dotnet-security-guard/roslyn-security-guard

Issues

• VS2017: getting CA0064 (No analysis was performed)

  #94 opened 7 years ago by AndreyAspose
  8

• RoslynSecurityGuard.Analyzers.Taint.TaintAnalyzer

  #88 opened 7 years ago by ianp-its
  12

• Version 2.3.0 gives warnings: An instance of analyzer RoslynSecurityGuard.Analyzers.WeakPasswordValidatorPropertyAnalyzer cannot be created

  #104 opened 6 years ago by ronenfe
  0

• Custom Anayzer https://github.com/SonarSource/sonarqube-roslyn-sdk/issues/110

  #103 opened 6 years ago by sodeshpa
  0

• RoslynSecurityGuard Jar

  #102 opened 6 years ago by sodeshpa
  0

• New Rule: Detect usage of old SSL implementations in the Security Manager

  #81 opened 7 years ago by jessehouwing
  6

• Object reference not set to an instance of an object in analysis

  #30 opened 8 years ago by Mattacks
  3

• New Rule: Certificate Revocation is not validated

  #80 opened 7 years ago by jessehouwing
  1

• System.ArgumentException : An item with the same key has already been added.

  #101 opened 7 years ago by jakubsuchybio
  0

• Detect unsafe usages of JSon deserializers

  #86 opened 7 years ago by jessehouwing
  2

• [Feature request] Open redirect

  #95 opened 7 years ago by tristandostaler
  1

• New release please

  #92 opened 7 years ago by JarLob
  3

• Warnings of Uhandled Exceptions

  #99 opened 7 years ago by ronenfe
  0

• VS 2017 .net core 1 - Large number of exception from taint analyzer

  #89 opened 7 years ago by oazabir
  8

• WeakCipherModeAnalyzer broken

  #96 opened 7 years ago by quincycs
  0

• Installed in VS 2015 no issues are showing

  #93 opened 7 years ago by akhare22sandeep
  2

• SG0016 - allow user to change/add to the Token checking attribute name

  #90 opened 7 years ago by duncan-bradley
  1

• False positive Potential SQL injection with MsSQL Data Provider

  #87 opened 7 years ago by sady4850
  0

• Limit Highlighting to Just the ValidateInput Attribute for SG0017

  #75 opened 7 years ago by kyleherzog
  2

• Limit the Highlighting of Code for SG0016

  #74 opened 7 years ago by kyleherzog
  2

• InsecureCookieAnalyzer: System.NullReferenceException error

  #54 opened 8 years ago by abssd
  13

• New Rule: Using static Initialization Vector for encryption algorithms

  #79 opened 7 years ago by jessehouwing
  0

• Regex operations need timeout

  #49 opened 8 years ago by VahidN
  4

• False Positive - CSRF vulnerability on HttpPost Controller decorated with custom security tag

  #83 opened 7 years ago by VladPapacostea-SM
  1

• HttpCookie incorrectly reports SG008/SG009 when the properties are defined in-line.

  #76 opened 8 years ago by SJMakin
  0

• VB.NET support

  #61 opened 8 years ago by SJMakin
  4

• Your Taint analyzer doesn't sniff for nulls

  #65 opened 8 years ago by WillSullivan
  2

• SG0016 (CSRF) is displayed even for method not bound to a view

  #60 opened 8 years ago by xperiandri
  9

• Incomplete information on the Rules page

  #39 opened 8 years ago by vladimir-kazakov
  1

• Visual Studio 2017 support

  #55 opened 8 years ago by suttonandy
  7

• Taint Analysis : Support String.Format()

  #57 opened 8 years ago by h3xstream
  0

• Improve website documentation

  #53 opened 8 years ago by h3xstream
  0

• Allow analyzer to register to the taint analysis for custom usage

  #41 opened 8 years ago by h3xstream
  1

• License change to LGPL

  #23 opened 8 years ago by h3xstream
  2

• Additionnal misconfigurations in Web.config

  #50 opened 8 years ago by h3xstream
  0

• Defining attributes in one line

  #38 opened 8 years ago by VahidN
  1

• Xss prevention analyzer

  #40 opened 8 years ago by Siderale
  5

• NullReferenceException in OutputCacheAnnotationAnalyzer

  #42 opened 8 years ago by h3xstream
  0

• Add parameter type discriminator for ambigus API

  #44 opened 8 years ago by h3xstream
  0

• Taint Analyzer Null Reference Exception

  #28 opened 8 years ago by sjmcallister
  6

• Detect cached authorized pages

  #32 opened 8 years ago by VahidN
  7

• Crash for duplicate entries in ExecutionState AddNewValue function

  #20 opened 8 years ago by Siderale
  4

• Missing ValidateAntiForgeryToken

  #25 opened 8 years ago by h3xstream
  0

• Request validation disable

  #27 opened 8 years ago by h3xstream
  0

• Path traversal Read / Write

  #33 opened 8 years ago by h3xstream
  0

• Supress (In Source or Supressions file) does nothing

  #29 opened 8 years ago by Mattacks
  1

• Code fix for insecure cookie

  #22 opened 8 years ago by h3xstream
  0

• Detect cookie that are created without Secure/HttpOnly flag

  #18 opened 8 years ago by h3xstream
  0

• Use taint analysis for Command injection and XPath injection

  #19 opened 8 years ago by h3xstream
  0

• Implement taint analysis

  #16 opened 8 years ago by h3xstream
  0