol from 5.6.0 to 6.0.5 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] almost 3 years ago - 1 comment
Labels: dependencies, .NET

#281 - Upload Visual Studio Code extension to Open VSX

Issue - State: closed - Opened by saerosV almost 3 years ago - 1 comment

#278 - security-scan' is not recognized as an internal or external command

Issue - State: closed - Opened by Ethan0007 about 3 years ago - 1 comment

#277 - SCS0012 after upgrading from net6.0 to net7.0

Issue - State: open - Opened by mhdejonge-tby about 3 years ago - 1 comment

#276 - Taint analysis vizualization (adding additional locations to TaintAnalyzer)

Pull Request - State: open - Opened by dbalikhin over 3 years ago - 4 comments

#275 - security-scan /your/solution.sln throws up error.

Issue - State: open - Opened by misterraj7 over 3 years ago - 5 comments

#274 - Add .net 7 support to global security-scan core tool

Pull Request - State: open - Opened by solrevdev over 3 years ago - 19 comments

#273 - Bump NuGet.Protocol from 5.6.0 to 5.9.3 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] over 3 years ago - 1 comment
Labels: dependencies, .NET

#272 - Adds a no-finding-prefix option to suppress "Found: " (Fixes #271)

Pull Request - State: closed - Opened by WaldenL over 3 years ago - 3 comments

#266 - Use latest nuget

Pull Request - State: closed - Opened by JarLob over 3 years ago

#265 - Bump NuGet.Protocol from 4.9.4 to 4.9.6+a32bce39889f724fbd11cfd12e946f802168b583 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] over 3 years ago - 1 comment
Labels: dependencies, .NET

#264 - SCS0016 False positive for ODataController

Issue - State: open - Opened by dnperfors over 3 years ago

#262 - fix-issue-261

Pull Request - State: closed - Opened by matteo-tosi over 3 years ago - 1 comment

#261 - Standalone tool with `.sln` don't start scanning

Issue - State: closed - Opened by matteo-tosi over 3 years ago

#257 - Solution Items

Issue - State: closed - Opened by mysterio2465 over 3 years ago

#256 - Bump System.Security.Cryptography.Xml from 4.5.0 to 4.7.1 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] over 3 years ago - 1 comment
Labels: dependencies, .NET

#254 - Is this project maintained

Issue - State: closed - Opened by eliassal over 3 years ago - 6 comments

#253 - Standalone can not understand shproj.

Issue - State: closed - Opened by Cestbienmoi over 3 years ago - 2 comments

#252 - Bump Microsoft.AspNetCore.Http from 2.1.0 to 2.1.22 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] over 3 years ago - 2 comments
Labels: dependencies, .NET

#251 - ReflectionTypeLoadException on startup

Issue - State: open - Opened by kbilsted over 3 years ago - 2 comments

#250 - False positive SCS0018 with DbContext inheritance

Issue - State: open - Opened by antoine-rosse over 3 years ago - 1 comment

#249 - Bump Newtonsoft.Json from 11.0.2 to 13.0.1 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] almost 4 years ago - 1 comment
Labels: dependencies, .NET

#248 - Be able to exit with non-zero error code when warnings are found

Pull Request - State: closed - Opened by saturner74 almost 4 years ago - 1 comment

#246 - Issues when using on bitbucket pipeline

Issue - State: closed - Opened by elfico almost 4 years ago - 1 comment

#245 - Not getting warnings with the sample project WebGoat.NET

Issue - State: closed - Opened by mrcnee93 almost 4 years ago - 2 comments

#244 - security-scan: command not found on Ubuntu 20.04

Issue - State: closed - Opened by abhijitparkhi1983 almost 4 years ago - 1 comment

#243 - Installation issues

Issue - State: closed - Opened by catherinelpowell almost 4 years ago - 1 comment

#242 - Do you want to report a vulnerability?

Issue - State: closed - Opened by luisuimi about 4 years ago

#241 - Create Only

Pull Request - State: closed - Opened by luisuimi about 4 years ago - 1 comment

#240 - Fix for AdditionalConfiguration being loaded and appended multiple times.

Pull Request - State: closed - Opened by mhdejonge about 4 years ago - 1 comment

#239 - Can't add custom sanitizers to config file for DotNet Core Tool.

Issue - State: closed - Opened by mhdejonge about 4 years ago - 1 comment

#237 - Guna

Issue - State: closed - Opened by Kavi5361guna about 4 years ago

#236 - Running security-code-scan on Linux docker with GitLab

Issue - State: closed - Opened by dennys over 4 years ago

#235 - Dotnet Tool doesn't like F# projects

Issue - State: closed - Opened by BennieCopeland over 4 years ago - 3 comments

#234 - test pr

Pull Request - State: closed - Opened by JarLob over 4 years ago

#233 - Support VS 2019 and 2022

Pull Request - State: closed - Opened by dbalikhin over 4 years ago - 2 comments

#232 - Add .net 6 support to global security-scan core tool.

Pull Request - State: closed - Opened by dbalikhin over 4 years ago - 1 comment

#231 - dotnet6 support

Issue - State: closed - Opened by tj-spyro over 4 years ago

#229 - Which NuGet Package for VSCode?

Issue - State: closed - Opened by Tiberriver256 over 4 years ago - 2 comments

#228 - New Release in Nuget

Issue - State: closed - Opened by MarlonMrN over 4 years ago - 1 comment

#227 - Visual Studio 2022 Support

Issue - State: closed - Opened by WizX20 over 4 years ago

#226 - Running security-code-scan on linux

Issue - State: closed - Opened by juli1 over 4 years ago - 2 comments

#223 - Results should be normalized for parsing

Issue - State: closed - Opened by MarlonMrN over 4 years ago - 8 comments

#222 - Extension consuming all available memory

Issue - State: closed - Opened by jonataspc over 4 years ago - 1 comment

#221 - Investigate if double scanning with SCS tool can be avoided

Issue - State: open - Opened by JarLob over 4 years ago

#220 - Bump System.Text.RegularExpressions from 4.3.0 to 4.3.1 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] over 4 years ago - 1 comment
Labels: dependencies

#219 - How to scan netframework from the cmdline?

Issue - State: closed - Opened by MarlonMrN over 4 years ago - 1 comment

#218 - nuget 5.2.1 Warning CS8032

Issue - State: closed - Opened by denhaandrei over 4 years ago - 6 comments

#217 - .Net Framework 4.8 can't finde Sql Injection

Issue - State: closed - Opened by kkman021 over 4 years ago - 5 comments

#216 - Insecure Cookie not reported with AppendCookie/SetCookie

Issue - State: open - Opened by mus65 over 4 years ago

#215 - Add new issues and customizable content without recompiling

Issue - State: open - Opened by wisec over 4 years ago

#214 - Missing full documentation on YAML rules

Issue - State: open - Opened by wisec over 4 years ago

#213 - Document Config File Version Increment

Issue - State: closed - Opened by richardlawley over 4 years ago - 1 comment

#212 - Raise a warning on detection of usage of insecure configuration options

Issue - State: closed - Opened by righettod almost 5 years ago - 3 comments

#211 - ResolveComReference error not continuing Security Code Scan

Issue - State: closed - Opened by intersectRaven almost 5 years ago - 1 comment

#210 - SecurityCodeScan.exe process never finish

Issue - State: closed - Opened by jankonikola93 almost 5 years ago - 5 comments

#209 - Setup dependabot.

Pull Request - State: closed - Opened by AraHaan almost 5 years ago - 2 comments

#208 - Update YamlDotNet

Issue - State: closed - Opened by AraHaan almost 5 years ago - 4 comments

#207 - SQL Injection Detection .Net Core

Issue - State: closed - Opened by stefanlagrange almost 5 years ago - 4 comments

#206 - How to define safe methods/sanitizers in custom configuration

Issue - State: closed - Opened by MigueZS almost 5 years ago - 3 comments

#205 - Add the Guid's constructor as a sanitizer

Pull Request - State: closed - Opened by WaldenL almost 5 years ago - 1 comment

#204 - Bump System.Text.Encodings.Web from 4.5.0 to 4.5.1 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] almost 5 years ago - 1 comment
Labels: dependencies

#203 - Bump System.Net.Http from 4.3.0 to 4.3.4 in /SecurityCodeScan.Test

Pull Request - State: closed - Opened by dependabot[bot] almost 5 years ago - 1 comment
Labels: dependencies

#201 - Project exclusion does not work with unsupported project types, e.g. sqlproj

Issue - State: closed - Opened by mrmartan almost 5 years ago - 31 comments

#200 - Is this framework version dependent? Which should we use? (Net core 3.1 support)

Issue - State: closed - Opened by MarlonMrN almost 5 years ago - 23 comments

#199 - MSBuild error during run of SCS

Issue - State: closed - Opened by ghost almost 5 years ago - 9 comments

#198 - SecurityCodeScan.V2019 fails with enforced dotnet-sdk 3.1.407 in global.json

Issue - State: closed - Opened by cmenzi almost 5 years ago - 4 comments

#197 - False Positive SCS0015: Hardcoded value in 'byte[] SymmetricAlgorithm.Key'

Issue - State: closed - Opened by watfordgnf almost 5 years ago - 2 comments

#196 - Missing dependencies in the nuget package?

Issue - State: closed - Opened by ghandmann about 5 years ago - 4 comments

#194 - CWE in SARIF

Issue - State: open - Opened by JarLob about 5 years ago

#190 - No SCS0029 (XSS) on return from an action

Issue - State: open - Opened by dan-neumegen-xero about 5 years ago - 3 comments

#189 - [Improvement] Flag CORS misconfigurations

Issue - State: open - Opened by Recurse-blip about 5 years ago

#187 - False positive SCS0018

Issue - State: closed - Opened by harshwPro about 5 years ago - 1 comment

#186 - Reciving SCS012 even though MapControllers().RequireAuthorization() is set

Issue - State: closed - Opened by r3dr4gon about 5 years ago - 2 comments

#185 - add CWE and CWE_url

Pull Request - State: closed - Opened by SPoint42 about 5 years ago - 3 comments